Regelmäßige Spitzenauslastung des Drahtlosnetzwerks im Task Manager

qwery · 20.07.2015, 18:10

Hallo!

Ich habe einige Probleme mit meinem Laptop und mache mir Sorgen, dass ich mir einen Trojaner oder was Ähnliches eingefangen habe.

1. Ich habe mit dem Task Manager festgestellt, dass die Netzwerkauslastung immer wieder mal (etwa alle 30Sekunden, manchmal öfter, manchmal weniger oft) für einen Moment von quasi Null auf 100% ansteigt. Was kann das bedeuten?

2. Mein Laptop wird in den letzten Wochen oft ziemlich langsam beim Surfen.

3. Beim Surfen mit Firefox bekomme ich, wenn ich auf die Startseite von Facebook gehe, jedes Mal eine Warnung: Unresponsive Script.
"A script on this page may be busy, or it may have stopped responding. You can stop the script now, open the script in the debugger, or let the script continue. Script: https://fbstatic-a.akamaihd.ne…src.php/v2/yu/r/8u4lTKHi4fp.js:5"

4. Seit heute fällt das Internet immer wieder mal aus bzw. verbindet sich neu, oft beinahe alle 5 Minuten.

5. Ich habe fast täglich Bluescreens. Ich konnte erkennen, dass dabei irgendwas von Error Code: USB_DRIVER stand. Ich habe außerdem auch gemerkt, dass, wenn ich den Laptop etwas mehr oder etwas weniger zuklappe, oft der Signalton zu hören ist, wie wenn ich etwas an den USB-Anschluss anstecken würde. Dabei bekomme ich auch oft die Meldung, dass ein unbekanntes USB-Gerät angeschlossen wurde, dessen Treiber nicht installiert werden konnte. Weiters funktioniert dabei auch die Webcam nicht. Daran muss jetzt zwar kein Trojaner oder so schuld sein, aber es nervt trotzdem. Falls jemand einen Tipp hat, bin ich sehr dankbar dafür.

Ich habe bereits den Antivirus von Avira, Spybot Search&Destroy und den Windows Defender (Offline) suchen lassen und nichts gefunden.

schrauber · 20.07.2015, 18:48

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

qwery · 22.07.2015, 19:30

Danke schon mal für die Antwort!
Ich habe es bereits gemacht, bekomme aber hier die Meldung, dass der Inhalt zu viele Zeichen enthält. Ich bin noch neu hier. Kann ich dir die Dateien irgendwie schicken?

schrauber · 23.07.2015, 07:35

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

qwery · 23.07.2015, 20:47

Ok

Frst.txt

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by user (administrator) on user-PC on 22-07-2015 19:56:32
Running from C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OMRANJ8
Loaded Profiles: user (Available Profiles: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\WINDOWS\System32\drivers\o2flash.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe
(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17914_none_852b66d9f75dc476\iexplore.exe
(Adobe Systems Incorporated) C:\WINDOWS\System32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VsHub\1.0.0.0\VsHub.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VsHub\1.0.0.0\Microsoft.VsHub.Server.HttpHost.exe
(Microsoft Corporation) C:\WINDOWS\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_11.2.9600.17914_none_852b66d9f75dc476\iexplore.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1909032 2010-01-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7A32B86E-8B29-4F5C-B0AE-DA738ADC9B88}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NewTab: about:blank
FF DefaultSearchEngine: Ixquick (de)
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: about:home
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 0
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https.xml [2015-02-26]
FF Extension: HTTPS-Everywhere - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2015-07-20]
FF Extension: CanvasBlocker - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-02-26]
FF Extension: JonDoFox - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2015-02-26]
FF Extension: NoScript - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-26]
FF Extension: Cookie Controller - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi [2015-02-26]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26]
FF Extension: ProfileSwitcher - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2015-02-26]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-09] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-09] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-01] (Disc Soft Ltd)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 17:03 - 2015-07-22 19:52 - 00000000 ____D C:\Users\user\Documents\Visual Studio 2015
2015-07-22 17:01 - 2015-07-22 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-07-22 16:55 - 2015-07-22 16:55 - 00000000 ____D C:\ProgramData\NuGet
2015-07-22 16:55 - 2015-07-22 16:55 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-07-22 16:34 - 2015-07-22 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-22 16:33 - 2015-07-22 16:43 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-22 16:31 - 2015-07-22 16:31 - 00001532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VS Express für Desktop.lnk
2015-07-22 16:30 - 2015-07-22 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-07-22 16:24 - 2015-07-22 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-07-22 16:24 - 2015-07-22 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-07-22 16:23 - 2015-07-22 16:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-22 16:23 - 2015-07-22 16:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\system32\1033
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\system32\1031
2015-07-22 16:15 - 2015-07-22 16:15 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-07-22 16:09 - 2015-07-22 16:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-07-22 15:41 - 2015-06-07 01:13 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-07-22 15:18 - 2015-07-22 15:27 - 00000000 ____D C:\CAE1
2015-07-22 15:13 - 2015-07-22 19:48 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-07-21 12:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:49 - 2015-07-22 19:56 - 00000000 ____D C:\FRST
2015-07-21 00:34 - 2015-07-21 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-21 00:34 - 2015-07-21 00:34 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-21 00:31 - 2015-07-21 00:31 - 00109280 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-21 00:29 - 2015-07-22 19:43 - 00000336 _____ C:\Windows\setupact.log
2015-07-21 00:29 - 2015-07-21 20:35 - 00408392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 00:29 - 2015-07-21 00:29 - 00000810 _____ C:\Windows\PFRO.log
2015-07-21 00:29 - 2015-07-21 00:29 - 00000000 _____ C:\Windows\setuperr.log
2015-07-20 19:18 - 2015-07-20 19:18 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 19:18 - 2015-07-20 19:18 - 00000000 ____D C:\Program Files\CCleaner
2015-07-15 12:32 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:32 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 12:32 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:32 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:32 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 12:32 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:32 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:32 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:32 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:32 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:31 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:31 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:31 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:31 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:31 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:31 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 12:31 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:31 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 12:31 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:31 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 12:31 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:31 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 12:31 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 12:31 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:31 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 12:31 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 12:31 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:31 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 12:31 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 12:31 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:31 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 12:31 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 12:31 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 12:31 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 12:31 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 12:31 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:31 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:31 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:31 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:31 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 12:31 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:31 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 12:31 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:31 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:31 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:31 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 12:31 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 12:31 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 12:31 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:31 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 12:31 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 12:31 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:31 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:31 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 12:31 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 12:31 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:31 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:31 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:31 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:31 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:31 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 12:31 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:31 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:31 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 12:31 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 12:30 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:30 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:30 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:30 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 12:30 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 12:30 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 12:30 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 12:30 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 12:30 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 12:30 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 12:30 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 12:30 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:30 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 12:30 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 12:30 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 12:30 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:30 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:30 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:30 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:30 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:30 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:30 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 12:30 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:30 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:30 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 12:30 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 12:30 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:30 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 12:30 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:30 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 12:30 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 12:30 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 12:30 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 12:30 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 12:30 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 12:30 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 12:30 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 23:55 - 2015-07-14 23:55 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-13 08:07 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-13 08:07 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-13 08:07 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-13 08:07 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-13 08:07 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-13 08:07 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-13 08:07 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-13 08:07 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-08 22:13 - 2015-07-22 18:49 - 00000000 ____D C:\Users\user\AppData\Roaming\CodeBlocks
2015-07-08 22:09 - 2015-07-08 22:09 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2015-07-08 22:08 - 2015-07-08 22:09 - 00000000 ____D C:\Program Files (x86)\CodeBlocks
2015-07-06 21:27 - 2015-07-06 21:28 - 00000000 ____D C:\Users\user\AppData\Roaming\Nitro PDF
2015-07-06 21:24 - 2015-07-06 21:24 - 00000000 ____D C:\Users\user\AppData\Roaming\Nitro
2015-07-06 21:24 - 2015-07-06 21:24 - 00000000 ____D C:\Users\user\AppData\Roaming\FileOpen
2015-07-06 21:24 - 2015-07-06 21:24 - 00000000 ____D C:\ProgramData\FileOpen
2015-07-06 21:23 - 2015-07-06 21:23 - 00000000 ____D C:\ProgramData\Nitro
2015-07-06 21:22 - 2015-07-06 21:22 - 00000000 ____D C:\Users\user\AppData\Roaming\Downloaded Installations
2015-07-06 12:30 - 2015-07-06 12:30 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-06 12:29 - 2015-07-06 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 12:29 - 2015-07-06 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini
2015-07-06 00:55 - 2015-07-06 00:55 - 00000000 ____D C:\Users\user\dwhelper
2015-06-25 23:34 - 2015-06-25 23:34 - 08307360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140ud.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 08236192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 04443808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140u.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 04378776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 01054888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcamp140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00781488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00751936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00597320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00439608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00400544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcamp140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00266928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00243520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\concrt140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00204456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcomp140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00182432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcomp140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00120480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcm140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00119976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcm140ud.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00114000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140d.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00094368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcm140u.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00094368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcm140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00085328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcruntime140.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00075432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140fra.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00075432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140deu.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00074408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140esn.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00073384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140ita.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00071336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140rus.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00065704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140enu.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00054952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140jpn.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00053928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140kor.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00046760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140cht.dll
2015-06-25 23:34 - 2015-06-25 23:34 - 00046760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc140chs.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 10959520 _____ (Microsoft Corporation) C:\Windows\system32\mfc140ud.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 10887328 _____ (Microsoft Corporation) C:\Windows\system32\mfc140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 05653664 _____ (Microsoft Corporation) C:\Windows\system32\mfc140u.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 05624984 _____ (Microsoft Corporation) C:\Windows\system32\mfc140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 01403048 _____ (Microsoft Corporation) C:\Windows\system32\vcamp140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 01025200 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 01004712 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00789160 _____ (Microsoft Corporation) C:\Windows\system32\concrt140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00635040 _____ (Microsoft Corporation) C:\Windows\system32\msvcp140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00552608 _____ (Microsoft Corporation) C:\Windows\system32\vcamp140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00390320 _____ (Microsoft Corporation) C:\Windows\system32\vccorlib140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00332968 _____ (Microsoft Corporation) C:\Windows\system32\concrt140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00233128 _____ (Microsoft Corporation) C:\Windows\system32\vcomp140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00205984 _____ (Microsoft Corporation) C:\Windows\system32\vcomp140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00134816 _____ (Microsoft Corporation) C:\Windows\system32\mfcm140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00134328 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140d.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00134304 _____ (Microsoft Corporation) C:\Windows\system32\mfcm140ud.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00105120 _____ (Microsoft Corporation) C:\Windows\system32\mfcm140u.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00105120 _____ (Microsoft Corporation) C:\Windows\system32\mfcm140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00088752 _____ (Microsoft Corporation) C:\Windows\system32\vcruntime140.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00075944 _____ (Microsoft Corporation) C:\Windows\system32\mfc140fra.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00075944 _____ (Microsoft Corporation) C:\Windows\system32\mfc140deu.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00074920 _____ (Microsoft Corporation) C:\Windows\system32\mfc140esn.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00073896 _____ (Microsoft Corporation) C:\Windows\system32\mfc140ita.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00071848 _____ (Microsoft Corporation) C:\Windows\system32\mfc140rus.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00066216 _____ (Microsoft Corporation) C:\Windows\system32\mfc140enu.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00055464 _____ (Microsoft Corporation) C:\Windows\system32\mfc140jpn.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00054440 _____ (Microsoft Corporation) C:\Windows\system32\mfc140kor.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00047272 _____ (Microsoft Corporation) C:\Windows\system32\mfc140cht.dll
2015-06-25 23:15 - 2015-06-25 23:15 - 00047272 _____ (Microsoft Corporation) C:\Windows\system32\mfc140chs.dll
2015-06-25 17:16 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150625-171625.backup
2015-06-25 17:14 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150625-171445.backup
2015-06-25 16:50 - 2009-06-10 23:00 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts.20150625-165039.backup
2015-06-22 20:51 - 2015-06-22 20:51 - 00000000 ____D C:\Users\user\AppData\Roaming\DicomViewer 3.0.0.0
2015-06-22 20:51 - 2015-06-22 20:51 - 00000000 ____D C:\Users\user\AppData\Local\Spoon

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-22 19:53 - 2009-07-14 07:10 - 01816147 _____ C:\Windows\WindowsUpdate.log
2015-07-22 19:53 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-22 19:53 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-22 19:43 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-22 16:25 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-22 16:18 - 2015-04-01 01:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-22 16:16 - 2015-03-31 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-22 16:07 - 2015-03-31 13:54 - 01592824 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-22 16:07 - 2009-07-14 19:58 - 00699160 _____ C:\Windows\system32\perfh007.dat
2015-07-22 16:07 - 2009-07-14 19:58 - 00149268 _____ C:\Windows\system32\perfc007.dat
2015-07-22 16:07 - 2009-07-14 07:13 - 01592824 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-20 19:39 - 2015-04-02 17:04 - 00000000 ____D C:\Windows\Minidump
2015-07-20 19:39 - 2015-04-01 00:40 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2015-07-20 19:39 - 2010-11-23 01:38 - 00000000 ____D C:\Windows\Panther
2015-07-17 03:01 - 2015-04-01 01:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 00:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 23:56 - 2015-04-01 04:17 - 00000000 ____D C:\ProgramData\Oracle
2015-07-15 23:56 - 2010-11-23 00:05 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-15 23:54 - 2015-04-01 04:18 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-15 16:10 - 2015-04-01 02:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-15 12:42 - 2015-03-31 13:46 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:06 - 2015-04-01 04:12 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1427854332
2015-07-15 12:06 - 2015-04-01 04:11 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-14 23:56 - 2015-03-31 16:49 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-07-14 23:55 - 2015-03-31 14:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-14 23:55 - 2015-03-31 14:46 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-14 10:58 - 2015-04-06 03:39 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 08:30 - 2015-03-31 21:05 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 08:30 - 2015-03-31 21:05 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-13 08:08 - 2015-03-31 22:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-13 08:08 - 2015-03-31 22:20 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-11 02:15 - 2015-03-31 14:46 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-11 02:08 - 2015-03-31 19:10 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-07-11 01:59 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-06 15:45 - 2015-04-01 01:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-06 15:45 - 2015-04-01 01:51 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-06 00:55 - 2015-03-31 04:21 - 00000000 ____D C:\Users\user
2015-07-03 08:43 - 2015-03-31 13:46 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-28 17:48 - 2015-03-31 14:46 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-06-23 13:30 - 2015-04-01 01:42 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories =======

2015-04-01 02:33 - 2015-04-01 02:33 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-01 12:35 - 2015-04-01 12:35 - 0000000 _____ () C:\ProgramData\Yes

Some files in TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-13 12:59

==================== End of log ============================

Und Addition.txt
[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by user at 2015-07-22 19:59:59
Running from C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OMRANJ8
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3109766734-3921118406-2127283393-500 - Administrator - Disabled)
Gast (S-1-5-21-3109766734-3921118406-2127283393-501 - Limited - Disabled)
user (S-1-5-21-3109766734-3921118406-2127283393-1000 - Administrator - Enabled) => C:\Users\user

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.1217.1709 - )
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
ccc-core-static (x32 Version: 2009.1217.1710.30775 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CodeBlocks (HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JonDo (HKLM-x32\...\JonDoUninstall) (Version:  - )
MATLAB R2010b (HKLM\...\MatlabR2010b) (Version: 7.11 - The MathWorks, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Skins (x32 Version: 2009.1217.1710.30775 - ATI) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.3.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

21-07-2015 18:28:26 Windows Update
22-07-2015 15:38:52 Microsoft Visual Studio Express 2015 für Windows Desktop - DEU
22-07-2015 15:39:45 Microsoft Visual C++ 2005 Redistributable (x64) wird entfernt
22-07-2015 15:40:16 Windows Update
22-07-2015 15:45:43 Nitro Reader 3 wurde entfernt
22-07-2015 16:08:21 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
22-07-2015 16:16:11 Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026
22-07-2015 16:16:58 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
22-07-2015 16:17:49 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-25 17:16 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {35C92F70-9898-4AA7-BE05-5621793214FC} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5092925A-94F9-4B07-BBC6-A9A8123E9BA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {5D8BA1B5-59CC-4CB8-8AD4-6910F2B07F50} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_194_pepper.exe [2015-06-28] (Adobe Systems Incorporated)
Task: {628CFAA8-F0FE-473B-97A4-BBD9BFE36D38} - System32\Tasks\Opera scheduled Autoupdate 1427854332 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {C205F7EC-1A7B-48AA-BD97-B2C626DD317B} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {CB5115A2-F4DE-491D-9FDB-42EF23E60B4C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D506FE16-D05D-4ACA-9F13-9A4C09E559E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E9BE10AB-521F-48B2-A2FF-3765877828F9} - System32\Tasks\D771WWN1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_194_pepper.exe

==================== Loaded Modules (Whitelisted) ==============

2010-11-23 00:06 - 2009-07-17 16:06 - 00033280 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
2010-11-23 00:06 - 2009-07-17 16:06 - 00058368 _____ () C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlrmt.dll
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-05-05 20:56 - 2009-05-05 20:56 - 00016384 ____R () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-11-23 00:09 - 2010-11-23 00:09 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-04-01 02:08 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-04-01 02:08 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-04-01 02:08 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-04-01 02:08 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-04-01 02:08 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-07-15 12:06 - 2015-07-15 12:04 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libglesv2.dll
2015-07-15 12:06 - 2015-07-15 12:04 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libegl.dll
2015-07-22 17:48 - 2015-07-22 17:48 - 00689664 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbeb7089b#\2a82571c1dad6051da1fd31638059022\Microsoft.VisualStudio.Threading.ni.dll
2015-07-22 17:48 - 2015-07-22 17:48 - 00047104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vd43b287e#\355b3333f33c6b318724438d68e47d2e\Microsoft.VisualStudio.Validation.ni.dll
2015-07-22 17:36 - 2015-07-22 17:36 - 00983040 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vfd40090d#\c8e47926e6e6a7eafcca7da93cf72a26\Microsoft.VisualStudio.Composition.ni.dll
2015-07-22 17:36 - 2015-07-22 17:36 - 00261120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vad841153#\ab9946a280bfd02f60a27ddff86856de\Microsoft.VisualStudio.Composition.Configuration.ni.dll
2015-06-28 17:48 - 2015-06-28 17:48 - 15003824 _____ () C:\Windows\SysWOW64\Macromed\Flash\pepflashplayer32_18_0_0_194.dll

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HP Deskjet 3050A J611 series (NET) => "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN196482KK05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F5900A13-0BC3-4C6A-95C0-25AF7E09FEC9}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{89AE38D2-719A-405F-B013-51C266F7E18D}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EF147DCC-3A65-4F2F-9FE7-30ECCC27AAB9}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{F690094A-B7C9-44C5-9A58-2CF85ACA0BE5}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{E0F6E34C-6C3A-479E-A582-F5B6D5B64A1A}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{DC796A2B-A113-413E-A0AA-D30E26EE1F91}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{4354BCA2-5F0E-4D18-9577-1814C38CC827}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{DC9FB468-88EA-4EBA-A6E7-226022DE8844}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DABEF69A-C247-4552-8FEF-8C82974FBB63}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{1DF11C0D-4B5E-4C55-93D4-D0CB6419DF55}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{9AC95574-C7C2-497A-906E-AEEF5CCF21FF}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2015 07:57:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17909 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1758

Startzeit: 01d0c4a6ca88e147

Endzeit: 46

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 03:27:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 260

Startzeit: 01d0c467ced7c881

Endzeit: 60000

Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID: 205615b9-3075-11e5-9cac-0026b9f18684


System errors:
=============
Error: (07/22/2015 06:49:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (07/22/2015 03:32:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (07/22/2015 03:32:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (07/22/2015 03:32:25 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/22/2015 03:31:44 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎22.‎07.‎2015 um 15:30:34 unerwartet heruntergefahren.

Error: (07/22/2015 03:14:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (07/22/2015 03:14:06 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (07/22/2015 03:10:11 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst WSearch erreicht.

Error: (07/22/2015 12:08:33 PM) (Source: ACPI) (EventID: 13) (User: )
Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft.

Error: (07/22/2015 03:05:20 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office:
=========================
Error: (07/22/2015 07:57:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17909175801d0c4a6ca88e14746C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe

Error: (07/22/2015 05:59:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe

Error: (07/22/2015 03:27:25 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756726001d0c467ced7c88160000C:\Windows\Explorer.EXE205615b9-3075-11e5-9cac-0026b9f18684


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
Percentage of memory in use: 70%
Total physical RAM: 3956.54 MB
Available physical RAM: 1178.71 MB
Total Virtual: 7911.29 MB
Available Virtual: 3474.08 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:150.36 GB) (Free:102.86 GB) NTFS
Drive f: (Musik) (Fixed) (Total:150.36 GB) (Free:126.66 GB) NTFS
Drive g: (Allgemein) (Fixed) (Total:150.36 GB) (Free:150.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 70565D82)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=300.7 GB) - (Type=OF Extended)

==================== End of log ============================

--- --- ---

Ich möchte nicht unhöflich sein. Andererseits möchte ich auch nicht, dass mein Thread im Nirwana verschwindet. Ich hoffe, es wird mir nicht übel genommen, wenn ich nochmals um Hilfe bitte.

schrauber · 24.07.2015, 07:14

Wo dein Thread im FOrum steht, also welcher Platz oder welche Seite, ist belanglos. WIr Helfer haben ein Kontrollzentrum, dort wird jeder Thread gelistet der in Arbeit von uns ist. Antwortet ein User, kommt er an Platz 1 in der Liste, und wir arbeiten von unten nach oben.

Wenn also 100 Leute vor Dir gepostet haben, die ich betreue, bekommen die auch vor Dir ne Antwort

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

qwery · 25.07.2015, 15:08

Verstehe. Klasse System!

Die beiden Programme konnten nichts finden.
Hier das Logfile von mbar:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.24.06
  rootkit: v2015.07.22.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
user :: user-PC [administrator]

24.07.2015 18:59:32
mbar-log-2015-07-24 (18-59-32).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 367903
Time elapsed: 27 minute(s), 54 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Und TDSSKiller
Teil 1

Code:

ATTFilter

20:27:46.0399 0x1b88  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
20:27:49.0659 0x1b88  ============================================================
20:27:49.0659 0x1b88  Current date / time: 2015/07/24 20:27:49.0659
20:27:49.0659 0x1b88  SystemInfo:
20:27:49.0659 0x1b88  
20:27:49.0659 0x1b88  OS Version: 6.1.7601 ServicePack: 1.0
20:27:49.0659 0x1b88  Product type: Workstation
20:27:49.0659 0x1b88  ComputerName: user-PC
20:27:49.0675 0x1b88  UserName: user
20:27:49.0675 0x1b88  Windows directory: C:\Windows
20:27:49.0675 0x1b88  System windows directory: C:\Windows
20:27:49.0675 0x1b88  Running under WOW64
20:27:49.0675 0x1b88  Processor architecture: Intel x64
20:27:49.0675 0x1b88  Number of processors: 4
20:27:49.0675 0x1b88  Page size: 0x1000
20:27:49.0675 0x1b88  Boot type: Normal boot
20:27:49.0675 0x1b88  ============================================================
20:27:52.0405 0x1b88  KLMD registered as C:\Windows\system32\drivers\78954981.sys
20:27:52.0748 0x1b88  System UUID: {9EA31ED4-07C7-9877-2829-6B7848D6DD62}
20:27:53.0887 0x1b88  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:27:53.0903 0x1b88  ============================================================
20:27:53.0903 0x1b88  \Device\Harddisk0\DR0:
20:27:53.0903 0x1b88  MBR partitions:
20:27:53.0903 0x1b88  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
20:27:53.0903 0x1b88  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x12CB7000
20:27:53.0918 0x1b88  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x14A17800, BlocksNum 0x12CB7000
20:27:53.0934 0x1b88  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x276CF000, BlocksNum 0x12CB6800
20:27:53.0934 0x1b88  ============================================================
20:27:53.0965 0x1b88  C: <-> \Device\Harddisk0\DR0\Partition2
20:27:53.0996 0x1b88  F: <-> \Device\Harddisk0\DR0\Partition3
20:27:54.0043 0x1b88  G: <-> \Device\Harddisk0\DR0\Partition4
20:27:54.0043 0x1b88  ============================================================
20:27:54.0043 0x1b88  Initialize success
20:27:54.0043 0x1b88  ============================================================
20:28:08.0380 0x1b90  ============================================================
20:28:08.0380 0x1b90  Scan started
20:28:08.0380 0x1b90  Mode: Manual; 
20:28:08.0380 0x1b90  ============================================================
20:28:08.0380 0x1b90  KSN ping started
20:28:11.0172 0x1b90  KSN ping finished: true
20:28:12.0061 0x1b90  ================ Scan system memory ========================
20:28:12.0061 0x1b90  System memory - ok
20:28:12.0061 0x1b90  ================ Scan services =============================
20:28:12.0295 0x1b90  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:28:12.0311 0x1b90  1394ohci - ok
20:28:12.0389 0x1b90  [ C49C56B35BFC6CDA8D1FDCAD2885568F, 60F80C51928C9332AA1DD50197FAD2A818FDCAE9DCCA07EE85FA1C15ACF8CF2A ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys
20:28:12.0389 0x1b90  Acceler - ok
20:28:12.0451 0x1b90  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:28:12.0467 0x1b90  ACPI - ok
20:28:12.0514 0x1b90  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:28:12.0514 0x1b90  AcpiPmi - ok
20:28:12.0638 0x1b90  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:28:12.0638 0x1b90  AdobeARMservice - ok
20:28:12.0716 0x1b90  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:28:12.0748 0x1b90  adp94xx - ok
20:28:12.0794 0x1b90  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:28:12.0810 0x1b90  adpahci - ok
20:28:12.0841 0x1b90  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:28:12.0857 0x1b90  adpu320 - ok
20:28:12.0888 0x1b90  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:28:12.0904 0x1b90  AeLookupSvc - ok
20:28:13.0013 0x1b90  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
20:28:13.0028 0x1b90  AESTFilters - ok
20:28:13.0091 0x1b90  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
20:28:13.0122 0x1b90  AFD - ok
20:28:13.0169 0x1b90  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:28:13.0169 0x1b90  agp440 - ok
20:28:13.0216 0x1b90  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:28:13.0216 0x1b90  ALG - ok
20:28:13.0247 0x1b90  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:28:13.0247 0x1b90  aliide - ok
20:28:13.0278 0x1b90  [ 568C61DBDA2D9F1AFDAC58771E313AFE, 5E45CBB15FEB145D8360674D50C85D06A0DE9345A9589F3BD979A96D24410AAF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:28:13.0294 0x1b90  AMD External Events Utility - ok
20:28:13.0309 0x1b90  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:28:13.0325 0x1b90  amdide - ok
20:28:13.0372 0x1b90  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:28:13.0372 0x1b90  AmdK8 - ok
20:28:13.0418 0x1b90  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:28:13.0418 0x1b90  AmdPPM - ok
20:28:13.0450 0x1b90  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:28:13.0465 0x1b90  amdsata - ok
20:28:13.0496 0x1b90  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:28:13.0512 0x1b90  amdsbs - ok
20:28:13.0543 0x1b90  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:28:13.0543 0x1b90  amdxata - ok
20:28:13.0668 0x1b90  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:28:13.0730 0x1b90  AntiVirMailService - ok
20:28:13.0808 0x1b90  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:28:13.0840 0x1b90  AntiVirSchedulerService - ok
20:28:13.0886 0x1b90  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:28:13.0918 0x1b90  AntiVirService - ok
20:28:14.0042 0x1b90  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:28:14.0105 0x1b90  AntiVirWebService - ok
20:28:14.0167 0x1b90  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
20:28:14.0167 0x1b90  AppID - ok
20:28:14.0198 0x1b90  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:28:14.0198 0x1b90  AppIDSvc - ok
20:28:14.0245 0x1b90  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
20:28:14.0245 0x1b90  Appinfo - ok
20:28:14.0292 0x1b90  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:28:14.0292 0x1b90  arc - ok
20:28:14.0308 0x1b90  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:28:14.0323 0x1b90  arcsas - ok
20:28:14.0432 0x1b90  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:28:14.0448 0x1b90  aspnet_state - ok
20:28:14.0464 0x1b90  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:28:14.0479 0x1b90  AsyncMac - ok
20:28:14.0495 0x1b90  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:28:14.0510 0x1b90  atapi - ok
20:28:14.0557 0x1b90  [ D481083348138B4933ACFE95812DB71C, 62B8B1C844FCF6CF3FC8987A3B0963FEB1DFD28D9F977BDFD04DA7F358CBF0F6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
20:28:14.0557 0x1b90  AtiHdmiService - ok
20:28:15.0244 0x1b90  [ B579364CE413C6B8FCB8A594CC4C48EE, 33C419ED56BB59C3A749EF51754C7FC9630FD3F93DE5AF766FB2803831660E91 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:28:15.0634 0x1b90  atikmdag - ok
20:28:15.0743 0x1b90  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:28:15.0774 0x1b90  AudioEndpointBuilder - ok
20:28:15.0852 0x1b90  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:28:15.0883 0x1b90  AudioSrv - ok
20:28:15.0961 0x1b90  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:28:15.0961 0x1b90  avgntflt - ok
20:28:16.0008 0x1b90  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:28:16.0008 0x1b90  avipbb - ok
20:28:16.0102 0x1b90  [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:28:16.0117 0x1b90  Avira.ServiceHost - ok
20:28:16.0148 0x1b90  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:28:16.0148 0x1b90  avkmgr - ok
20:28:16.0211 0x1b90  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
20:28:16.0211 0x1b90  avnetflt - ok
20:28:16.0242 0x1b90  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:28:16.0258 0x1b90  AxInstSV - ok
20:28:16.0336 0x1b90  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:28:16.0351 0x1b90  b06bdrv - ok
20:28:16.0398 0x1b90  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:28:16.0414 0x1b90  b57nd60a - ok
20:28:16.0460 0x1b90  [ E001DD475A7C27EBE5A0DB45C11BAD71, BA6A13E49F30BBBAB9FB0C7686FA6FD0376D506A51CEDB2829E3EF3C728394BA ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
20:28:16.0460 0x1b90  BCM42RLY - ok
20:28:16.0710 0x1b90  [ F4CD5F52850BF2C978DE178F256BA372, E9716E32A086A7B015A54C0D35DB2AC9E6F142015E1BEAF2730EE2CE0777FC8D ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:28:16.0882 0x1b90  BCM43XX - ok
20:28:16.0960 0x1b90  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:28:16.0960 0x1b90  BDESVC - ok
20:28:16.0991 0x1b90  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:28:16.0991 0x1b90  Beep - ok
20:28:17.0084 0x1b90  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:28:17.0131 0x1b90  BFE - ok
20:28:17.0225 0x1b90  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:28:17.0287 0x1b90  BITS - ok
20:28:17.0318 0x1b90  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:28:17.0318 0x1b90  blbdrive - ok
20:28:17.0365 0x1b90  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:28:17.0365 0x1b90  bowser - ok
20:28:17.0396 0x1b90  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:28:17.0412 0x1b90  BrFiltLo - ok
20:28:17.0428 0x1b90  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:28:17.0428 0x1b90  BrFiltUp - ok
20:28:17.0474 0x1b90  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:28:17.0490 0x1b90  Browser - ok
20:28:17.0537 0x1b90  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:28:17.0552 0x1b90  Brserid - ok
20:28:17.0584 0x1b90  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:28:17.0584 0x1b90  BrSerWdm - ok
20:28:17.0599 0x1b90  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:28:17.0615 0x1b90  BrUsbMdm - ok
20:28:17.0630 0x1b90  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:28:17.0630 0x1b90  BrUsbSer - ok
20:28:17.0693 0x1b90  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:28:17.0693 0x1b90  BthEnum - ok
20:28:17.0724 0x1b90  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:28:17.0724 0x1b90  BTHMODEM - ok
20:28:17.0755 0x1b90  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:28:17.0771 0x1b90  BthPan - ok
20:28:17.0833 0x1b90  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:28:17.0880 0x1b90  BTHPORT - ok
20:28:17.0911 0x1b90  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:28:17.0927 0x1b90  bthserv - ok
20:28:17.0958 0x1b90  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:28:17.0958 0x1b90  BTHUSB - ok
20:28:18.0005 0x1b90  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:28:18.0020 0x1b90  cdfs - ok
20:28:18.0067 0x1b90  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:28:18.0083 0x1b90  cdrom - ok
20:28:18.0114 0x1b90  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:28:18.0130 0x1b90  CertPropSvc - ok
20:28:18.0161 0x1b90  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:28:18.0161 0x1b90  circlass - ok
20:28:18.0208 0x1b90  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
20:28:18.0239 0x1b90  CLFS - ok
20:28:18.0317 0x1b90  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:28:18.0317 0x1b90  clr_optimization_v2.0.50727_32 - ok
20:28:18.0364 0x1b90  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:28:18.0379 0x1b90  clr_optimization_v2.0.50727_64 - ok
20:28:18.0457 0x1b90  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:28:18.0457 0x1b90  clr_optimization_v4.0.30319_32 - ok
20:28:18.0504 0x1b90  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:28:18.0504 0x1b90  clr_optimization_v4.0.30319_64 - ok
20:28:18.0535 0x1b90  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:28:18.0535 0x1b90  CmBatt - ok
20:28:18.0582 0x1b90  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:28:18.0582 0x1b90  cmdide - ok
20:28:18.0644 0x1b90  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
20:28:18.0676 0x1b90  CNG - ok
20:28:18.0722 0x1b90  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:28:18.0722 0x1b90  Compbatt - ok
20:28:18.0769 0x1b90  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:28:18.0769 0x1b90  CompositeBus - ok
20:28:18.0785 0x1b90  COMSysApp - ok
20:28:18.0832 0x1b90  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:28:18.0832 0x1b90  crcdisk - ok
20:28:18.0878 0x1b90  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:28:18.0894 0x1b90  CryptSvc - ok
20:28:18.0910 0x1b90  CtClsFlt - ok
20:28:18.0972 0x1b90  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:28:19.0003 0x1b90  DcomLaunch - ok
20:28:19.0050 0x1b90  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:28:19.0066 0x1b90  defragsvc - ok
20:28:19.0112 0x1b90  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:28:19.0112 0x1b90  DfsC - ok
20:28:19.0159 0x1b90  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:28:19.0190 0x1b90  Dhcp - ok
20:28:19.0378 0x1b90  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:28:19.0456 0x1b90  DiagTrack - ok
20:28:19.0643 0x1b90  [ D296B8179E43714B28245CF0243D48AB, 2D6A0A00343F11C2882DDD09AC20F9198861716576F0B63D991370D4C931F1D6 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
20:28:19.0721 0x1b90  Disc Soft Lite Bus Service - ok
20:28:19.0752 0x1b90  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:28:19.0768 0x1b90  discache - ok
20:28:19.0799 0x1b90  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:28:19.0814 0x1b90  Disk - ok
20:28:19.0924 0x1b90  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:28:19.0939 0x1b90  Dnscache - ok
20:28:19.0986 0x1b90  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:28:20.0017 0x1b90  dot3svc - ok
20:28:20.0048 0x1b90  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:28:20.0064 0x1b90  DPS - ok
20:28:20.0111 0x1b90  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:28:20.0111 0x1b90  drmkaud - ok
20:28:20.0158 0x1b90  [ 080598EFE474B7A28D7260C3AC389E36, FB2862EFF05CCF60FA967DA1C3F3E5188D17D6040476684A393A03DAE3DBC92A ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
20:28:20.0158 0x1b90  dtlitescsibus - ok
20:28:20.0251 0x1b90  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:28:20.0314 0x1b90  DXGKrnl - ok
20:28:20.0360 0x1b90  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:28:20.0376 0x1b90  EapHost - ok
20:28:20.0657 0x1b90  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:28:20.0860 0x1b90  ebdrv - ok
20:28:21.0094 0x1b90  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
20:28:21.0094 0x1b90  EFS - ok
20:28:21.0281 0x1b90  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:28:21.0343 0x1b90  ehRecvr - ok
20:28:21.0390 0x1b90  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:28:21.0406 0x1b90  ehSched - ok
20:28:21.0499 0x1b90  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:28:21.0562 0x1b90  elxstor - ok
20:28:21.0608 0x1b90  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:28:21.0608 0x1b90  ErrDev - ok
20:28:21.0749 0x1b90  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:28:21.0796 0x1b90  EventSystem - ok
20:28:21.0874 0x1b90  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:28:21.0905 0x1b90  exfat - ok
20:28:22.0230 0x1b90  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:28:22.0250 0x1b90  fastfat - ok
20:28:22.0650 0x1b90  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:28:22.0700 0x1b90  Fax - ok
20:28:22.0740 0x1b90  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:28:22.0740 0x1b90  fdc - ok
20:28:22.0800 0x1b90  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:28:22.0810 0x1b90  fdPHost - ok
20:28:22.0830 0x1b90  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:28:22.0830 0x1b90  FDResPub - ok
20:28:22.0900 0x1b90  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:28:22.0910 0x1b90  FileInfo - ok
20:28:22.0940 0x1b90  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:28:22.0940 0x1b90  Filetrace - ok
20:28:22.0980 0x1b90  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:28:22.0980 0x1b90  flpydisk - ok
20:28:23.0100 0x1b90  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:28:23.0140 0x1b90  FltMgr - ok
20:28:23.0390 0x1b90  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
20:28:23.0480 0x1b90  FontCache - ok
20:28:23.0580 0x1b90  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:28:23.0580 0x1b90  FontCache3.0.0.0 - ok
20:28:23.0640 0x1b90  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:28:23.0650 0x1b90  FsDepends - ok
20:28:23.0700 0x1b90  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:28:23.0710 0x1b90  Fs_Rec - ok
20:28:23.0840 0x1b90  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:28:23.0860 0x1b90  fvevol - ok
20:28:23.0930 0x1b90  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:28:23.0940 0x1b90  gagp30kx - ok
20:28:24.0160 0x1b90  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:28:24.0206 0x1b90  gpsvc - ok
20:28:24.0237 0x1b90  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:28:24.0237 0x1b90  hcw85cir - ok
20:28:24.0315 0x1b90  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:28:24.0315 0x1b90  HDAudBus - ok
20:28:24.0455 0x1b90  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:28:24.0455 0x1b90  HECIx64 - ok
20:28:24.0486 0x1b90  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:28:24.0486 0x1b90  HidBatt - ok
20:28:24.0518 0x1b90  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:28:24.0533 0x1b90  HidBth - ok
20:28:24.0564 0x1b90  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:28:24.0564 0x1b90  HidIr - ok
20:28:24.0611 0x1b90  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:28:24.0627 0x1b90  hidserv - ok
20:28:24.0674 0x1b90  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:28:24.0689 0x1b90  HidUsb - ok
20:28:24.0736 0x1b90  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:28:24.0736 0x1b90  hkmsvc - ok
20:28:24.0830 0x1b90  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:28:24.0845 0x1b90  HomeGroupListener - ok
20:28:24.0923 0x1b90  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:28:24.0939 0x1b90  HomeGroupProvider - ok
20:28:25.0032 0x1b90  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:28:25.0032 0x1b90  HpSAMD - ok
20:28:25.0266 0x1b90  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:28:25.0329 0x1b90  HTTP - ok
20:28:25.0407 0x1b90  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:28:25.0407 0x1b90  hwpolicy - ok
20:28:25.0516 0x1b90  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:28:25.0532 0x1b90  i8042prt - ok
20:28:25.0672 0x1b90  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:28:25.0703 0x1b90  iaStorV - ok
20:28:26.0015 0x1b90  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:28:26.0078 0x1b90  idsvc - ok
20:28:26.0093 0x1b90  IEEtwCollectorService - ok
20:28:26.0140 0x1b90  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:28:26.0156 0x1b90  iirsp - ok
20:28:26.0234 0x1b90  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:28:26.0327 0x1b90  IKEEXT - ok
20:28:26.0374 0x1b90  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
20:28:26.0390 0x1b90  Impcd - ok
20:28:26.0421 0x1b90  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:28:26.0421 0x1b90  intelide - ok
20:28:26.0452 0x1b90  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:28:26.0452 0x1b90  intelppm - ok
20:28:26.0514 0x1b90  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:28:26.0514 0x1b90  IPBusEnum - ok
20:28:26.0561 0x1b90  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:28:26.0561 0x1b90  IpFilterDriver - ok
20:28:26.0733 0x1b90  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:28:26.0764 0x1b90  iphlpsvc - ok
20:28:26.0842 0x1b90  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:28:26.0842 0x1b90  IPMIDRV - ok
20:28:26.0873 0x1b90  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:28:26.0889 0x1b90  IPNAT - ok
20:28:26.0936 0x1b90  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:28:26.0936 0x1b90  IRENUM - ok
20:28:27.0014 0x1b90  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:28:27.0014 0x1b90  isapnp - ok
20:28:27.0123 0x1b90  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:28:27.0154 0x1b90  iScsiPrt - ok
20:28:27.0310 0x1b90  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:28:27.0357 0x1b90  kbdclass - ok
20:28:27.0466 0x1b90  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:28:27.0466 0x1b90  kbdhid - ok
20:28:27.0497 0x1b90  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
20:28:27.0497 0x1b90  KeyIso - ok
20:28:27.0560 0x1b90  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:28:27.0560 0x1b90  KSecDD - ok
20:28:27.0638 0x1b90  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:28:27.0653 0x1b90  KSecPkg - ok
20:28:27.0731 0x1b90  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:28:27.0731 0x1b90  ksthunk - ok
20:28:27.0825 0x1b90  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:28:27.0856 0x1b90  KtmRm - ok
20:28:27.0965 0x1b90  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:28:27.0981 0x1b90  LanmanServer - ok
20:28:28.0028 0x1b90  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:28:28.0043 0x1b90  LanmanWorkstation - ok
20:28:28.0106 0x1b90  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:28:28.0106 0x1b90  lltdio - ok
20:28:28.0152 0x1b90  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:28:28.0230 0x1b90  lltdsvc - ok
20:28:28.0262 0x1b90  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:28:28.0277 0x1b90  lmhosts - ok
20:28:28.0355 0x1b90  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:28:28.0371 0x1b90  LMS - ok
20:28:28.0418 0x1b90  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:28:28.0433 0x1b90  LSI_FC - ok
20:28:28.0449 0x1b90  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:28:28.0464 0x1b90  LSI_SAS - ok
20:28:28.0480 0x1b90  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:28:28.0480 0x1b90  LSI_SAS2 - ok
20:28:28.0511 0x1b90  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:28:28.0527 0x1b90  LSI_SCSI - ok
20:28:28.0542 0x1b90  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:28:28.0558 0x1b90  luafv - ok
20:28:28.0667 0x1b90  [ 61E27025735991FB61E2B5324357CEE5, 3D145E558625A33336DDE3A9B3A3214D6AC2EBF8E35C19E5CE755C1F97568C0F ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
20:28:28.0714 0x1b90  McComponentHostService - ok
20:28:28.0761 0x1b90  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:28:28.0761 0x1b90  Mcx2Svc - ok
20:28:28.0776 0x1b90  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:28:28.0792 0x1b90  megasas - ok
20:28:28.0839 0x1b90  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:28:28.0886 0x1b90  MegaSR - ok
20:28:28.0964 0x1b90  Microsoft SharePoint Workspace Audit Service - ok
20:28:28.0995 0x1b90  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:28:29.0010 0x1b90  MMCSS - ok
20:28:29.0042 0x1b90  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:28:29.0057 0x1b90  Modem - ok
20:28:29.0088 0x1b90  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:28:29.0104 0x1b90  monitor - ok
20:28:29.0135 0x1b90  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:28:29.0135 0x1b90  mouclass - ok
20:28:29.0166 0x1b90  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:28:29.0166 0x1b90  mouhid - ok
20:28:29.0213 0x1b90  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:28:29.0229 0x1b90  mountmgr - ok
20:28:29.0307 0x1b90  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:28:29.0322 0x1b90  MozillaMaintenance - ok
20:28:29.0369 0x1b90  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:28:29.0385 0x1b90  mpio - ok
20:28:29.0432 0x1b90  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:28:29.0432 0x1b90  mpsdrv - ok
20:28:29.0541 0x1b90  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:28:29.0619 0x1b90  MpsSvc - ok
20:28:29.0666 0x1b90  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:28:29.0681 0x1b90  MRxDAV - ok
20:28:29.0728 0x1b90  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:28:29.0744 0x1b90  mrxsmb - ok
20:28:29.0775 0x1b90  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:28:29.0806 0x1b90  mrxsmb10 - ok
20:28:29.0837 0x1b90  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:28:29.0853 0x1b90  mrxsmb20 - ok
20:28:29.0884 0x1b90  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:28:29.0900 0x1b90  msahci - ok
20:28:29.0931 0x1b90  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:28:29.0946 0x1b90  msdsm - ok
20:28:29.0978 0x1b90  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:28:29.0993 0x1b90  MSDTC - ok
20:28:30.0040 0x1b90  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:28:30.0056 0x1b90  Msfs - ok
20:28:30.0071 0x1b90  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:28:30.0087 0x1b90  mshidkmdf - ok
20:28:30.0102 0x1b90  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:28:30.0102 0x1b90  msisadrv - ok
20:28:30.0149 0x1b90  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:28:30.0165 0x1b90  MSiSCSI - ok
20:28:30.0180 0x1b90  msiserver - ok
20:28:30.0212 0x1b90  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:28:30.0212 0x1b90  MSKSSRV - ok
20:28:30.0227 0x1b90  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:28:30.0227 0x1b90  MSPCLOCK - ok
20:28:30.0243 0x1b90  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:28:30.0243 0x1b90  MSPQM - ok
20:28:30.0305 0x1b90  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:28:30.0368 0x1b90  MsRPC - ok
20:28:30.0399 0x1b90  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:28:30.0399 0x1b90  mssmbios - ok
20:28:30.0430 0x1b90  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:28:30.0430 0x1b90  MSTEE - ok
20:28:30.0446 0x1b90  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:28:30.0446 0x1b90  MTConfig - ok
20:28:30.0477 0x1b90  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:28:30.0477 0x1b90  Mup - ok
20:28:30.0555 0x1b90  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:28:30.0602 0x1b90  napagent - ok
20:28:30.0664 0x1b90  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:28:30.0711 0x1b90  NativeWifiP - ok
20:28:30.0820 0x1b90  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:28:30.0898 0x1b90  NDIS - ok
20:28:30.0929 0x1b90  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:28:30.0929 0x1b90  NdisCap - ok
20:28:30.0960 0x1b90  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:28:30.0960 0x1b90  NdisTapi - ok
20:28:30.0992 0x1b90  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:28:30.0992 0x1b90  Ndisuio - ok
20:28:31.0023 0x1b90  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:28:31.0038 0x1b90  NdisWan - ok
20:28:31.0085 0x1b90  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:28:31.0085 0x1b90  NDProxy - ok
20:28:31.0116 0x1b90  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:28:31.0116 0x1b90  NetBIOS - ok
20:28:31.0179 0x1b90  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:28:31.0226 0x1b90  NetBT - ok
20:28:31.0241 0x1b90  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
20:28:31.0241 0x1b90  Netlogon - ok
20:28:31.0319 0x1b90  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:28:31.0350 0x1b90  Netman - ok
20:28:31.0413 0x1b90  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:31.0444 0x1b90  NetMsmqActivator - ok
20:28:31.0460 0x1b90  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:31.0460 0x1b90  NetPipeActivator - ok
20:28:31.0522 0x1b90  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:28:31.0569 0x1b90  netprofm - ok
20:28:31.0584 0x1b90  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:31.0600 0x1b90  NetTcpActivator - ok
20:28:31.0616 0x1b90  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:31.0631 0x1b90  NetTcpPortSharing - ok
20:28:31.0678 0x1b90  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:28:31.0694 0x1b90  nfrd960 - ok
20:28:31.0740 0x1b90  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:28:31.0772 0x1b90  NlaSvc - ok
20:28:31.0787 0x1b90  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:28:31.0803 0x1b90  Npfs - ok
20:28:31.0818 0x1b90  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:28:31.0818 0x1b90  nsi - ok
20:28:31.0834 0x1b90  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:28:31.0850 0x1b90  nsiproxy - ok
20:28:32.0006 0x1b90  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:28:32.0146 0x1b90  Ntfs - ok
20:28:32.0177 0x1b90  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:28:32.0177 0x1b90  Null - ok
20:28:32.0224 0x1b90  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:28:32.0224 0x1b90  nvraid - ok
20:28:32.0286 0x1b90  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:28:32.0286 0x1b90  nvstor - ok
20:28:32.0333 0x1b90  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:28:32.0349 0x1b90  nv_agp - ok
20:28:32.0396 0x1b90  [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
20:28:32.0411 0x1b90  O2FLASH - ok
20:28:32.0442 0x1b90  [ 8C2953537CA19DFAA67D612407E0F33E, AD0F7B18F58AF6421948BBB4450BEF83E1ED443F78D17ACCD6A57A236B8AD2B4 ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
20:28:32.0442 0x1b90  O2MDGRDR - ok
20:28:32.0489 0x1b90  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:28:32.0505 0x1b90  ohci1394 - ok
20:28:32.0598 0x1b90  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:28:32.0614 0x1b90  ose - ok
20:28:32.0692 0x1b90  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:28:32.0708 0x1b90  ose64 - ok
20:28:33.0144 0x1b90  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:28:33.0534 0x1b90  osppsvc - ok
20:28:33.0612 0x1b90  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:28:33.0644 0x1b90  p2pimsvc - ok
20:28:33.0706 0x1b90  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:28:33.0753 0x1b90  p2psvc - ok
20:28:33.0784 0x1b90  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:28:33.0800 0x1b90  Parport - ok
20:28:33.0831 0x1b90  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:28:33.0831 0x1b90  partmgr - ok
20:28:33.0878 0x1b90  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:28:33.0909 0x1b90  PcaSvc - ok
20:28:33.0940 0x1b90  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:28:33.0956 0x1b90  pci - ok
20:28:33.0987 0x1b90  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:28:34.0002 0x1b90  pciide - ok
20:28:34.0034 0x1b90  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:28:34.0049 0x1b90  pcmcia - ok
20:28:34.0080 0x1b90  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:28:34.0096 0x1b90  pcw - ok
20:28:34.0174 0x1b90  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:28:34.0252 0x1b90  PEAUTH - ok
20:28:34.0361 0x1b90  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:28:34.0377 0x1b90  PerfHost - ok
20:28:34.0517 0x1b90  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:28:34.0642 0x1b90  pla - ok
20:28:34.0720 0x1b90  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:28:34.0767 0x1b90  PlugPlay - ok
20:28:34.0798 0x1b90  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:28:34.0798 0x1b90  PNRPAutoReg - ok
20:28:34.0845 0x1b90  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:28:34.0876 0x1b90  PNRPsvc - ok
20:28:34.0954 0x1b90  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:28:35.0001 0x1b90  PolicyAgent - ok
20:28:35.0048 0x1b90  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:28:35.0063 0x1b90  Power - ok
20:28:35.0110 0x1b90  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:28:35.0126 0x1b90  PptpMiniport - ok
20:28:35.0157 0x1b90  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:28:35.0157 0x1b90  Processor - ok
20:28:35.0219 0x1b90  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:28:35.0250 0x1b90  ProfSvc - ok
20:28:35.0266 0x1b90  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
20:28:35.0266 0x1b90  ProtectedStorage - ok
20:28:35.0313 0x1b90  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:28:35.0328 0x1b90  Psched - ok
20:28:35.0469 0x1b90  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:28:35.0594 0x1b90  ql2300 - ok
20:28:35.0625 0x1b90  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:28:35.0625 0x1b90  ql40xx - ok
20:28:35.0687 0x1b90  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:28:35.0734 0x1b90  QWAVE - ok
20:28:35.0750 0x1b90  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:28:35.0750 0x1b90  QWAVEdrv - ok
20:28:35.0781 0x1b90  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:28:35.0781 0x1b90  RasAcd - ok
20:28:35.0812 0x1b90  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:28:35.0812 0x1b90  RasAgileVpn - ok
20:28:35.0828 0x1b90  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:28:35.0843 0x1b90  RasAuto - ok
20:28:35.0890 0x1b90  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:28:35.0890 0x1b90  Rasl2tp - ok
20:28:35.0937 0x1b90  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:28:35.0968 0x1b90  RasMan - ok
20:28:36.0015 0x1b90  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:28:36.0015 0x1b90  RasPppoe - ok
20:28:36.0046 0x1b90  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:28:36.0046 0x1b90  RasSstp - ok
20:28:36.0093 0x1b90  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:28:36.0124 0x1b90  rdbss - ok
20:28:36.0155 0x1b90  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:28:36.0155 0x1b90  rdpbus - ok
20:28:36.0186 0x1b90  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:28:36.0202 0x1b90  RDPCDD - ok
20:28:36.0218 0x1b90  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:28:36.0218 0x1b90  RDPENCDD - ok
20:28:36.0233 0x1b90  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:28:36.0249 0x1b90  RDPREFMP - ok
20:28:36.0327 0x1b90  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:28:36.0327 0x1b90  RdpVideoMiniport - ok
20:28:36.0374 0x1b90  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:28:36.0405 0x1b90  RDPWD - ok
20:28:36.0452 0x1b90  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:28:36.0467 0x1b90  rdyboost - ok
20:28:36.0514 0x1b90  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:28:36.0514 0x1b90  RemoteAccess - ok
20:28:36.0561 0x1b90  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:28:36.0592 0x1b90  RemoteRegistry - ok
20:28:36.0639 0x1b90  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:28:36.0654 0x1b90  RFCOMM - ok
20:28:36.0670 0x1b90  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:28:36.0686 0x1b90  RpcEptMapper - ok
20:28:36.0732 0x1b90  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:28:36.0732 0x1b90  RpcLocator - ok
20:28:36.0795 0x1b90  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:28:36.0826 0x1b90  RpcSs - ok
20:28:36.0888 0x1b90  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:28:36.0904 0x1b90  rspndr - ok
20:28:36.0966 0x1b90  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:28:37.0029 0x1b90  RTL8167 - ok
20:28:37.0060 0x1b90  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
20:28:37.0060 0x1b90  SamSs - ok
20:28:37.0091 0x1b90  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:28:37.0107 0x1b90  sbp2port - ok
20:28:37.0138 0x1b90  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:28:37.0169 0x1b90  SCardSvr - ok
20:28:37.0216 0x1b90  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:28:37.0232 0x1b90  scfilter - ok
20:28:37.0341 0x1b90  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:28:37.0434 0x1b90  Schedule - ok
20:28:37.0466 0x1b90  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:28:37.0481 0x1b90  SCPolicySvc - ok
20:28:37.0544 0x1b90  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
20:28:37.0559 0x1b90  sdbus - ok
20:28:37.0606 0x1b90  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:28:37.0622 0x1b90  SDRSVC - ok
20:28:37.0871 0x1b90  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:28:37.0980 0x1b90  SDScannerService - ok
20:28:38.0183 0x1b90  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:28:38.0308 0x1b90  SDUpdateService - ok
20:28:38.0339 0x1b90  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:28:38.0355 0x1b90  SDWSCService - ok
20:28:38.0402 0x1b90  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:28:38.0402 0x1b90  secdrv - ok
20:28:38.0433 0x1b90  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:28:38.0433 0x1b90  seclogon - ok
20:28:38.0464 0x1b90  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:28:38.0480 0x1b90  SENS - ok
20:28:38.0511 0x1b90  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:28:38.0511 0x1b90  SensrSvc - ok
20:28:38.0526 0x1b90  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:28:38.0542 0x1b90  Serenum - ok
20:28:38.0573 0x1b90  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:28:38.0573 0x1b90  Serial - ok
20:28:38.0620 0x1b90  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:28:38.0620 0x1b90  sermouse - ok
20:28:38.0682 0x1b90  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:28:38.0698 0x1b90  SessionEnv - ok
20:28:38.0729 0x1b90  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:28:38.0729 0x1b90  sffdisk - ok
20:28:38.0745 0x1b90  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:28:38.0745 0x1b90  sffp_mmc - ok
20:28:38.0760 0x1b90  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:28:38.0760 0x1b90  sffp_sd - ok
20:28:38.0792 0x1b90  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:28:38.0792 0x1b90  sfloppy - ok
20:28:38.0838 0x1b90  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:28:38.0916 0x1b90  SharedAccess - ok
20:28:38.0963 0x1b90  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:28:39.0026 0x1b90  ShellHWDetection - ok
20:28:39.0057 0x1b90  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:28:39.0057 0x1b90  SiSRaid2 - ok
20:28:39.0088 0x1b90  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:28:39.0088 0x1b90  SiSRaid4 - ok
20:28:39.0135 0x1b90  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:28:39.0135 0x1b90  Smb - ok
20:28:39.0182 0x1b90  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:28:39.0197 0x1b90  SNMPTRAP - ok
20:28:39.0213 0x1b90  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:28:39.0213 0x1b90  spldr - ok
20:28:39.0291 0x1b90  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:28:39.0353 0x1b90  Spooler - ok
20:28:39.0634 0x1b90  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:28:39.0899 0x1b90  sppsvc - ok
20:28:39.0930 0x1b90  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:28:39.0946 0x1b90  sppuinotify - ok
20:28:40.0040 0x1b90  [ D630B6F2E8379B6F10DC16E82A426552, 9F7949B11BCEF55B38119ED45BD92117A8551BEC8A2BCD88EA89707C48120F1B ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
20:28:40.0055 0x1b90  sprtsvc_DellSupportCenter - ok
20:28:40.0133 0x1b90  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:28:40.0149 0x1b90  SQLWriter - ok
20:28:40.0211 0x1b90  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:28:40.0258 0x1b90  srv - ok
20:28:40.0305 0x1b90  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:28:40.0352 0x1b90  srv2 - ok
20:28:40.0383 0x1b90  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:28:40.0398 0x1b90  srvnet - ok
20:28:40.0445 0x1b90  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:28:40.0492 0x1b90  SSDPSRV - ok
20:28:40.0508 0x1b90  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:28:40.0523 0x1b90  SstpSvc - ok
20:28:40.0648 0x1b90  [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
20:28:40.0695 0x1b90  STacSV - ok
20:28:40.0710 0x1b90  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:28:40.0726 0x1b90  stexstor - ok
20:28:40.0773 0x1b90  [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:28:40.0820 0x1b90  STHDA - ok
20:28:40.0851 0x1b90  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
20:28:40.0851 0x1b90  StillCam - ok
20:28:40.0944 0x1b90  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:28:41.0007 0x1b90  stisvc - ok
20:28:41.0038 0x1b90  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:28:41.0054 0x1b90  swenum - ok
20:28:41.0132 0x1b90  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:28:41.0194 0x1b90  swprv - ok
20:28:41.0256 0x1b90  [ 39D4B4343BA70E4B32C4531BD075B9F6, B062537E7E3E95BD8E240A56ACABBB0CF05CE291AC93442B2C2A51AC291C291B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:28:41.0288 0x1b90  SynTP - ok
20:28:41.0444 0x1b90  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:28:41.0600 0x1b90  SysMain - ok
20:28:41.0631 0x1b90  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:28:41.0646 0x1b90  TabletInputService - ok
20:28:41.0693 0x1b90  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:28:41.0740 0x1b90  TapiSrv - ok
20:28:41.0787 0x1b90  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:28:41.0802 0x1b90  TBS - ok
20:28:41.0990 0x1b90  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:28:42.0130 0x1b90  Tcpip - ok
20:28:42.0286 0x1b90  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:28:42.0411 0x1b90  TCPIP6 - ok
20:28:42.0442 0x1b90  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:28:42.0458 0x1b90  tcpipreg - ok
20:28:42.0489 0x1b90  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:28:42.0489 0x1b90  TDPIPE - ok
20:28:42.0520 0x1b90  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:28:42.0520 0x1b90  TDTCP - ok
20:28:42.0567 0x1b90  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:28:42.0582 0x1b90  tdx - ok
20:28:42.0614 0x1b90  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:28:42.0629 0x1b90  TermDD - ok
20:28:42.0707 0x1b90  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:28:42.0770 0x1b90  TermService - ok
20:28:42.0816 0x1b90  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:28:42.0816 0x1b90  Themes - ok
20:28:42.0848 0x1b90  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:28:42.0863 0x1b90  THREADORDER - ok
20:28:42.0894 0x1b90  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:28:42.0910 0x1b90  TrkWks - ok
20:28:42.0957 0x1b90  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:28:42.0972 0x1b90  TrustedInstaller - ok
20:28:43.0019 0x1b90  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:28:43.0035 0x1b90  tssecsrv - ok
20:28:43.0097 0x1b90  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:28:43.0097 0x1b90  TsUsbFlt - ok
20:28:43.0128 0x1b90  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:28:43.0144 0x1b90  tunnel - ok
20:28:43.0191 0x1b90  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
20:28:43.0191 0x1b90  TurboB - ok
20:28:43.0238 0x1b90  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:28:43.0253 0x1b90  TurboBoost - ok
20:28:43.0300 0x1b90  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:28:43.0300 0x1b90  uagp35 - ok
20:28:43.0347 0x1b90  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:28:43.0378 0x1b90  udfs - ok
20:28:43.0440 0x1b90  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:28:43.0440 0x1b90  UI0Detect - ok
20:28:43.0487 0x1b90  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:28:43.0487 0x1b90  uliagpkx - ok
20:28:43.0534 0x1b90  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
20:28:43.0534 0x1b90  umbus - ok
20:28:43.0565 0x1b90  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:28:43.0565 0x1b90  UmPass - ok
20:28:43.0815 0x1b90  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:28:43.0955 0x1b90  UNS - ok
20:28:44.0018 0x1b90  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:28:44.0064 0x1b90  upnphost - ok
20:28:44.0127 0x1b90  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:28:44.0142 0x1b90  usbccgp - ok
20:28:44.0189 0x1b90  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:28:44.0189 0x1b90  usbcir - ok
20:28:44.0205 0x1b90  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:28:44.0220 0x1b90  usbehci - ok
20:28:44.0267 0x1b90  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:28:44.0314 0x1b90  usbhub - ok
20:28:44.0330 0x1b90  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:28:44.0330 0x1b90  usbohci - ok
20:28:44.0361 0x1b90  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:28:44.0361 0x1b90  usbprint - ok
20:28:44.0392 0x1b90  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:28:44.0408 0x1b90  USBSTOR - ok
20:28:44.0423 0x1b90  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:28:44.0423 0x1b90  usbuhci - ok
20:28:44.0501 0x1b90  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:28:44.0517 0x1b90  usbvideo - ok
20:28:44.0548 0x1b90  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:28:44.0564 0x1b90  UxSms - ok
20:28:44.0579 0x1b90  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
20:28:44.0595 0x1b90  VaultSvc - ok
20:28:44.0626 0x1b90  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:28:44.0626 0x1b90  vdrvroot - ok
20:28:44.0720 0x1b90  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:28:44.0766 0x1b90  vds - ok
20:28:44.0813 0x1b90  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:28:44.0813 0x1b90  vga - ok
20:28:44.0829 0x1b90  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:28:44.0844 0x1b90  VgaSave - ok
20:28:44.0891 0x1b90  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:28:44.0922 0x1b90  vhdmp - ok
20:28:44.0954 0x1b90  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:28:44.0954 0x1b90  viaide - ok
20:28:45.0000 0x1b90  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:28:45.0016 0x1b90  volmgr - ok
20:28:45.0063 0x1b90  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:28:45.0110 0x1b90  volmgrx - ok
20:28:45.0156 0x1b90  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:28:45.0172 0x1b90  volsnap - ok
20:28:45.0219 0x1b90  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:28:45.0234 0x1b90  vsmraid - ok
20:28:45.0390 0x1b90  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:28:45.0562 0x1b90  VSS - ok
20:28:45.0593 0x1b90  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:28:45.0593 0x1b90  vwifibus - ok
20:28:45.0624 0x1b90  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:28:45.0640 0x1b90  vwififlt - ok
20:28:45.0687 0x1b90  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:28:45.0749 0x1b90  W32Time - ok
20:28:45.0765 0x1b90  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:28:45.0765 0x1b90  WacomPen - ok
20:28:45.0827 0x1b90  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:28:45.0827 0x1b90  WANARP - ok
20:28:45.0843 0x1b90  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:28:45.0843 0x1b90  Wanarpv6 - ok
20:28:45.0999 0x1b90  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:28:46.0092 0x1b90  WatAdminSvc - ok
20:28:46.0248 0x1b90  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:28:46.0373 0x1b90  wbengine - ok
20:28:46.0436 0x1b90  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:28:46.0482 0x1b90  WbioSrvc - ok
20:28:46.0545 0x1b90  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:28:46.0607 0x1b90  wcncsvc - ok
20:28:46.0623 0x1b90  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:28:46.0638 0x1b90  WcsPlugInService - ok
20:28:46.0670 0x1b90  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:28:46.0670 0x1b90  Wd - ok
20:28:46.0701 0x1b90  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
20:28:46.0701 0x1b90  WDC_SAM - ok
20:28:46.0779 0x1b90  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:28:46.0857 0x1b90  Wdf01000 - ok
20:28:46.0904 0x1b90  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:28:46.0919 0x1b90  WdiServiceHost - ok
20:28:46.0935 0x1b90  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:28:46.0950 0x1b90  WdiSystemHost - ok
20:28:46.0997 0x1b90  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:28:47.0044 0x1b90  WebClient - ok
20:28:47.0091 0x1b90  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:28:47.0122 0x1b90  Wecsvc - ok
20:28:47.0153 0x1b90  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:28:47.0153 0x1b90  wercplsupport - ok
20:28:47.0200 0x1b90  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:28:47.0216 0x1b90  WerSvc - ok
20:28:47.0262 0x1b90  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:28:47.0262 0x1b90  WfpLwf - ok
20:28:47.0294 0x1b90  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
20:28:47.0309 0x1b90  WimFltr - ok
20:28:47.0325 0x1b90  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:28:47.0325 0x1b90  WIMMount - ok
20:28:47.0356 0x1b90  WinDefend - ok
20:28:47.0372 0x1b90  WinHttpAutoProxySvc - ok
20:28:47.0450 0x1b90  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:28:47.0481 0x1b90  Winmgmt - ok
20:28:47.0668 0x1b90  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
20:28:47.0840 0x1b90  WinRM - ok
20:28:47.0933 0x1b90  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
20:28:47.0933 0x1b90  WinUsb - ok
20:28:48.0027 0x1b90  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:28:48.0105 0x1b90  Wlansvc - ok
20:28:48.0183 0x1b90  [ 13B0A570E1AE451C92DA550085D72CF3, 4C67F000EE65B3B1DF17D228C93E9F2D3E13EAB2FD125806A16F70FF365097AC ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
20:28:48.0183 0x1b90  wltrysvc - ok
20:28:48.0230 0x1b90  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:28:48.0230 0x1b90  WmiAcpi - ok
20:28:48.0292 0x1b90  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:28:48.0308 0x1b90  wmiApSrv - ok
20:28:48.0339 0x1b90  WMPNetworkSvc - ok
20:28:48.0386 0x1b90  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:28:48.0386 0x1b90  WPCSvc - ok
20:28:48.0417 0x1b90  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:28:48.0432 0x1b90  WPDBusEnum - ok
20:28:48.0464 0x1b90  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:28:48.0464 0x1b90  ws2ifsl - ok
20:28:48.0495 0x1b90  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:28:48.0510 0x1b90  wscsvc - ok
20:28:48.0510 0x1b90  WSearch - ok
20:28:48.0744 0x1b90  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:28:48.0963 0x1b90  wuauserv - ok
20:28:49.0010 0x1b90  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:28:49.0010 0x1b90  WudfPf - ok
20:28:49.0056 0x1b90  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
20:28:49.0088 0x1b90  WUDFRd - ok
20:28:49.0119 0x1b90  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:28:49.0134 0x1b90  wudfsvc - ok
20:28:49.0197 0x1b90  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:28:49.0244 0x1b90  WwanSvc - ok
20:28:49.0275 0x1b90  ================ Scan global ===============================
20:28:49.0306 0x1b90  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:28:49.0353 0x1b90  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
20:28:49.0415 0x1b90  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
20:28:49.0478 0x1b90  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:28:49.0540 0x1b90  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:28:49.0587 0x1b90  [ Global ] - ok
20:28:49.0587 0x1b90  ================ Scan MBR ==================================
20:28:49.0602 0x1b90  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:28:50.0008 0x1b90  \Device\Harddisk0\DR0 - ok
20:28:50.0024 0x1b90  ================ Scan VBR ==================================
20:28:50.0024 0x1b90  [ 089D94935EC1C9AA71255D8CFD0912EF ] \Device\Harddisk0\DR0\Partition1
20:28:50.0024 0x1b90  \Device\Harddisk0\DR0\Partition1 - ok
20:28:50.0039 0x1b90  [ B63F2A8383437B9CA1071E1E4386EC23 ] \Device\Harddisk0\DR0\Partition2
20:28:50.0039 0x1b90  \Device\Harddisk0\DR0\Partition2 - ok
20:28:50.0070 0x1b90  [ E81A6CCC7E485881D0C279BE0D840D23 ] \Device\Harddisk0\DR0\Partition3
20:28:50.0070 0x1b90  \Device\Harddisk0\DR0\Partition3 - ok
20:28:50.0086 0x1b90  [ 4E19785CF593AE5235588BEFA24D98BD ] \Device\Harddisk0\DR0\Partition4
20:28:50.0086 0x1b90  \Device\Harddisk0\DR0\Partition4 - ok
20:28:50.0102 0x1b90  ================ Scan generic autorun ======================
20:28:50.0102 0x1b90  SynTPEnh - ok
20:28:50.0195 0x1b90  [ 023C55185495F1066F4C7F893658C4ED, 12DB663D56DEE1F54029F02BA68DE52BB6A18E5022DC4AA4435D773125D09A22 ] C:\Program Files\IDT\WDM\sttray64.exe
20:28:50.0226 0x1b90  SysTrayApp - ok
20:28:50.0616 0x1b90  [ 1F83CB91A9830038DBE7CD1BA1921205, 8F03FE85B864DF531768B877E90250420B4687B76CEB955E641FD39BE39DF820 ] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
20:28:50.0991 0x1b90  Broadcom Wireless Manager UI - ok
20:28:51.0084 0x1b90  [ 8664A66550C2803271243367594F5F2B, ACB5B154567A01CD3B084E885390238074B146B1D2339A385BD57C7704DDBCE9 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:28:51.0100 0x1b90  StartCCC - ok
20:28:51.0412 0x1b90  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
20:28:51.0662 0x1b90  SDTray - ok
20:28:51.0786 0x1b90  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:28:51.0833 0x1b90  avgnt - ok
20:28:51.0958 0x1b90  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:28:52.0052 0x1b90  Sidebar - ok
20:28:52.0098 0x1b90  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:28:52.0098 0x1b90  mctadmin - ok
20:28:52.0192 0x1b90  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:28:52.0254 0x1b90  Sidebar - ok
20:28:52.0270 0x1b90  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:28:52.0286 0x1b90  mctadmin - ok
20:28:52.0941 0x1b90  [ 09266319529C342813EA013E24200568, DEC1DCC14CD08304CF502FE4AD5CC188982705BF7D642A8E0EA239F6CB0CE57D ] C:\Program Files\CCleaner\CCleaner64.exe
20:28:53.0440 0x1b90  CCleaner Monitoring - ok
20:28:53.0471 0x1b90  Waiting for KSN requests completion. In queue: 92
20:28:54.0485 0x1b90  Waiting for KSN requests completion. In queue: 92
20:28:55.0499 0x1b90  Waiting for KSN requests completion. In queue: 92
20:28:56.0544 0x1b90  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
20:28:56.0560 0x1b90  Win FW state via NFP2: enabled ( trusted )
20:28:59.0368 0x1b90  ============================================================
20:28:59.0368 0x1b90  Scan finished
20:28:59.0368 0x1b90  ============================================================
20:28:59.0384 0x0158  Detected object count: 0
20:28:59.0384 0x0158  Actual detected object count: 0

qwery · 25.07.2015, 15:10

Und Teil 2

Code:

ATTFilter

20:37:17.0165 0x1a1c  ============================================================
20:37:17.0165 0x1a1c  Scan started
20:37:17.0165 0x1a1c  Mode: Manual; SigCheck; TDLFS; 
20:37:17.0165 0x1a1c  ============================================================
20:37:17.0165 0x1a1c  KSN ping started
20:37:22.0906 0x1a1c  KSN ping finished: true
20:37:23.0857 0x1a1c  ================ Scan system memory ========================
20:37:23.0857 0x1a1c  System memory - ok
20:37:23.0857 0x1a1c  ================ Scan services =============================
20:37:24.0013 0x1a1c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
20:37:24.0169 0x1a1c  1394ohci - ok
20:37:24.0201 0x1a1c  [ C49C56B35BFC6CDA8D1FDCAD2885568F, 60F80C51928C9332AA1DD50197FAD2A818FDCAE9DCCA07EE85FA1C15ACF8CF2A ] Acceler         C:\Windows\system32\DRIVERS\Acceler.sys
20:37:24.0232 0x1a1c  Acceler - ok
20:37:24.0279 0x1a1c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
20:37:24.0341 0x1a1c  ACPI - ok
20:37:24.0372 0x1a1c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
20:37:24.0466 0x1a1c  AcpiPmi - ok
20:37:24.0575 0x1a1c  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:37:24.0606 0x1a1c  AdobeARMservice - ok
20:37:24.0684 0x1a1c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
20:37:24.0762 0x1a1c  adp94xx - ok
20:37:24.0809 0x1a1c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
20:37:24.0871 0x1a1c  adpahci - ok
20:37:24.0903 0x1a1c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
20:37:24.0965 0x1a1c  adpu320 - ok
20:37:24.0996 0x1a1c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:37:25.0074 0x1a1c  AeLookupSvc - ok
20:37:25.0183 0x1a1c  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
20:37:25.0246 0x1a1c  AESTFilters - ok
20:37:25.0324 0x1a1c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
20:37:25.0464 0x1a1c  AFD - ok
20:37:25.0511 0x1a1c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
20:37:25.0542 0x1a1c  agp440 - ok
20:37:25.0589 0x1a1c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
20:37:25.0652 0x1a1c  ALG - ok
20:37:25.0683 0x1a1c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:37:25.0714 0x1a1c  aliide - ok
20:37:25.0761 0x1a1c  [ 568C61DBDA2D9F1AFDAC58771E313AFE, 5E45CBB15FEB145D8360674D50C85D06A0DE9345A9589F3BD979A96D24410AAF ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
20:37:25.0854 0x1a1c  AMD External Events Utility - ok
20:37:25.0886 0x1a1c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:37:25.0917 0x1a1c  amdide - ok
20:37:25.0948 0x1a1c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
20:37:26.0010 0x1a1c  AmdK8 - ok
20:37:26.0026 0x1a1c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
20:37:26.0088 0x1a1c  AmdPPM - ok
20:37:26.0120 0x1a1c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
20:37:26.0151 0x1a1c  amdsata - ok
20:37:26.0182 0x1a1c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
20:37:26.0229 0x1a1c  amdsbs - ok
20:37:26.0260 0x1a1c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
20:37:26.0291 0x1a1c  amdxata - ok
20:37:26.0432 0x1a1c  [ 9FE1AC875A7AD7B7FF28FEC8B754968D, EEE04D4073E49332C85028B62E8A035EAA2284526A3F3820133492C8F8CBA3D5 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:37:26.0572 0x1a1c  AntiVirMailService - ok
20:37:26.0634 0x1a1c  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:37:26.0712 0x1a1c  AntiVirSchedulerService - ok
20:37:26.0775 0x1a1c  [ 58FB167B287CAA05F7DD5AA1018FD52C, D9EB68E1C2B99E5F59A0DA4C9FA46E15C6E470F7445E232C03C82790F546A6AA ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:37:26.0837 0x1a1c  AntiVirService - ok
20:37:26.0962 0x1a1c  [ F857D22CEC14854D310C5596C8CE6006, 67448C506D3171D327A6CE3952E41BDC65587FEB45F510160A1DAFCA9491711E ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:37:27.0087 0x1a1c  AntiVirWebService - ok
20:37:27.0118 0x1a1c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
20:37:27.0180 0x1a1c  AppID - ok
20:37:27.0196 0x1a1c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
20:37:27.0243 0x1a1c  AppIDSvc - ok
20:37:27.0290 0x1a1c  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
20:37:27.0336 0x1a1c  Appinfo - ok
20:37:27.0368 0x1a1c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
20:37:27.0414 0x1a1c  arc - ok
20:37:27.0430 0x1a1c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
20:37:27.0477 0x1a1c  arcsas - ok
20:37:27.0586 0x1a1c  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:37:27.0633 0x1a1c  aspnet_state - ok
20:37:27.0648 0x1a1c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:37:27.0882 0x1a1c  AsyncMac - ok
20:37:27.0914 0x1a1c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
20:37:27.0976 0x1a1c  atapi - ok
20:37:28.0007 0x1a1c  [ D481083348138B4933ACFE95812DB71C, 62B8B1C844FCF6CF3FC8987A3B0963FEB1DFD28D9F977BDFD04DA7F358CBF0F6 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
20:37:28.0038 0x1a1c  AtiHdmiService - ok
20:37:28.0522 0x1a1c  [ B579364CE413C6B8FCB8A594CC4C48EE, 33C419ED56BB59C3A749EF51754C7FC9630FD3F93DE5AF766FB2803831660E91 ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
20:37:29.0068 0x1a1c  atikmdag - ok
20:37:29.0193 0x1a1c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:37:29.0302 0x1a1c  AudioEndpointBuilder - ok
20:37:29.0364 0x1a1c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
20:37:29.0458 0x1a1c  AudioSrv - ok
20:37:29.0505 0x1a1c  [ 24843902369DC82B4691F816F08F2938, 330E22C6007B10FE9C232BBCA2F388ADA17DEDBAA11BEC2A70377A4466DFB6FA ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
20:37:29.0552 0x1a1c  avgntflt - ok
20:37:29.0598 0x1a1c  [ 043E5F34C3878C844568658B79B3E55C, D13D8FC5205562E02F252C0EE1AB2236C9212445D6EC3715041EBDF993CB467F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
20:37:29.0645 0x1a1c  avipbb - ok
20:37:29.0723 0x1a1c  [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
20:37:29.0770 0x1a1c  Avira.ServiceHost - ok
20:37:29.0817 0x1a1c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
20:37:29.0848 0x1a1c  avkmgr - ok
20:37:29.0895 0x1a1c  [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
20:37:29.0926 0x1a1c  avnetflt - ok
20:37:29.0973 0x1a1c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
20:37:30.0082 0x1a1c  AxInstSV - ok
20:37:30.0160 0x1a1c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
20:37:30.0254 0x1a1c  b06bdrv - ok
20:37:30.0300 0x1a1c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
20:37:30.0363 0x1a1c  b57nd60a - ok
20:37:30.0394 0x1a1c  [ E001DD475A7C27EBE5A0DB45C11BAD71, BA6A13E49F30BBBAB9FB0C7686FA6FD0376D506A51CEDB2829E3EF3C728394BA ] BCM42RLY        C:\Windows\system32\drivers\BCM42RLY.sys
20:37:30.0425 0x1a1c  BCM42RLY - ok
20:37:30.0659 0x1a1c  [ F4CD5F52850BF2C978DE178F256BA372, E9716E32A086A7B015A54C0D35DB2AC9E6F142015E1BEAF2730EE2CE0777FC8D ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
20:37:30.0909 0x1a1c  BCM43XX - ok
20:37:30.0971 0x1a1c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
20:37:31.0034 0x1a1c  BDESVC - ok
20:37:31.0049 0x1a1c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:37:31.0174 0x1a1c  Beep - ok
20:37:31.0252 0x1a1c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
20:37:31.0377 0x1a1c  BFE - ok
20:37:31.0470 0x1a1c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
20:37:31.0829 0x1a1c  BITS - ok
20:37:31.0860 0x1a1c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
20:37:31.0907 0x1a1c  blbdrive - ok
20:37:31.0954 0x1a1c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:37:32.0016 0x1a1c  bowser - ok
20:37:32.0048 0x1a1c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:37:32.0094 0x1a1c  BrFiltLo - ok
20:37:32.0110 0x1a1c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:37:32.0157 0x1a1c  BrFiltUp - ok
20:37:32.0188 0x1a1c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
20:37:32.0250 0x1a1c  Browser - ok
20:37:32.0313 0x1a1c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
20:37:32.0391 0x1a1c  Brserid - ok
20:37:32.0406 0x1a1c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
20:37:32.0469 0x1a1c  BrSerWdm - ok
20:37:32.0500 0x1a1c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
20:37:32.0562 0x1a1c  BrUsbMdm - ok
20:37:32.0578 0x1a1c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
20:37:32.0640 0x1a1c  BrUsbSer - ok
20:37:32.0672 0x1a1c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
20:37:32.0718 0x1a1c  BthEnum - ok
20:37:32.0734 0x1a1c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
20:37:32.0796 0x1a1c  BTHMODEM - ok
20:37:32.0828 0x1a1c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
20:37:32.0890 0x1a1c  BthPan - ok
20:37:32.0952 0x1a1c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
20:37:33.0030 0x1a1c  BTHPORT - ok
20:37:33.0077 0x1a1c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
20:37:33.0218 0x1a1c  bthserv - ok
20:37:33.0233 0x1a1c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
20:37:33.0296 0x1a1c  BTHUSB - ok
20:37:33.0327 0x1a1c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:37:33.0452 0x1a1c  cdfs - ok
20:37:33.0498 0x1a1c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:37:33.0561 0x1a1c  cdrom - ok
20:37:33.0608 0x1a1c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
20:37:33.0748 0x1a1c  CertPropSvc - ok
20:37:33.0779 0x1a1c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
20:37:33.0826 0x1a1c  circlass - ok
20:37:33.0888 0x1a1c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
20:37:33.0951 0x1a1c  CLFS - ok
20:37:34.0029 0x1a1c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:37:34.0060 0x1a1c  clr_optimization_v2.0.50727_32 - ok
20:37:34.0107 0x1a1c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:37:34.0154 0x1a1c  clr_optimization_v2.0.50727_64 - ok
20:37:34.0216 0x1a1c  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:37:34.0263 0x1a1c  clr_optimization_v4.0.30319_32 - ok
20:37:34.0294 0x1a1c  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:37:34.0341 0x1a1c  clr_optimization_v4.0.30319_64 - ok
20:37:34.0356 0x1a1c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
20:37:34.0403 0x1a1c  CmBatt - ok
20:37:34.0434 0x1a1c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:37:34.0466 0x1a1c  cmdide - ok
20:37:34.0528 0x1a1c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
20:37:34.0637 0x1a1c  CNG - ok
20:37:34.0684 0x1a1c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
20:37:34.0715 0x1a1c  Compbatt - ok
20:37:34.0762 0x1a1c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
20:37:34.0809 0x1a1c  CompositeBus - ok
20:37:34.0824 0x1a1c  COMSysApp - ok
20:37:34.0840 0x1a1c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
20:37:34.0871 0x1a1c  crcdisk - ok
20:37:34.0934 0x1a1c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:37:34.0996 0x1a1c  CryptSvc - ok
20:37:34.0996 0x1a1c  CtClsFlt - ok
20:37:35.0074 0x1a1c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:37:35.0246 0x1a1c  DcomLaunch - ok
20:37:35.0308 0x1a1c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
20:37:35.0448 0x1a1c  defragsvc - ok
20:37:35.0495 0x1a1c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:37:35.0620 0x1a1c  DfsC - ok
20:37:35.0667 0x1a1c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
20:37:35.0760 0x1a1c  Dhcp - ok
20:37:35.0885 0x1a1c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
20:37:36.0057 0x1a1c  DiagTrack - ok
20:37:36.0213 0x1a1c  [ D296B8179E43714B28245CF0243D48AB, 2D6A0A00343F11C2882DDD09AC20F9198861716576F0B63D991370D4C931F1D6 ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
20:37:36.0338 0x1a1c  Disc Soft Lite Bus Service - ok
20:37:36.0384 0x1a1c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
20:37:36.0525 0x1a1c  discache - ok
20:37:36.0556 0x1a1c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
20:37:36.0603 0x1a1c  Disk - ok
20:37:36.0634 0x1a1c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:37:36.0696 0x1a1c  Dnscache - ok
20:37:36.0759 0x1a1c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
20:37:36.0915 0x1a1c  dot3svc - ok
20:37:36.0962 0x1a1c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
20:37:37.0102 0x1a1c  DPS - ok
20:37:37.0149 0x1a1c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:37:37.0383 0x1a1c  drmkaud - ok
20:37:37.0430 0x1a1c  [ 080598EFE474B7A28D7260C3AC389E36, FB2862EFF05CCF60FA967DA1C3F3E5188D17D6040476684A393A03DAE3DBC92A ] dtlitescsibus   C:\Windows\system32\DRIVERS\dtlitescsibus.sys
20:37:37.0461 0x1a1c  dtlitescsibus - ok
20:37:37.0570 0x1a1c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:37:37.0695 0x1a1c  DXGKrnl - ok
20:37:37.0726 0x1a1c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
20:37:37.0866 0x1a1c  EapHost - ok
20:37:38.0147 0x1a1c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
20:37:38.0506 0x1a1c  ebdrv - ok
20:37:38.0615 0x1a1c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
20:37:38.0662 0x1a1c  EFS - ok
20:37:38.0771 0x1a1c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:37:38.0912 0x1a1c  ehRecvr - ok
20:37:38.0958 0x1a1c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
20:37:39.0021 0x1a1c  ehSched - ok
20:37:39.0083 0x1a1c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
20:37:39.0161 0x1a1c  elxstor - ok
20:37:39.0208 0x1a1c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
20:37:39.0239 0x1a1c  ErrDev - ok
20:37:39.0302 0x1a1c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
20:37:39.0489 0x1a1c  EventSystem - ok
20:37:39.0536 0x1a1c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:37:39.0692 0x1a1c  exfat - ok
20:37:39.0723 0x1a1c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:37:39.0879 0x1a1c  fastfat - ok
20:37:39.0972 0x1a1c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
20:37:40.0097 0x1a1c  Fax - ok
20:37:40.0128 0x1a1c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:37:40.0175 0x1a1c  fdc - ok
20:37:40.0222 0x1a1c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
20:37:40.0347 0x1a1c  fdPHost - ok
20:37:40.0362 0x1a1c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:37:40.0518 0x1a1c  FDResPub - ok
20:37:40.0550 0x1a1c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:37:40.0596 0x1a1c  FileInfo - ok
20:37:40.0628 0x1a1c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:37:40.0752 0x1a1c  Filetrace - ok
20:37:40.0784 0x1a1c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:37:40.0830 0x1a1c  flpydisk - ok
20:37:40.0893 0x1a1c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:37:40.0955 0x1a1c  FltMgr - ok
20:37:41.0064 0x1a1c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
20:37:41.0267 0x1a1c  FontCache - ok
20:37:41.0314 0x1a1c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:37:41.0345 0x1a1c  FontCache3.0.0.0 - ok
20:37:41.0361 0x1a1c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
20:37:41.0408 0x1a1c  FsDepends - ok
20:37:41.0439 0x1a1c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:37:41.0486 0x1a1c  Fs_Rec - ok
20:37:41.0532 0x1a1c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
20:37:41.0595 0x1a1c  fvevol - ok
20:37:41.0610 0x1a1c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
20:37:41.0657 0x1a1c  gagp30kx - ok
20:37:41.0735 0x1a1c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
20:37:41.0954 0x1a1c  gpsvc - ok
20:37:41.0969 0x1a1c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
20:37:42.0032 0x1a1c  hcw85cir - ok
20:37:42.0063 0x1a1c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
20:37:42.0141 0x1a1c  HDAudBus - ok
20:37:42.0188 0x1a1c  [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
20:37:42.0219 0x1a1c  HECIx64 - ok
20:37:42.0250 0x1a1c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
20:37:42.0281 0x1a1c  HidBatt - ok
20:37:42.0312 0x1a1c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
20:37:42.0375 0x1a1c  HidBth - ok
20:37:42.0390 0x1a1c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
20:37:42.0437 0x1a1c  HidIr - ok
20:37:42.0484 0x1a1c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
20:37:42.0624 0x1a1c  hidserv - ok
20:37:42.0656 0x1a1c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:37:42.0718 0x1a1c  HidUsb - ok
20:37:42.0749 0x1a1c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:37:42.0874 0x1a1c  hkmsvc - ok
20:37:42.0921 0x1a1c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:37:43.0030 0x1a1c  HomeGroupListener - ok
20:37:43.0077 0x1a1c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:37:43.0155 0x1a1c  HomeGroupProvider - ok
20:37:43.0217 0x1a1c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
20:37:43.0248 0x1a1c  HpSAMD - ok
20:37:43.0342 0x1a1c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:37:43.0467 0x1a1c  HTTP - ok
20:37:43.0498 0x1a1c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
20:37:43.0529 0x1a1c  hwpolicy - ok
20:37:43.0576 0x1a1c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
20:37:43.0623 0x1a1c  i8042prt - ok
20:37:43.0685 0x1a1c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
20:37:43.0763 0x1a1c  iaStorV - ok
20:37:43.0888 0x1a1c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:37:44.0013 0x1a1c  idsvc - ok
20:37:44.0028 0x1a1c  IEEtwCollectorService - ok
20:37:44.0060 0x1a1c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
20:37:44.0106 0x1a1c  iirsp - ok
20:37:44.0184 0x1a1c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
20:37:44.0325 0x1a1c  IKEEXT - ok
20:37:44.0372 0x1a1c  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
20:37:44.0418 0x1a1c  Impcd - ok
20:37:44.0450 0x1a1c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
20:37:44.0481 0x1a1c  intelide - ok
20:37:44.0512 0x1a1c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:37:44.0559 0x1a1c  intelppm - ok
20:37:44.0606 0x1a1c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:37:44.0746 0x1a1c  IPBusEnum - ok
20:37:44.0793 0x1a1c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:37:44.0933 0x1a1c  IpFilterDriver - ok
20:37:45.0011 0x1a1c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
20:37:45.0136 0x1a1c  iphlpsvc - ok
20:37:45.0183 0x1a1c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
20:37:45.0214 0x1a1c  IPMIDRV - ok
20:37:45.0261 0x1a1c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
20:37:45.0401 0x1a1c  IPNAT - ok
20:37:45.0448 0x1a1c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:37:45.0495 0x1a1c  IRENUM - ok
20:37:45.0510 0x1a1c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:37:45.0557 0x1a1c  isapnp - ok
20:37:45.0604 0x1a1c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
20:37:45.0682 0x1a1c  iScsiPrt - ok
20:37:45.0713 0x1a1c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:37:45.0744 0x1a1c  kbdclass - ok
20:37:45.0776 0x1a1c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:37:45.0854 0x1a1c  kbdhid - ok
20:37:45.0869 0x1a1c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
20:37:45.0916 0x1a1c  KeyIso - ok
20:37:45.0963 0x1a1c  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:37:46.0010 0x1a1c  KSecDD - ok
20:37:46.0041 0x1a1c  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
20:37:46.0088 0x1a1c  KSecPkg - ok
20:37:46.0119 0x1a1c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
20:37:46.0244 0x1a1c  ksthunk - ok
20:37:46.0306 0x1a1c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:37:46.0462 0x1a1c  KtmRm - ok
20:37:46.0509 0x1a1c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
20:37:46.0696 0x1a1c  LanmanServer - ok
20:37:46.0743 0x1a1c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:37:46.0883 0x1a1c  LanmanWorkstation - ok
20:37:46.0914 0x1a1c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:37:47.0039 0x1a1c  lltdio - ok
20:37:47.0086 0x1a1c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:37:47.0273 0x1a1c  lltdsvc - ok
20:37:47.0289 0x1a1c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:37:47.0429 0x1a1c  lmhosts - ok
20:37:47.0507 0x1a1c  [ 7485FBCEF9136F530953575E2977859D, 5A6A67EE407C6ECE637C2B2AC21259BB86D032E47CE59F77AAF48D687B74CFCB ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:37:47.0538 0x1a1c  LMS - ok
20:37:47.0570 0x1a1c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
20:37:47.0616 0x1a1c  LSI_FC - ok
20:37:47.0648 0x1a1c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
20:37:47.0679 0x1a1c  LSI_SAS - ok
20:37:47.0710 0x1a1c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:37:47.0757 0x1a1c  LSI_SAS2 - ok
20:37:47.0772 0x1a1c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:37:47.0804 0x1a1c  LSI_SCSI - ok
20:37:47.0835 0x1a1c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
20:37:47.0991 0x1a1c  luafv - ok
20:37:48.0053 0x1a1c  [ 61E27025735991FB61E2B5324357CEE5, 3D145E558625A33336DDE3A9B3A3214D6AC2EBF8E35C19E5CE755C1F97568C0F ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
20:37:48.0131 0x1a1c  McComponentHostService - ok
20:37:48.0178 0x1a1c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:37:48.0225 0x1a1c  Mcx2Svc - ok
20:37:48.0240 0x1a1c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
20:37:48.0287 0x1a1c  megasas - ok
20:37:48.0318 0x1a1c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
20:37:48.0412 0x1a1c  MegaSR - ok
20:37:48.0490 0x1a1c  Microsoft SharePoint Workspace Audit Service - ok
20:37:48.0521 0x1a1c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
20:37:48.0646 0x1a1c  MMCSS - ok
20:37:48.0662 0x1a1c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
20:37:48.0802 0x1a1c  Modem - ok
20:37:48.0818 0x1a1c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:37:48.0896 0x1a1c  monitor - ok
20:37:48.0927 0x1a1c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:37:48.0958 0x1a1c  mouclass - ok
20:37:48.0989 0x1a1c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:37:49.0036 0x1a1c  mouhid - ok
20:37:49.0067 0x1a1c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
20:37:49.0114 0x1a1c  mountmgr - ok
20:37:49.0192 0x1a1c  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:37:49.0239 0x1a1c  MozillaMaintenance - ok
20:37:49.0270 0x1a1c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:37:49.0317 0x1a1c  mpio - ok
20:37:49.0348 0x1a1c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:37:49.0473 0x1a1c  mpsdrv - ok
20:37:49.0582 0x1a1c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:37:49.0785 0x1a1c  MpsSvc - ok
20:37:49.0832 0x1a1c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:37:49.0894 0x1a1c  MRxDAV - ok
20:37:49.0925 0x1a1c  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:37:49.0988 0x1a1c  mrxsmb - ok
20:37:50.0034 0x1a1c  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:37:50.0112 0x1a1c  mrxsmb10 - ok
20:37:50.0144 0x1a1c  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:37:50.0190 0x1a1c  mrxsmb20 - ok
20:37:50.0237 0x1a1c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
20:37:50.0268 0x1a1c  msahci - ok
20:37:50.0300 0x1a1c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:37:50.0346 0x1a1c  msdsm - ok
20:37:50.0378 0x1a1c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
20:37:50.0440 0x1a1c  MSDTC - ok
20:37:50.0502 0x1a1c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:37:50.0643 0x1a1c  Msfs - ok
20:37:50.0658 0x1a1c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
20:37:50.0799 0x1a1c  mshidkmdf - ok
20:37:50.0830 0x1a1c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:37:50.0877 0x1a1c  msisadrv - ok
20:37:50.0924 0x1a1c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:37:51.0064 0x1a1c  MSiSCSI - ok
20:37:51.0080 0x1a1c  msiserver - ok
20:37:51.0095 0x1a1c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:37:51.0220 0x1a1c  MSKSSRV - ok
20:37:51.0251 0x1a1c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:37:51.0392 0x1a1c  MSPCLOCK - ok
20:37:51.0423 0x1a1c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:37:51.0532 0x1a1c  MSPQM - ok
20:37:51.0594 0x1a1c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:37:51.0672 0x1a1c  MsRPC - ok
20:37:51.0704 0x1a1c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
20:37:51.0750 0x1a1c  mssmbios - ok
20:37:51.0766 0x1a1c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:37:51.0891 0x1a1c  MSTEE - ok
20:37:51.0922 0x1a1c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
20:37:51.0969 0x1a1c  MTConfig - ok
20:37:52.0000 0x1a1c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
20:37:52.0031 0x1a1c  Mup - ok
20:37:52.0109 0x1a1c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
20:37:52.0281 0x1a1c  napagent - ok
20:37:52.0328 0x1a1c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:37:52.0437 0x1a1c  NativeWifiP - ok
20:37:52.0530 0x1a1c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:37:52.0671 0x1a1c  NDIS - ok
20:37:52.0702 0x1a1c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
20:37:52.0842 0x1a1c  NdisCap - ok
20:37:52.0858 0x1a1c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:37:52.0998 0x1a1c  NdisTapi - ok
20:37:53.0030 0x1a1c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:37:53.0154 0x1a1c  Ndisuio - ok
20:37:53.0186 0x1a1c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:37:53.0310 0x1a1c  NdisWan - ok
20:37:53.0357 0x1a1c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:37:53.0482 0x1a1c  NDProxy - ok
20:37:53.0513 0x1a1c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:37:53.0654 0x1a1c  NetBIOS - ok
20:37:53.0700 0x1a1c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
20:37:53.0856 0x1a1c  NetBT - ok
20:37:53.0888 0x1a1c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
20:37:53.0919 0x1a1c  Netlogon - ok
20:37:53.0981 0x1a1c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
20:37:54.0153 0x1a1c  Netman - ok
20:37:54.0200 0x1a1c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:37:54.0246 0x1a1c  NetMsmqActivator - ok
20:37:54.0278 0x1a1c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:37:54.0324 0x1a1c  NetPipeActivator - ok
20:37:54.0387 0x1a1c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
20:37:54.0590 0x1a1c  netprofm - ok
20:37:54.0605 0x1a1c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:37:54.0652 0x1a1c  NetTcpActivator - ok
20:37:54.0683 0x1a1c  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:37:54.0730 0x1a1c  NetTcpPortSharing - ok
20:37:54.0761 0x1a1c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
20:37:54.0808 0x1a1c  nfrd960 - ok
20:37:54.0855 0x1a1c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:37:54.0980 0x1a1c  NlaSvc - ok
20:37:54.0995 0x1a1c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:37:55.0120 0x1a1c  Npfs - ok
20:37:55.0167 0x1a1c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
20:37:55.0292 0x1a1c  nsi - ok
20:37:55.0307 0x1a1c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:37:55.0448 0x1a1c  nsiproxy - ok
20:37:55.0604 0x1a1c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:37:55.0806 0x1a1c  Ntfs - ok
20:37:55.0822 0x1a1c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
20:37:55.0962 0x1a1c  Null - ok
20:37:55.0994 0x1a1c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:37:56.0040 0x1a1c  nvraid - ok
20:37:56.0087 0x1a1c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:37:56.0134 0x1a1c  nvstor - ok
20:37:56.0181 0x1a1c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:37:56.0228 0x1a1c  nv_agp - ok
20:37:56.0259 0x1a1c  [ D955D5DE998DB2476BF0892BE3A96C26, 3828FC1D4A4F9CD685E6D938B92370A602B84A3ACE2C9A674B3B59E633B0AE07 ] O2FLASH         C:\Windows\system32\DRIVERS\o2flash.exe
20:37:56.0321 0x1a1c  O2FLASH - ok
20:37:56.0352 0x1a1c  [ 8C2953537CA19DFAA67D612407E0F33E, AD0F7B18F58AF6421948BBB4450BEF83E1ED443F78D17ACCD6A57A236B8AD2B4 ] O2MDGRDR        C:\Windows\system32\DRIVERS\o2mdgx64.sys
20:37:56.0384 0x1a1c  O2MDGRDR - ok
20:37:56.0415 0x1a1c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
20:37:56.0462 0x1a1c  ohci1394 - ok
20:37:56.0555 0x1a1c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:37:56.0602 0x1a1c  ose - ok
20:37:56.0664 0x1a1c  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:37:56.0711 0x1a1c  ose64 - ok
20:37:57.0132 0x1a1c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:37:57.0710 0x1a1c  osppsvc - ok
20:37:57.0819 0x1a1c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
20:37:57.0912 0x1a1c  p2pimsvc - ok
20:37:57.0959 0x1a1c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
20:37:58.0053 0x1a1c  p2psvc - ok
20:37:58.0100 0x1a1c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
20:37:58.0146 0x1a1c  Parport - ok
20:37:58.0178 0x1a1c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:37:58.0224 0x1a1c  partmgr - ok
20:37:58.0271 0x1a1c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:37:58.0365 0x1a1c  PcaSvc - ok
20:37:58.0412 0x1a1c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
20:37:58.0458 0x1a1c  pci - ok
20:37:58.0490 0x1a1c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
20:37:58.0521 0x1a1c  pciide - ok
20:37:58.0568 0x1a1c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
20:37:58.0630 0x1a1c  pcmcia - ok
20:37:58.0646 0x1a1c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
20:37:58.0692 0x1a1c  pcw - ok
20:37:58.0770 0x1a1c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:37:58.0895 0x1a1c  PEAUTH - ok
20:37:58.0989 0x1a1c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
20:37:59.0051 0x1a1c  PerfHost - ok
20:37:59.0207 0x1a1c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
20:37:59.0472 0x1a1c  pla - ok
20:37:59.0535 0x1a1c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:37:59.0613 0x1a1c  PlugPlay - ok
20:37:59.0644 0x1a1c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
20:37:59.0706 0x1a1c  PNRPAutoReg - ok
20:37:59.0753 0x1a1c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
20:37:59.0816 0x1a1c  PNRPsvc - ok
20:37:59.0878 0x1a1c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:38:00.0065 0x1a1c  PolicyAgent - ok
20:38:00.0112 0x1a1c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
20:38:00.0252 0x1a1c  Power - ok
20:38:00.0315 0x1a1c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:38:00.0471 0x1a1c  PptpMiniport - ok
20:38:00.0502 0x1a1c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
20:38:00.0564 0x1a1c  Processor - ok
20:38:00.0596 0x1a1c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
20:38:00.0674 0x1a1c  ProfSvc - ok
20:38:00.0705 0x1a1c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
20:38:00.0736 0x1a1c  ProtectedStorage - ok
20:38:00.0767 0x1a1c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
20:38:00.0892 0x1a1c  Psched - ok
20:38:01.0032 0x1a1c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
20:38:01.0220 0x1a1c  ql2300 - ok
20:38:01.0251 0x1a1c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
20:38:01.0298 0x1a1c  ql40xx - ok
20:38:01.0344 0x1a1c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
20:38:01.0454 0x1a1c  QWAVE - ok
20:38:01.0469 0x1a1c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:38:01.0532 0x1a1c  QWAVEdrv - ok
20:38:01.0547 0x1a1c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:38:01.0672 0x1a1c  RasAcd - ok
20:38:01.0703 0x1a1c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
20:38:01.0844 0x1a1c  RasAgileVpn - ok
20:38:01.0859 0x1a1c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
20:38:02.0031 0x1a1c  RasAuto - ok
20:38:02.0078 0x1a1c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:38:02.0218 0x1a1c  Rasl2tp - ok
20:38:02.0265 0x1a1c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
20:38:02.0421 0x1a1c  RasMan - ok
20:38:02.0452 0x1a1c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:38:02.0577 0x1a1c  RasPppoe - ok
20:38:02.0608 0x1a1c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:38:02.0733 0x1a1c  RasSstp - ok
20:38:02.0780 0x1a1c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:38:02.0982 0x1a1c  rdbss - ok
20:38:03.0029 0x1a1c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
20:38:03.0092 0x1a1c  rdpbus - ok
20:38:03.0107 0x1a1c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:38:03.0248 0x1a1c  RDPCDD - ok
20:38:03.0279 0x1a1c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:38:03.0404 0x1a1c  RDPENCDD - ok
20:38:03.0435 0x1a1c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
20:38:03.0575 0x1a1c  RDPREFMP - ok
20:38:03.0638 0x1a1c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:38:03.0684 0x1a1c  RdpVideoMiniport - ok
20:38:03.0731 0x1a1c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:38:03.0809 0x1a1c  RDPWD - ok
20:38:03.0856 0x1a1c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
20:38:03.0918 0x1a1c  rdyboost - ok
20:38:03.0965 0x1a1c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:38:04.0106 0x1a1c  RemoteAccess - ok
20:38:04.0168 0x1a1c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:38:04.0324 0x1a1c  RemoteRegistry - ok
20:38:04.0371 0x1a1c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
20:38:04.0433 0x1a1c  RFCOMM - ok
20:38:04.0480 0x1a1c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
20:38:04.0620 0x1a1c  RpcEptMapper - ok
20:38:04.0652 0x1a1c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
20:38:04.0698 0x1a1c  RpcLocator - ok
20:38:04.0761 0x1a1c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
20:38:04.0932 0x1a1c  RpcSs - ok
20:38:04.0979 0x1a1c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:38:05.0120 0x1a1c  rspndr - ok
20:38:05.0198 0x1a1c  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
20:38:05.0291 0x1a1c  RTL8167 - ok
20:38:05.0322 0x1a1c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
20:38:05.0354 0x1a1c  SamSs - ok
20:38:05.0400 0x1a1c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:38:05.0447 0x1a1c  sbp2port - ok
20:38:05.0510 0x1a1c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:38:05.0681 0x1a1c  SCardSvr - ok
20:38:05.0712 0x1a1c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
20:38:05.0853 0x1a1c  scfilter - ok
20:38:05.0978 0x1a1c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
20:38:06.0227 0x1a1c  Schedule - ok
20:38:06.0258 0x1a1c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:38:06.0399 0x1a1c  SCPolicySvc - ok
20:38:06.0461 0x1a1c  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
20:38:06.0524 0x1a1c  sdbus - ok
20:38:06.0570 0x1a1c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:38:06.0633 0x1a1c  SDRSVC - ok
20:38:06.0836 0x1a1c  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
20:38:06.0992 0x1a1c  SDScannerService - ok
20:38:07.0194 0x1a1c  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
20:38:07.0397 0x1a1c  SDUpdateService - ok
20:38:07.0491 0x1a1c  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
20:38:07.0522 0x1a1c  SDWSCService - ok
20:38:07.0569 0x1a1c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:38:07.0694 0x1a1c  secdrv - ok
20:38:07.0725 0x1a1c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
20:38:07.0865 0x1a1c  seclogon - ok
20:38:07.0881 0x1a1c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
20:38:08.0021 0x1a1c  SENS - ok
20:38:08.0037 0x1a1c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
20:38:08.0099 0x1a1c  SensrSvc - ok
20:38:08.0115 0x1a1c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
20:38:08.0177 0x1a1c  Serenum - ok
20:38:08.0193 0x1a1c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
20:38:08.0255 0x1a1c  Serial - ok
20:38:08.0286 0x1a1c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
20:38:08.0349 0x1a1c  sermouse - ok
20:38:08.0396 0x1a1c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
20:38:08.0520 0x1a1c  SessionEnv - ok
20:38:08.0552 0x1a1c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:38:08.0598 0x1a1c  sffdisk - ok
20:38:08.0630 0x1a1c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:38:08.0676 0x1a1c  sffp_mmc - ok
20:38:08.0692 0x1a1c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:38:08.0754 0x1a1c  sffp_sd - ok
20:38:08.0786 0x1a1c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
20:38:08.0832 0x1a1c  sfloppy - ok
20:38:08.0910 0x1a1c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:38:09.0098 0x1a1c  SharedAccess - ok
20:38:09.0176 0x1a1c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:38:09.0363 0x1a1c  ShellHWDetection - ok
20:38:09.0378 0x1a1c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:38:09.0425 0x1a1c  SiSRaid2 - ok
20:38:09.0441 0x1a1c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
20:38:09.0488 0x1a1c  SiSRaid4 - ok
20:38:09.0503 0x1a1c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:38:09.0644 0x1a1c  Smb - ok
20:38:09.0690 0x1a1c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:38:09.0737 0x1a1c  SNMPTRAP - ok
20:38:09.0768 0x1a1c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:38:09.0800 0x1a1c  spldr - ok
20:38:09.0862 0x1a1c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
20:38:10.0002 0x1a1c  Spooler - ok
20:38:10.0283 0x1a1c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
20:38:10.0829 0x1a1c  sppsvc - ok
20:38:10.0892 0x1a1c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
20:38:11.0016 0x1a1c  sppuinotify - ok
20:38:11.0094 0x1a1c  [ D630B6F2E8379B6F10DC16E82A426552, 9F7949B11BCEF55B38119ED45BD92117A8551BEC8A2BCD88EA89707C48120F1B ] sprtsvc_DellSupportCenter C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
20:38:11.0141 0x1a1c  sprtsvc_DellSupportCenter - ok
20:38:11.0204 0x1a1c  [ 8FD8EE71D7D639F85805EEE4ADB2AA15, 027E680BE49F705843B0117A72FAFC7681798B99685B91989928EF03767CD7A5 ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:38:11.0250 0x1a1c  SQLWriter - ok
20:38:11.0328 0x1a1c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:38:11.0438 0x1a1c  srv - ok
20:38:11.0484 0x1a1c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:38:11.0578 0x1a1c  srv2 - ok
20:38:11.0625 0x1a1c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:38:11.0687 0x1a1c  srvnet - ok
20:38:11.0734 0x1a1c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:38:11.0921 0x1a1c  SSDPSRV - ok
20:38:11.0952 0x1a1c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:38:12.0093 0x1a1c  SstpSvc - ok
20:38:12.0218 0x1a1c  [ DA7702025DFD169B909C4DA3126762CC, 40777941F71D0762C450824A635888D1390307E937EDF13385524569F4602D0A ] STacSV          C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe
20:38:12.0280 0x1a1c  STacSV - ok
20:38:12.0311 0x1a1c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
20:38:12.0342 0x1a1c  stexstor - ok
20:38:12.0405 0x1a1c  [ CAF5A9708671B14B9670260735B22C4E, B31F2B500605379BC9531E21E4ACD17EA281FFF25AA4B4D342E14F8F5952D1EC ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
20:38:12.0483 0x1a1c  STHDA - ok
20:38:12.0514 0x1a1c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys
20:38:12.0576 0x1a1c  StillCam - ok
20:38:12.0654 0x1a1c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
20:38:12.0795 0x1a1c  stisvc - ok
20:38:12.0826 0x1a1c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
20:38:12.0857 0x1a1c  swenum - ok
20:38:12.0951 0x1a1c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
20:38:13.0122 0x1a1c  swprv - ok
20:38:13.0169 0x1a1c  [ 39D4B4343BA70E4B32C4531BD075B9F6, B062537E7E3E95BD8E240A56ACABBB0CF05CE291AC93442B2C2A51AC291C291B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
20:38:13.0232 0x1a1c  SynTP - ok
20:38:13.0403 0x1a1c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
20:38:13.0622 0x1a1c  SysMain - ok
20:38:13.0684 0x1a1c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:38:13.0746 0x1a1c  TabletInputService - ok
20:38:13.0793 0x1a1c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:38:13.0980 0x1a1c  TapiSrv - ok
20:38:14.0027 0x1a1c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
20:38:14.0168 0x1a1c  TBS - ok
20:38:14.0339 0x1a1c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:38:14.0558 0x1a1c  Tcpip - ok
20:38:14.0698 0x1a1c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
20:38:14.0885 0x1a1c  TCPIP6 - ok
20:38:14.0948 0x1a1c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:38:14.0979 0x1a1c  tcpipreg - ok
20:38:15.0010 0x1a1c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:38:15.0072 0x1a1c  TDPIPE - ok
20:38:15.0104 0x1a1c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:38:15.0150 0x1a1c  TDTCP - ok
20:38:15.0197 0x1a1c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:38:15.0260 0x1a1c  tdx - ok
20:38:15.0291 0x1a1c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
20:38:15.0338 0x1a1c  TermDD - ok
20:38:15.0416 0x1a1c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
20:38:15.0587 0x1a1c  TermService - ok
20:38:15.0634 0x1a1c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
20:38:15.0696 0x1a1c  Themes - ok
20:38:15.0728 0x1a1c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
20:38:15.0852 0x1a1c  THREADORDER - ok
20:38:15.0884 0x1a1c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
20:38:16.0008 0x1a1c  TrkWks - ok
20:38:16.0071 0x1a1c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:38:16.0211 0x1a1c  TrustedInstaller - ok
20:38:16.0258 0x1a1c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:38:16.0289 0x1a1c  tssecsrv - ok
20:38:16.0336 0x1a1c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
20:38:16.0383 0x1a1c  TsUsbFlt - ok
20:38:16.0414 0x1a1c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:38:16.0539 0x1a1c  tunnel - ok
20:38:16.0570 0x1a1c  [ 825E7A1F48FB8BCFBA27C178AAB4E275, 94F039917B52BEFFFE383E14A6169AE81B6E79C30BA7DD017A9CFE15708A1605 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
20:38:16.0601 0x1a1c  TurboB - ok
20:38:16.0664 0x1a1c  [ B206BE1174D5964D49A56BB6C4E0524A, 9D7DA11220B69E2EDEA9E55EC0E4CB554DD7F638ABF49B76353CE5A5C75965B8 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:38:16.0695 0x1a1c  TurboBoost - ok
20:38:16.0742 0x1a1c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
20:38:16.0788 0x1a1c  uagp35 - ok
20:38:16.0835 0x1a1c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:38:16.0976 0x1a1c  udfs - ok
20:38:17.0022 0x1a1c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:38:17.0069 0x1a1c  UI0Detect - ok
20:38:17.0100 0x1a1c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:38:17.0132 0x1a1c  uliagpkx - ok
20:38:17.0178 0x1a1c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
20:38:17.0210 0x1a1c  umbus - ok
20:38:17.0256 0x1a1c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
20:38:17.0288 0x1a1c  UmPass - ok
20:38:17.0522 0x1a1c  [ 765F2DD351BA064F657751D8D75E58C0, 954834FF6F05E065C2BE6CEC22136A0399026BFF9D91BE859E8E047C3ED8267F ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:38:17.0771 0x1a1c  UNS - ok
20:38:17.0834 0x1a1c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
20:38:18.0021 0x1a1c  upnphost - ok
20:38:18.0052 0x1a1c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:38:18.0114 0x1a1c  usbccgp - ok
20:38:18.0146 0x1a1c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:38:18.0208 0x1a1c  usbcir - ok
20:38:18.0224 0x1a1c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
20:38:18.0270 0x1a1c  usbehci - ok
20:38:18.0302 0x1a1c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:38:18.0395 0x1a1c  usbhub - ok
20:38:18.0426 0x1a1c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
20:38:18.0473 0x1a1c  usbohci - ok
20:38:18.0489 0x1a1c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:38:18.0551 0x1a1c  usbprint - ok
20:38:18.0582 0x1a1c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:38:18.0629 0x1a1c  USBSTOR - ok
20:38:18.0660 0x1a1c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
20:38:18.0707 0x1a1c  usbuhci - ok
20:38:18.0738 0x1a1c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
20:38:18.0785 0x1a1c  usbvideo - ok
20:38:18.0832 0x1a1c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
20:38:18.0988 0x1a1c  UxSms - ok
20:38:19.0019 0x1a1c  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
20:38:19.0050 0x1a1c  VaultSvc - ok
20:38:19.0097 0x1a1c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
20:38:19.0128 0x1a1c  vdrvroot - ok
20:38:19.0206 0x1a1c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
20:38:19.0394 0x1a1c  vds - ok
20:38:19.0440 0x1a1c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:38:19.0487 0x1a1c  vga - ok
20:38:19.0503 0x1a1c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:38:19.0628 0x1a1c  VgaSave - ok
20:38:19.0690 0x1a1c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
20:38:19.0737 0x1a1c  vhdmp - ok
20:38:19.0784 0x1a1c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:38:19.0815 0x1a1c  viaide - ok
20:38:19.0862 0x1a1c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:38:19.0908 0x1a1c  volmgr - ok
20:38:19.0971 0x1a1c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:38:20.0033 0x1a1c  volmgrx - ok
20:38:20.0080 0x1a1c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:38:20.0127 0x1a1c  volsnap - ok
20:38:20.0174 0x1a1c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
20:38:20.0220 0x1a1c  vsmraid - ok
20:38:20.0361 0x1a1c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
20:38:20.0626 0x1a1c  VSS - ok
20:38:20.0673 0x1a1c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
20:38:20.0720 0x1a1c  vwifibus - ok
20:38:20.0751 0x1a1c  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
20:38:20.0829 0x1a1c  vwififlt - ok
20:38:20.0876 0x1a1c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
20:38:21.0063 0x1a1c  W32Time - ok
20:38:21.0094 0x1a1c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
20:38:21.0141 0x1a1c  WacomPen - ok
20:38:21.0188 0x1a1c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
20:38:21.0328 0x1a1c  WANARP - ok
20:38:21.0344 0x1a1c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:38:21.0468 0x1a1c  Wanarpv6 - ok
20:38:21.0609 0x1a1c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
20:38:21.0765 0x1a1c  WatAdminSvc - ok
20:38:21.0905 0x1a1c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
20:38:22.0124 0x1a1c  wbengine - ok
20:38:22.0170 0x1a1c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
20:38:22.0264 0x1a1c  WbioSrvc - ok
20:38:22.0326 0x1a1c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:38:22.0451 0x1a1c  wcncsvc - ok
20:38:22.0482 0x1a1c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:38:22.0545 0x1a1c  WcsPlugInService - ok
20:38:22.0576 0x1a1c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
20:38:22.0607 0x1a1c  Wd - ok
20:38:22.0638 0x1a1c  [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
20:38:22.0716 0x1a1c  WDC_SAM - ok
20:38:22.0794 0x1a1c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:38:22.0904 0x1a1c  Wdf01000 - ok
20:38:22.0966 0x1a1c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:38:23.0028 0x1a1c  WdiServiceHost - ok
20:38:23.0044 0x1a1c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:38:23.0091 0x1a1c  WdiSystemHost - ok
20:38:23.0138 0x1a1c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
20:38:23.0231 0x1a1c  WebClient - ok
20:38:23.0294 0x1a1c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:38:23.0465 0x1a1c  Wecsvc - ok
20:38:23.0496 0x1a1c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:38:23.0637 0x1a1c  wercplsupport - ok
20:38:23.0668 0x1a1c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:38:23.0793 0x1a1c  WerSvc - ok
20:38:23.0824 0x1a1c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
20:38:23.0949 0x1a1c  WfpLwf - ok
20:38:23.0996 0x1a1c  [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
20:38:24.0042 0x1a1c  WimFltr - ok
20:38:24.0058 0x1a1c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
20:38:24.0089 0x1a1c  WIMMount - ok
20:38:24.0120 0x1a1c  WinDefend - ok
20:38:24.0136 0x1a1c  WinHttpAutoProxySvc - ok
20:38:24.0198 0x1a1c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:38:24.0354 0x1a1c  Winmgmt - ok
20:38:24.0542 0x1a1c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
20:38:24.0791 0x1a1c  WinRM - ok
20:38:24.0854 0x1a1c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
20:38:24.0900 0x1a1c  WinUsb - ok
20:38:25.0010 0x1a1c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:38:25.0166 0x1a1c  Wlansvc - ok
20:38:25.0244 0x1a1c  [ 13B0A570E1AE451C92DA550085D72CF3, 4C67F000EE65B3B1DF17D228C93E9F2D3E13EAB2FD125806A16F70FF365097AC ] wltrysvc        C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
20:38:25.0259 0x1a1c  wltrysvc - detected UnsignedFile.Multi.Generic ( 1 )
20:38:25.0275 0x1a1c  Detect skipped due to KSN trusted
20:38:25.0275 0x1a1c  wltrysvc - ok
20:38:25.0322 0x1a1c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:38:25.0368 0x1a1c  WmiAcpi - ok
20:38:25.0415 0x1a1c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:38:25.0462 0x1a1c  wmiApSrv - ok
20:38:25.0493 0x1a1c  WMPNetworkSvc - ok
20:38:25.0524 0x1a1c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:38:25.0587 0x1a1c  WPCSvc - ok
20:38:25.0634 0x1a1c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:38:25.0712 0x1a1c  WPDBusEnum - ok
20:38:25.0743 0x1a1c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:38:25.0868 0x1a1c  ws2ifsl - ok
20:38:25.0914 0x1a1c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
20:38:25.0977 0x1a1c  wscsvc - ok
20:38:25.0977 0x1a1c  WSearch - ok
20:38:26.0195 0x1a1c  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
20:38:26.0538 0x1a1c  wuauserv - ok
20:38:26.0585 0x1a1c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
20:38:26.0648 0x1a1c  WudfPf - ok
20:38:26.0694 0x1a1c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
20:38:26.0757 0x1a1c  WUDFRd - ok
20:38:26.0804 0x1a1c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:38:26.0850 0x1a1c  wudfsvc - ok
20:38:26.0897 0x1a1c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
20:38:26.0991 0x1a1c  WwanSvc - ok
20:38:27.0022 0x1a1c  ================ Scan global ===============================
20:38:27.0038 0x1a1c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:38:27.0100 0x1a1c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
20:38:27.0162 0x1a1c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
20:38:27.0194 0x1a1c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:38:27.0256 0x1a1c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:38:27.0287 0x1a1c  [ Global ] - ok
20:38:27.0287 0x1a1c  ================ Scan MBR ==================================
20:38:27.0303 0x1a1c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:38:27.0818 0x1a1c  \Device\Harddisk0\DR0 - ok
20:38:27.0818 0x1a1c  ================ Scan VBR ==================================
20:38:27.0818 0x1a1c  [ 089D94935EC1C9AA71255D8CFD0912EF ] \Device\Harddisk0\DR0\Partition1
20:38:27.0818 0x1a1c  \Device\Harddisk0\DR0\Partition1 - ok
20:38:27.0833 0x1a1c  [ B63F2A8383437B9CA1071E1E4386EC23 ] \Device\Harddisk0\DR0\Partition2
20:38:27.0833 0x1a1c  \Device\Harddisk0\DR0\Partition2 - ok
20:38:27.0864 0x1a1c  [ E81A6CCC7E485881D0C279BE0D840D23 ] \Device\Harddisk0\DR0\Partition3
20:38:27.0880 0x1a1c  \Device\Harddisk0\DR0\Partition3 - ok
20:38:27.0896 0x1a1c  [ 4E19785CF593AE5235588BEFA24D98BD ] \Device\Harddisk0\DR0\Partition4
20:38:27.0896 0x1a1c  \Device\Harddisk0\DR0\Partition4 - ok
20:38:27.0896 0x1a1c  ================ Scan generic autorun ======================
20:38:27.0896 0x1a1c  SynTPEnh - ok
20:38:27.0989 0x1a1c  [ 023C55185495F1066F4C7F893658C4ED, 12DB663D56DEE1F54029F02BA68DE52BB6A18E5022DC4AA4435D773125D09A22 ] C:\Program Files\IDT\WDM\sttray64.exe
20:38:28.0083 0x1a1c  SysTrayApp - ok
20:38:28.0473 0x1a1c  [ 1F83CB91A9830038DBE7CD1BA1921205, 8F03FE85B864DF531768B877E90250420B4687B76CEB955E641FD39BE39DF820 ] C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe
20:38:28.0988 0x1a1c  Broadcom Wireless Manager UI - detected UnsignedFile.Multi.Generic ( 1 )
20:38:28.0988 0x1a1c  Detect skipped due to KSN trusted
20:38:28.0988 0x1a1c  Broadcom Wireless Manager UI - ok
20:38:29.0050 0x1a1c  [ 8664A66550C2803271243367594F5F2B, ACB5B154567A01CD3B084E885390238074B146B1D2339A385BD57C7704DDBCE9 ] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:38:29.0112 0x1a1c  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
20:38:29.0112 0x1a1c  Detect skipped due to KSN trusted
20:38:29.0112 0x1a1c  StartCCC - ok
20:38:29.0456 0x1a1c  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
20:38:29.0799 0x1a1c  SDTray - ok
20:38:29.0955 0x1a1c  [ 28DEF0EFB36D172EAA5A08EB09CF75DF, 62D07A28167AEBFB9511830BFBBEAAB17CC24D57FF8D07F1414D921135BC9024 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:38:30.0048 0x1a1c  avgnt - ok
20:38:30.0173 0x1a1c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:38:30.0345 0x1a1c  Sidebar - ok
20:38:30.0376 0x1a1c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:38:30.0454 0x1a1c  mctadmin - ok
20:38:30.0548 0x1a1c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:38:30.0672 0x1a1c  Sidebar - ok
20:38:30.0688 0x1a1c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:38:30.0750 0x1a1c  mctadmin - ok
20:38:31.0406 0x1a1c  [ 09266319529C342813EA013E24200568, DEC1DCC14CD08304CF502FE4AD5CC188982705BF7D642A8E0EA239F6CB0CE57D ] C:\Program Files\CCleaner\CCleaner64.exe
20:38:32.0076 0x1a1c  CCleaner Monitoring - ok
20:38:32.0123 0x1a1c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.12.402 ), 0x41000 ( enabled : updated )
20:38:32.0123 0x1a1c  Win FW state via NFP2: enabled ( trusted )
20:38:34.0962 0x1a1c  ============================================================
20:38:34.0962 0x1a1c  Scan finished
20:38:34.0962 0x1a1c  ============================================================
20:38:34.0978 0x1534  Detected object count: 0
20:38:34.0978 0x1534  Actual detected object count: 0

schrauber · 26.07.2015, 13:01

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

qwery · 28.07.2015, 15:58

Combofix ist gelaufen.

Probleme gab es nicht wirklich. Außer dass ich Spybot nicht deaktivieren konnte und deshalb gleich vorübergehend deinstalliert habe. Außerdem stand beim Start, dass der Scan ca. 10 Minuten dauern würde, außer das System sei stark befallen oder so ähnlich. Nachdem sich nach etwa einer halben Stunde der Bildschirm ausgeschaltet wurde, habe ich die Maus bewegt, um zu sehen, wie weit der Scan ist. Ich hoffe, das hat keine Probleme verursacht.

Hier ist mal die ComboFix.txt Datei

Code:

ATTFilter

ComboFix 15-07-23.01 - user 28.07.2015  15:22:08.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.43.1031.18.3957.2533 [GMT 2:00]
ausgeführt von:: c:\users\user\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\user\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-28 bis 2015-07-28  ))))))))))))))))))))))))))))))
.
.
2015-07-28 14:15 . 2015-07-28 14:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-24 16:59 . 2015-07-24 16:59	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-24 16:58 . 2015-07-24 18:23	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-24 16:58 . 2015-07-24 16:58	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-24 16:56 . 2015-07-24 16:56	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-23 11:56 . 2015-07-23 12:00	--------	d-----w-	C:\fuck
2015-07-22 18:13 . 2015-07-22 18:13	--------	d-----w-	c:\users\user\AppData\Roaming\NuGet
2015-07-22 15:03 . 2015-07-22 15:03	1135456	----a-w-	c:\programdata\Microsoft\WDExpress\14.0\1031\ResourceCache.dll
2015-07-22 15:01 . 2015-07-22 15:01	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 12.0
2015-07-22 15:00 . 2015-07-22 15:00	--------	d-----w-	c:\program files (x86)\Common Files\Merge Modules
2015-07-22 14:55 . 2015-07-22 14:55	--------	d-----w-	c:\programdata\NuGet
2015-07-22 14:55 . 2015-07-22 14:55	--------	d-----w-	c:\program files (x86)\NuGet
2015-07-22 14:33 . 2015-07-22 14:43	--------	d-----w-	c:\program files (x86)\Windows Kits
2015-07-22 14:33 . 2015-07-22 14:33	--------	d-----w-	c:\program files (x86)\Common Files\Microsoft
2015-07-22 14:24 . 2015-07-22 14:42	--------	d-----w-	c:\program files (x86)\Microsoft SDKs
2015-07-22 14:24 . 2015-07-22 14:24	--------	d-----w-	c:\program files (x86)\Microsoft Help Viewer
2015-07-22 14:23 . 2015-07-22 14:23	--------	d-----w-	c:\windows\SysWow64\1033
2015-07-22 14:23 . 2015-07-22 14:23	--------	d-----w-	c:\windows\system32\1033
2015-07-22 14:23 . 2015-07-22 14:23	--------	d-----w-	c:\windows\system32\1031
2015-07-22 14:23 . 2015-07-22 14:23	--------	d-----w-	c:\windows\SysWow64\1031
2015-07-22 14:23 . 2015-07-22 14:51	--------	d-----w-	c:\program files (x86)\Microsoft SQL Server
2015-07-22 14:23 . 2015-07-22 14:51	--------	d-----w-	c:\program files\Microsoft SQL Server
2015-07-22 14:15 . 2015-07-22 14:15	--------	d-----w-	c:\program files\Microsoft SQL Server Compact Edition
2015-07-22 14:09 . 2015-07-22 14:57	--------	d-----w-	c:\program files (x86)\Microsoft Visual Studio 14.0
2015-07-22 13:39 . 2015-07-22 13:39	--------	d-----w-	c:\programdata\regid.1991-06.com.microsoft
2015-07-22 13:18 . 2015-07-22 13:27	--------	d-----w-	C:\CAE1
2015-07-22 13:13 . 2015-07-22 17:48	--------	d-----w-	c:\programdata\VsTelemetry
2015-07-21 10:53 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 10:53 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 10:53 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-21 10:53 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 10:53 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 10:53 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 10:53 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 10:53 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 10:53 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 10:53 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-20 22:49 . 2015-07-22 18:13	--------	d-----w-	C:\FRST
2015-07-20 22:34 . 2015-07-20 22:34	--------	d-----w-	c:\program files\McAfee Security Scan
2015-07-20 17:18 . 2015-07-20 17:18	--------	d-----w-	c:\program files\CCleaner
2015-07-15 21:55 . 2015-07-15 21:55	--------	d-----w-	c:\program files (x86)\Common Files\Java
2015-07-15 10:30 . 2015-07-01 20:49	1216512	----a-w-	c:\windows\system32\rpcrt4.dll
2015-07-14 21:55 . 2015-07-14 21:55	--------	d-----w-	c:\programdata\McAfee Security Scan
2015-07-13 06:07 . 2015-07-09 17:59	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-13 06:07 . 2015-07-09 17:58	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-13 06:07 . 2015-07-09 17:58	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-13 06:07 . 2015-07-09 17:58	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-13 06:07 . 2015-07-09 17:58	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-13 06:07 . 2015-07-09 17:58	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-13 06:07 . 2015-07-09 17:50	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-13 06:07 . 2015-07-09 17:58	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-08 20:13 . 2015-07-23 12:00	--------	d-----w-	c:\users\user\AppData\Roaming\CodeBlocks
2015-07-08 20:08 . 2015-07-08 20:09	--------	d-----w-	c:\program files (x86)\CodeBlocks
2015-07-06 23:30 . 2015-07-06 23:30	20120	----a-w-	c:\program files\Common Files\Microsoft Shared\VS7Debug\1031\pdmui.dll
2015-07-06 23:28 . 2015-07-06 23:28	31392	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSDesigners8\Resources\1031\msddsui.dll
2015-07-06 23:28 . 2015-07-06 23:28	22736	----a-w-	c:\program files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\CodeAnalysis\de\fxcoptask.resources.dll
2015-07-06 23:28 . 2015-07-06 23:28	21320	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VsHub\ServiceModules\Settings\1.0\bin\de\Microsoft.VsHub.SettingsServiceModule.resources.dll
2015-07-06 23:28 . 2015-07-06 23:28	20120	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\1031\pdmui.dll
2015-07-06 23:28 . 2015-07-06 23:28	19648	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\1031\VSWebLauncherUI.dll
2015-07-06 23:28 . 2015-07-06 23:28	19632	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\1031\VSLauncherUI.dll
2015-07-06 22:51 . 2015-07-06 22:51	96432	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\pdmproxy100.dll
2015-07-06 22:22 . 2015-07-06 22:22	93576	----a-w-	c:\program files (x86)\MSBuild\14.0\Bin\amd64\ko\Microsoft.Build.resources.dll
2015-07-06 22:18 . 2015-07-06 22:18	89344	----a-w-	c:\program files (x86)\MSBuild\14.0\Bin\amd64\Microsoft.Build.Conversion.Core.dll
2015-07-06 21:56 . 2015-07-06 21:56	561608	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\14.0\ClientDiagnostics\target\armv4i\XamlDiagnosticsTap.dll
2015-07-06 21:56 . 2015-07-06 21:56	188352	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\14.0\ClientDiagnostics\target\armv4i\VsDebugEng.Xaml.dll
2015-07-06 21:56 . 2015-07-06 21:56	175576	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Phone Tools\14.0\ClientDiagnostics\target\armv4i\MemoryProfilerCollectionAgent.dll
2015-07-06 21:56 . 2015-07-06 21:56	149544	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\Windows 10 Remote Tools\14.0\ClientDiagnostics\arm\MemoryProfilerCollectionAgent.dll
2015-07-06 21:10 . 2015-07-06 21:10	165352	----a-w-	c:\program files\Common Files\Microsoft Shared\Windows Simulator\14.0\SensorsSimulatorDriver.dll
2015-07-06 19:55 . 2015-07-06 19:55	81080	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\VSLangProj110.dll
2015-07-06 19:55 . 2015-07-06 19:55	5120	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\VSLangProj90.dll
2015-07-06 19:55 . 2015-07-06 19:55	18768	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\envdte100.dll
2015-07-06 19:55 . 2015-07-06 19:55	10584	----a-w-	c:\program files (x86)\Common Files\Microsoft Shared\MSEnv\PublicAssemblies\VSLangProj100.dll
2015-07-06 19:27 . 2015-07-06 19:28	--------	d-----w-	c:\users\user\AppData\Roaming\Nitro PDF
2015-07-06 19:24 . 2015-07-06 19:24	--------	d-----w-	c:\users\user\AppData\Roaming\Nitro
2015-07-06 19:24 . 2015-07-06 19:24	--------	d-----w-	c:\users\user\AppData\Roaming\FileOpen
2015-07-06 19:24 . 2015-07-06 19:24	--------	d-----w-	c:\programdata\FileOpen
2015-07-06 19:23 . 2015-07-06 19:23	--------	d-----w-	c:\programdata\Nitro
2015-07-06 19:22 . 2015-07-06 19:22	--------	d-----w-	c:\users\user\AppData\Roaming\Downloaded Installations
2015-07-06 10:29 . 2015-07-06 10:30	--------	d-----w-	c:\program files (x86)\Mozilla Maintenance Service
2015-07-05 22:55 . 2015-07-05 22:55	--------	d-----w-	c:\users\user\dwhelper
2015-07-02 13:20 . 2015-07-02 13:20	394440	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\x64\1031\TFSOfficeAdd-inUI.dll
2015-07-02 13:17 . 2015-07-02 13:17	630640	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.OfficeIntegration.Excel.resources.dll
2015-07-02 13:17 . 2015-07-02 13:17	25320	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\TFSFieldMapping.resources.dll
2015-07-02 13:17 . 2015-07-02 13:17	21240	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\TfsProtocolHandler.resources.dll
2015-07-02 13:17 . 2015-07-02 13:17	118144	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.OfficeIntegration.Project.resources.dll
2015-07-02 13:17 . 2015-07-02 13:17	394440	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\x86\1031\TFSOfficeAdd-inUI.dll
2015-07-02 13:09 . 2015-07-02 13:09	447512	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.WorkItemTracking.Controls.resources.dll
2015-07-02 13:09 . 2015-07-02 13:09	2443280	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.VersionControl.Controls.resources.dll
2015-07-02 13:09 . 2015-07-02 13:09	136208	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.OfficeIntegration.Common.resources.dll
2015-07-02 13:08 . 2015-07-02 13:08	22928	----a-w-	c:\program files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\BuildInfo\de\Microsoft.VisualStudio.ReleaseManagement.BuildInfoTasks.resources.dll
2015-07-02 13:05 . 2015-07-02 13:05	44944	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.WorkItemTracking.ControlsCore.resources.dll
2015-07-02 12:37 . 2015-07-02 12:37	991048	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\Microsoft.TeamFoundation.OfficeIntegration.Excel.dll
2015-07-02 12:36 . 2015-07-02 12:36	1157952	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\Microsoft.TeamFoundation.VersionControl.Client.dll
2015-07-01 09:52 . 2015-07-01 09:52	500552	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\Microsoft.TeamFoundation.TestManagement.Controls.dll
2015-07-01 09:52 . 2015-07-01 09:52	251248	----a-w-	c:\program files\Common Files\Microsoft Shared\Team Foundation Server\14.0\de\Microsoft.TeamFoundation.TestManagement.Controls.resources.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-28 12:09 . 2015-04-05 11:16	163504	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-07-26 13:48 . 2015-03-31 12:46	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-26 13:48 . 2015-03-31 12:46	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-23 10:38 . 2015-04-01 00:16	162528	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2015-07-23 10:38 . 2015-04-01 00:16	141416	----a-w-	c:\windows\system32\drivers\avipbb.sys
2015-07-15 21:54 . 2015-04-01 02:18	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-07-03 06:43 . 2015-03-31 11:46	130333168	----a-w-	c:\windows\system32\MRT.exe
2015-06-25 21:34 . 2015-06-25 21:34	94368	----a-w-	c:\windows\SysWow64\mfcm140u.dll
2015-06-25 21:34 . 2015-06-25 21:34	94368	----a-w-	c:\windows\SysWow64\mfcm140.dll
2015-06-25 21:34 . 2015-06-25 21:34	85328	----a-w-	c:\windows\SysWow64\vcruntime140.dll
2015-06-25 21:34 . 2015-06-25 21:34	8307360	----a-w-	c:\windows\SysWow64\mfc140ud.dll
2015-06-25 21:34 . 2015-06-25 21:34	8236192	----a-w-	c:\windows\SysWow64\mfc140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	781488	----a-w-	c:\windows\SysWow64\vccorlib140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	75432	----a-w-	c:\windows\SysWow64\mfc140fra.dll
2015-06-25 21:34 . 2015-06-25 21:34	75432	----a-w-	c:\windows\SysWow64\mfc140deu.dll
2015-06-25 21:34 . 2015-06-25 21:34	751936	----a-w-	c:\windows\SysWow64\msvcp140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	74408	----a-w-	c:\windows\SysWow64\mfc140esn.dll
2015-06-25 21:34 . 2015-06-25 21:34	73384	----a-w-	c:\windows\SysWow64\mfc140ita.dll
2015-06-25 21:34 . 2015-06-25 21:34	71336	----a-w-	c:\windows\SysWow64\mfc140rus.dll
2015-06-25 21:34 . 2015-06-25 21:34	65704	----a-w-	c:\windows\SysWow64\mfc140enu.dll
2015-06-25 21:34 . 2015-06-25 21:34	597320	----a-w-	c:\windows\SysWow64\concrt140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	54952	----a-w-	c:\windows\SysWow64\mfc140jpn.dll
2015-06-25 21:34 . 2015-06-25 21:34	53928	----a-w-	c:\windows\SysWow64\mfc140kor.dll
2015-06-25 21:34 . 2015-06-25 21:34	46760	----a-w-	c:\windows\SysWow64\mfc140cht.dll
2015-06-25 21:34 . 2015-06-25 21:34	46760	----a-w-	c:\windows\SysWow64\mfc140chs.dll
2015-06-25 21:34 . 2015-06-25 21:34	4443808	----a-w-	c:\windows\SysWow64\mfc140u.dll
2015-06-25 21:34 . 2015-06-25 21:34	439608	----a-w-	c:\windows\SysWow64\msvcp140.dll
2015-06-25 21:34 . 2015-06-25 21:34	4378776	----a-w-	c:\windows\SysWow64\mfc140.dll
2015-06-25 21:34 . 2015-06-25 21:34	400544	----a-w-	c:\windows\SysWow64\vcamp140.dll
2015-06-25 21:34 . 2015-06-25 21:34	266928	----a-w-	c:\windows\SysWow64\vccorlib140.dll
2015-06-25 21:34 . 2015-06-25 21:34	243520	----a-w-	c:\windows\SysWow64\concrt140.dll
2015-06-25 21:34 . 2015-06-25 21:34	204456	----a-w-	c:\windows\SysWow64\vcomp140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	182432	----a-w-	c:\windows\SysWow64\vcomp140.dll
2015-06-25 21:34 . 2015-06-25 21:34	120480	----a-w-	c:\windows\SysWow64\mfcm140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	119976	----a-w-	c:\windows\SysWow64\mfcm140ud.dll
2015-06-25 21:34 . 2015-06-25 21:34	114000	----a-w-	c:\windows\SysWow64\vcruntime140d.dll
2015-06-25 21:34 . 2015-06-25 21:34	1054888	----a-w-	c:\windows\SysWow64\vcamp140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	88752	----a-w-	c:\windows\system32\vcruntime140.dll
2015-06-25 21:15 . 2015-06-25 21:15	789160	----a-w-	c:\windows\system32\concrt140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	75944	----a-w-	c:\windows\system32\mfc140fra.dll
2015-06-25 21:15 . 2015-06-25 21:15	75944	----a-w-	c:\windows\system32\mfc140deu.dll
2015-06-25 21:15 . 2015-06-25 21:15	74920	----a-w-	c:\windows\system32\mfc140esn.dll
2015-06-25 21:15 . 2015-06-25 21:15	73896	----a-w-	c:\windows\system32\mfc140ita.dll
2015-06-25 21:15 . 2015-06-25 21:15	71848	----a-w-	c:\windows\system32\mfc140rus.dll
2015-06-25 21:15 . 2015-06-25 21:15	66216	----a-w-	c:\windows\system32\mfc140enu.dll
2015-06-25 21:15 . 2015-06-25 21:15	635040	----a-w-	c:\windows\system32\msvcp140.dll
2015-06-25 21:15 . 2015-06-25 21:15	5653664	----a-w-	c:\windows\system32\mfc140u.dll
2015-06-25 21:15 . 2015-06-25 21:15	5624984	----a-w-	c:\windows\system32\mfc140.dll
2015-06-25 21:15 . 2015-06-25 21:15	55464	----a-w-	c:\windows\system32\mfc140jpn.dll
2015-06-25 21:15 . 2015-06-25 21:15	552608	----a-w-	c:\windows\system32\vcamp140.dll
2015-06-25 21:15 . 2015-06-25 21:15	54440	----a-w-	c:\windows\system32\mfc140kor.dll
2015-06-25 21:15 . 2015-06-25 21:15	47272	----a-w-	c:\windows\system32\mfc140cht.dll
2015-06-25 21:15 . 2015-06-25 21:15	47272	----a-w-	c:\windows\system32\mfc140chs.dll
2015-06-25 21:15 . 2015-06-25 21:15	390320	----a-w-	c:\windows\system32\vccorlib140.dll
2015-06-25 21:15 . 2015-06-25 21:15	332968	----a-w-	c:\windows\system32\concrt140.dll
2015-06-25 21:15 . 2015-06-25 21:15	233128	----a-w-	c:\windows\system32\vcomp140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	205984	----a-w-	c:\windows\system32\vcomp140.dll
2015-06-25 21:15 . 2015-06-25 21:15	1403048	----a-w-	c:\windows\system32\vcamp140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	134816	----a-w-	c:\windows\system32\mfcm140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	134328	----a-w-	c:\windows\system32\vcruntime140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	134304	----a-w-	c:\windows\system32\mfcm140ud.dll
2015-06-25 21:15 . 2015-06-25 21:15	10959520	----a-w-	c:\windows\system32\mfc140ud.dll
2015-06-25 21:15 . 2015-06-25 21:15	10887328	----a-w-	c:\windows\system32\mfc140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	105120	----a-w-	c:\windows\system32\mfcm140u.dll
2015-06-25 21:15 . 2015-06-25 21:15	105120	----a-w-	c:\windows\system32\mfcm140.dll
2015-06-25 21:15 . 2015-06-25 21:15	1025200	----a-w-	c:\windows\system32\vccorlib140d.dll
2015-06-25 21:15 . 2015-06-25 21:15	1004712	----a-w-	c:\windows\system32\msvcp140d.dll
2015-06-23 11:30 . 2015-03-31 23:42	300704	------w-	c:\windows\system32\MpSigStub.exe
2015-06-19 21:14 . 2015-06-19 21:14	27840	----a-w-	c:\windows\SysWow64\aspnet_counters.dll
2015-06-19 21:14 . 2015-06-19 21:14	17576	----a-w-	c:\windows\SysWow64\msvcr110_clr0400.dll
2015-06-19 21:14 . 2015-06-19 21:14	17576	----a-w-	c:\windows\SysWow64\msvcr100_clr0400.dll
2015-06-19 21:14 . 2015-06-19 21:14	17576	----a-w-	c:\windows\SysWow64\msvcp110_clr0400.dll
2015-06-19 21:04 . 2015-06-19 21:04	29888	----a-w-	c:\windows\system32\aspnet_counters.dll
2015-06-19 21:04 . 2015-06-19 21:04	17576	----a-w-	c:\windows\system32\msvcr110_clr0400.dll
2015-06-19 21:04 . 2015-06-19 21:04	17576	----a-w-	c:\windows\system32\msvcr100_clr0400.dll
2015-06-19 21:04 . 2015-06-19 21:04	17576	----a-w-	c:\windows\system32\msvcp110_clr0400.dll
2015-06-16 20:23 . 2015-06-16 20:23	1789952	----a-w-	c:\windows\system32\ucrtbased.dll
2015-06-16 20:13 . 2015-06-16 20:13	1496064	----a-w-	c:\windows\SysWow64\ucrtbased.dll
2015-06-04 10:37 . 2015-06-04 10:37	993632	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-06-04 10:37 . 2015-06-04 10:37	987848	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-06-04 10:37 . 2015-06-04 10:37	690016	----a-w-	c:\windows\system32\msvcp120_clr0400.dll
2015-06-04 10:37 . 2015-06-04 10:37	484552	----a-w-	c:\windows\SysWow64\msvcp120_clr0400.dll
2015-05-25 18:24 . 2015-06-05 10:19	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-05 10:19	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-05 10:19	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-05 10:19	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-05 10:19	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-05 10:19	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-05 10:19	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-05 10:19	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-05 10:19	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-05 10:19	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-05 10:19	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-05 10:19	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-05 10:19	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-05 10:19	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-05 10:19	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-05 10:19	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-05 10:19	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-05 10:19	47104	----a-w-	c:\windows\system32\typeperf.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="c:\program files\CCleaner\CCleaner64.exe" [2015-05-08 8322328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-12-17 98304]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-07-23 782008]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Avira Systray"="c:\program files (x86)\Avira\Launcher\Avira.Systray.exe" [2015-06-02 134368]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.149\SSScheduler.exe [2015-6-26 330456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\CtClsFlt.sys [x]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe;c:\program files\DAEMON Tools Lite\DiscSoftBusService.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TurboBoost;TurboBoost;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 Acceler;Accelerometer Service;c:\windows\system32\DRIVERS\Acceler.sys;c:\windows\SYSNATIVE\DRIVERS\Acceler.sys [x]
S3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;c:\windows\system32\DRIVERS\dtlitescsibus.sys;c:\windows\SYSNATIVE\DRIVERS\dtlitescsibus.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
S3 O2MDGRDR;O2MDGRDR;c:\windows\system32\DRIVERS\o2mdgx64.sys;c:\windows\SYSNATIVE\DRIVERS\o2mdgx64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-27 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-26 13:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-01-21 487424]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = localhost:8080
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: {{d8f67242-b229-4065-95fa-391b077ed6ca} - {d8f67242-b229-4065-95fa-391b077ed6ca} - mscoree.dll
TCP: DhcpNameServer = 10.0.0.138
Handler: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - c:\windows\System32\mscoree.dll
FF - ProfilePath - c:\users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\
FF - prefs.js: browser.search.selectedEngine - Startpage HTTPS
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.enabled - false
FF - prefs.js: network.proxy.ftp - 127.0.0.1
FF - prefs.js: network.proxy.ftp_port - 4001
FF - prefs.js: network.proxy.gopher - 127.0.0.1
FF - prefs.js: network.proxy.gopher_port - 4001
FF - prefs.js: network.proxy.http - 127.0.0.1
FF - prefs.js: network.proxy.http_port - 4001
FF - prefs.js: network.proxy.socks - 127.0.0.1
FF - prefs.js: network.proxy.socks_port - 4001
FF - prefs.js: network.proxy.ssl - 127.0.0.1
FF - prefs.js: network.proxy.ssl_port - 4001
FF - prefs.js: network.proxy.type - 1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\DRIVERS\o2flash.exe
c:\program files (x86)\Dell Support Center\bin\sprtsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-28  16:33:13 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-28 14:33
.
Vor Suchlauf: 14 Verzeichnis(se), 107.377.000.448 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 106.877.509.632 Bytes frei
.
- - End Of File - - 73BF2A6A0B97981372585A31E9E6D367
A36C5E4F47E84449FF07ED3517B43A31

Ich habe noch eine Bitte: Wäre es möglich, kurz zu kommentieren, was die Programme eigentlich machen bzw. die Log-Files aussagen? Ich komme mir etwas doof vor, wenn ich nur blind Anleitungen befolge ohne die geringste Ahnung zu haben, was ich da eigentlich mache. Es wirkt ehrlich gesagt auch etwas automatisiert, wenn beinahe kommentarlos nur mit kurzen Anleitungen für verschiedene Software geantwortet wird. Mir ist schon klar, dass ihr hier viel zu tun habt und schätze diesen kostenlosen Service sehr. Es ist für mich einfach nur etwas befremdlich etwas zu tun wovon ich keine Ahnung habe und auch welche Informationen über mich und meine Daten ich hier öffentlich preisgebe.

schrauber · 29.07.2015, 07:00

Welche Daten du preis gibst siehste ja in den Logs

Bis auf den Nutzernamen (den du editieren kannst) steht da nix drin. Auss er du hättest vielleicht ne Desktop-Internet-Verknüpfung mit "Porn" oder so, die wäre dann eben namentlich gelistet

.

Aktuell scannen wir einfach mit speziellen Tools, diese haben aber bis jetzt nüscht gefunden, was schon mal gut is.

Jetzt kloppen wir noch Adware raus, weil das manuelle Suchen und Entfernen viel zu nervig is, wenn es Tools dafür gibt.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

qwery · 29.07.2015, 18:31

Teilweise sind diese Logs nur ziemlich lange um jedes Detail zu checken. ;-)

Hier die Logdatei vom Adwcleaner

Code:

ATTFilter

# AdwCleaner v4.208 - Bericht erstellt 29/07/2015 um 15:38:59
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : user - user-PC
# Gestarted von : C:\Users\user\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - localhost:8080

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v39.0 (x86 en-US)

[JonDoFox\prefs.js] - Zeile Gelöscht : user_pref("browser.search.defaultenginename", "Ixquick (de)");
[JonDoFox\prefs.js] - Zeile Gelöscht : user_pref("pttl.menu-search-groups-tab", false);
[JonDoFox\prefs.js] - Zeile Gelöscht : user_pref("pttl.menu-search-groups-win", false);
[TFGHrQv4.default\prefs.js] - Zeile Gelöscht : user_pref("browser.startup.homepage", "hxxps://www.ixquick.com");

-\\ Opera v30.0.1835.125


*************************

AdwCleaner[R0].txt - [1681 Bytes] - [29/07/2015 15:11:16]
AdwCleaner[S0].txt - [1377 Bytes] - [29/07/2015 15:38:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1436  Bytes] ##########

Beim Junkware Removal Tool ist mir leider folgendes passiert: Ich habe erst scannen und löschen lassen und dann nocheinmal als Administrator ausgeführt, weil ich das beim ersten Mal vergessen hatte. Beim ersten Scan wurden ein paar Sachen gefunden und entfernt. Beim zweiten nichts mehr. Leider wurde beim zweiten Scan das Logfile vom ersten automatisch überschrieben. Somit habe ich nur das vom zweiten Scan.

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by user on 29.07.2015 at 16:00:28,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 29.07.2015 at 16:08:35,15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und hier dann noch das FRST Log

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von user (Administrator) auf user-PC (29-07-2015 18:16:09)
Gestartet von C:\Users\user\Desktop
Geladene Profile: user (Verfügbare Profile: user)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1909032 2010-01-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-06-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7A32B86E-8B29-4F5C-B0AE-DA738ADC9B88}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NewTab: about:blank
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: about:home
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2015-02-26]
FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2015-02-26]
FF Extension: HTTPS-Everywhere - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2015-07-20]
FF Extension: CanvasBlocker - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-02-26]
FF Extension: JonDoFox - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2015-02-26]
FF Extension: NoScript - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-26]
FF Extension: Cookie Controller - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi [2015-02-26]
FF Extension: Adblock Plus - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26]
FF Extension: ProfileSwitcher - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2015-02-26]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [217280 2015-06-02] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [Datei ist nicht signiert]

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-01] (Disc Soft Ltd)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-29 18:16 - 2015-07-29 18:16 - 00014945 _____ C:\Users\user\Desktop\FRST.txt
2015-07-29 18:09 - 2015-07-29 18:09 - 02169856 _____ (Farbar) C:\Users\user\Desktop\FRST64.exe
2015-07-29 16:08 - 2015-07-29 16:08 - 00000603 _____ C:\Users\user\Desktop\JRT.txt
2015-07-29 15:45 - 2015-07-29 15:45 - 01798176 _____ (Malwarebytes Corporation) C:\Users\user\Desktop\JRT.exe
2015-07-29 15:11 - 2015-07-29 15:39 - 00000000 ____D C:\AdwCleaner
2015-07-29 15:08 - 2015-07-29 15:09 - 02248704 _____ C:\Users\user\Desktop\AdwCleaner_4.208.exe
2015-07-29 00:26 - 2015-07-29 00:26 - 00000238 _____ C:\Users\user\Desktop\fragen.txt
2015-07-28 23:37 - 2015-07-28 23:37 - 00000000 ____D C:\Windows\Sun
2015-07-28 19:12 - 2015-07-28 19:12 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-28 19:07 - 2015-07-28 19:15 - 00000360 _____ C:\Users\user\Desktop\Werkstoffe Anhänge.txt
2015-07-28 19:00 - 2015-07-28 19:00 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-07-28 19:00 - 2015-07-28 19:00 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-07-28 19:00 - 2015-07-28 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-07-28 19:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-07-28 16:48 - 2015-07-28 16:49 - 00034591 _____ C:\Users\user\Desktop\ComboFix.txt
2015-07-28 16:33 - 2015-07-28 16:33 - 00034580 _____ C:\ComboFix.txt
2015-07-28 15:19 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-28 15:19 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-28 15:19 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-28 14:57 - 2015-07-28 14:57 - 00000085 _____ C:\Windows\wininit.ini
2015-07-28 14:49 - 2015-07-28 14:50 - 05633622 ____R (Swearware) C:\Users\user\Desktop\ComboFix.exe
2015-07-28 13:54 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 13:54 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 13:54 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 13:54 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 13:54 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 13:54 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 13:54 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 13:54 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 22:14 - 2015-07-27 22:14 - 00455600 _____ C:\Windows\Minidump\072715-20529-01.dmp
2015-07-26 15:56 - 2015-07-28 16:33 - 00000000 ____D C:\Qoobox
2015-07-26 15:55 - 2015-07-28 16:28 - 00000000 ____D C:\Windows\erdnt
2015-07-25 15:28 - 2015-07-25 15:28 - 00345120 _____ C:\Windows\Minidump\072515-30388-01.dmp
2015-07-25 15:27 - 2015-07-27 22:14 - 519404913 _____ C:\Windows\MEMORY.DMP
2015-07-24 20:25 - 2015-07-24 20:25 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\user\Desktop\tdsskiller.exe
2015-07-24 18:59 - 2015-07-24 18:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-24 18:58 - 2015-07-24 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-24 18:58 - 2015-07-24 18:58 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-24 18:56 - 2015-07-24 20:23 - 00000000 ____D C:\Users\user\Desktop\mbar
2015-07-24 18:56 - 2015-07-24 18:56 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-24 18:55 - 2015-07-24 18:55 - 16502728 _____ (Malwarebytes Corp.) C:\Users\user\Desktop\mbar-1.09.1.1004.exe
2015-07-23 13:56 - 2015-07-23 14:00 - 00000000 ____D C:\fuck
2015-07-22 20:13 - 2015-07-22 20:13 - 00000000 ____D C:\Users\user\AppData\Roaming\NuGet
2015-07-22 17:03 - 2015-07-22 20:02 - 00000000 ____D C:\Users\user\Documents\Visual Studio 2015
2015-07-22 17:01 - 2015-07-22 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-07-22 16:55 - 2015-07-22 16:55 - 00000000 ____D C:\ProgramData\NuGet
2015-07-22 16:55 - 2015-07-22 16:55 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-07-22 16:34 - 2015-07-22 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-22 16:33 - 2015-07-22 16:43 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-22 16:31 - 2015-07-22 16:31 - 00001532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VS Express für Desktop.lnk
2015-07-22 16:30 - 2015-07-22 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-07-22 16:24 - 2015-07-22 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-07-22 16:24 - 2015-07-22 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-07-22 16:23 - 2015-07-22 16:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-22 16:23 - 2015-07-22 16:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\system32\1033
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\system32\1031
2015-07-22 16:15 - 2015-07-22 16:15 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-07-22 16:09 - 2015-07-22 16:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-07-22 15:41 - 2015-06-07 01:13 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-07-22 15:18 - 2015-07-22 15:27 - 00000000 ____D C:\CAE1
2015-07-22 15:13 - 2015-07-22 19:48 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-07-21 12:53 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 12:53 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 12:53 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 12:53 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 12:53 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 12:53 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:49 - 2015-07-29 18:16 - 00000000 ____D C:\FRST
2015-07-21 00:34 - 2015-07-21 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-21 00:34 - 2015-07-21 00:34 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-21 00:31 - 2015-07-21 00:31 - 00109280 _____ C:\Users\user\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-21 00:29 - 2015-07-29 15:40 - 00001064 _____ C:\Windows\setupact.log
2015-07-21 00:29 - 2015-07-28 16:16 - 00004524 _____ C:\Windows\PFRO.log
2015-07-21 00:29 - 2015-07-21 20:35 - 00408392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 00:29 - 2015-07-21 00:29 - 00000000 _____ C:\Windows\setuperr.log
2015-07-20 19:18 - 2015-07-20 19:18 - 00002782 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-20 19:18 - 2015-07-20 19:18 - 00000000 ____D C:\Program Files\CCleaner
2015-07-15 12:32 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:32 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 12:32 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:32 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:32 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 12:32 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:32 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:32 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:32 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:32 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:31 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:31 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:31 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:31 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:31 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:31 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:31 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:31 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 12:31 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:31 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 12:31 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:31 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 12:31 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:31 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 12:31 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 12:31 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:31 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 12:31 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 12:31 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:31 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 12:31 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 12:31 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:31 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 12:31 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 12:31 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 12:31 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 12:31 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 12:31 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:31 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:31 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:31 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:31 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 12:31 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:31 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 12:31 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:31 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:31 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:31 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 12:31 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 12:31 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 12:31 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:31 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 12:31 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 12:31 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:31 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 12:31 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 12:31 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 12:31 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:31 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:31 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:31 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:31 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:31 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 12:31 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:31 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:31 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 12:31 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 12:30 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:30 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:30 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:30 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 12:30 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 12:30 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 12:30 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 12:30 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 12:30 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 12:30 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 12:30 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 12:30 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 12:30 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 12:30 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 12:30 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 12:30 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 12:30 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 12:30 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 12:30 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:30 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:30 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:30 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:30 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:30 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:30 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 12:30 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:30 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:30 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 12:30 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 12:30 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:30 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:30 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 12:30 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:30 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 12:30 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 12:30 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 12:30 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 12:30 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 12:30 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 12:30 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-15 12:30 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 12:30 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 23:55 - 2015-07-14 23:55 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-08 22:13 - 2015-07-23 14:00 - 00000000 ____D C:\Users\user\AppData\Roaming\CodeBlocks
2015-07-08 22:09 - 2015-07-08 22:09 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2015-07-08 22:08 - 2015-07-08 22:09 - 00000000 ____D C:\Program Files (x86)\CodeBlocks
2015-07-06 21:27 - 2015-07-06 21:28 - 00000000 ____D C:\Users\user\AppData\Roaming\Nitro PDF
2015-07-06 21:24 - 2015-07-06 21:24 - 00000000 ____D C:\Users\user\AppData\Roaming\Nitro
2015-07-06 21:24 - 2015-07-06 21:24 - 00000000 ____D C:\Users\user\AppData\Roaming\FileOpen
2015-07-06 21:24 - 2015-07-06 21:24 - 00000000 ____D C:\ProgramData\FileOpen
2015-07-06 21:23 - 2015-07-06 21:23 - 00000000 ____D C:\ProgramData\Nitro
2015-07-06 21:22 - 2015-07-06 21:22 - 00000000 ____D C:\Users\user\AppData\Roaming\Downloaded Installations
2015-07-06 12:30 - 2015-07-06 12:30 - 00001165 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-07-06 12:29 - 2015-07-06 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-06 12:29 - 2015-07-06 12:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini
2015-07-06 00:55 - 2015-07-06 00:55 - 00000000 ____D C:\Users\user\dwhelper

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-29 15:55 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 15:55 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 15:45 - 2009-07-14 07:10 - 02043179 _____ C:\Windows\WindowsUpdate.log
2015-07-29 15:40 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 03:01 - 2015-03-31 22:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 19:12 - 2015-04-01 02:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-28 18:59 - 2015-04-01 02:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-28 16:25 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-27 22:14 - 2015-04-02 17:04 - 00000000 ____D C:\Windows\Minidump
2015-07-27 11:17 - 2015-03-31 14:46 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-26 15:48 - 2015-03-31 14:46 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-26 15:48 - 2015-03-31 14:46 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-26 15:48 - 2015-03-31 14:46 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-25 15:51 - 2015-03-31 21:05 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 12:41 - 2015-04-01 01:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-23 12:38 - 2015-04-01 02:16 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-23 12:38 - 2015-04-01 02:16 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-23 12:30 - 2015-03-31 19:10 - 00000000 ____D C:\Users\user\AppData\Roaming\vlc
2015-07-22 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-22 16:25 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-22 16:18 - 2015-04-01 01:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-22 16:16 - 2015-03-31 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-22 16:07 - 2015-03-31 13:54 - 01592824 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-07-22 16:07 - 2009-07-14 19:58 - 00699160 _____ C:\Windows\system32\perfh007.dat
2015-07-22 16:07 - 2009-07-14 19:58 - 00149268 _____ C:\Windows\system32\perfc007.dat
2015-07-22 16:07 - 2009-07-14 07:13 - 01592824 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-20 19:39 - 2015-04-01 00:40 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite
2015-07-20 19:39 - 2010-11-23 01:38 - 00000000 ____D C:\Windows\Panther
2015-07-17 03:01 - 2015-04-01 01:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 00:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 23:56 - 2015-04-01 04:17 - 00000000 ____D C:\ProgramData\Oracle
2015-07-15 23:56 - 2010-11-23 00:05 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-15 23:54 - 2015-04-01 04:18 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-15 12:42 - 2015-03-31 13:46 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:06 - 2015-04-01 04:12 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1427854332
2015-07-15 12:06 - 2015-04-01 04:11 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-14 23:56 - 2015-03-31 16:49 - 00000000 ____D C:\Users\user\AppData\Local\Adobe
2015-07-14 10:58 - 2015-04-06 03:39 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-13 08:30 - 2015-03-31 21:05 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 08:08 - 2015-03-31 22:20 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-11 01:59 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-06 15:45 - 2015-04-01 01:51 - 00000000 ____D C:\Program Files (x86)\Avira
2015-07-06 00:55 - 2015-03-31 04:21 - 00000000 ____D C:\Users\user
2015-07-03 08:43 - 2015-03-31 13:46 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-01 02:33 - 2015-04-01 02:33 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-01 12:35 - 2015-04-01 12:35 - 0000000 _____ () C:\ProgramData\Yes

Einige Dateien in TEMP:
====================
C:\Users\user\AppData\Local\Temp\avgnt.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe
C:\Users\user\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-07-23 20:21

==================== Ende von log ============================

Und falls das Addition.txt auch wichtig ist

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-07-2015
durchgeführt von user (2015-07-29 18:17:41)
Gestartet von C:\Users\user\Desktop
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3109766734-3921118406-2127283393-500 - Administrator - Disabled)
Gast (S-1-5-21-3109766734-3921118406-2127283393-501 - Limited - Disabled)
user (S-1-5-21-3109766734-3921118406-2127283393-1000 - Administrator - Enabled) => C:\Users\user

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.009.1217.1709 - )
Avira (HKLM-x32\...\{8467e01f-0496-42ce-b247-88ef205b4880}) (Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.40.29239 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
ccc-core-static (x32 Version: 2009.1217.1710.30775 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
CodeBlocks (HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Wireless WLAN Card Utility (HKLM\...\Dell Wireless WLAN Card Utility) (Version: 5.30.21.0 - Dell Inc.)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.02.00.1002 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JonDo (HKLM-x32\...\JonDoUninstall) (Version:  - )
MATLAB R2010b (HKLM\...\MatlabR2010b) (Version: 7.11 - The MathWorks, Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Skins (x32 Version: 2009.1217.1710.30775 - ATI) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.3.0 - Synaptics Incorporated)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik (HKLM\...\{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}) (Version: 1.0.186.6 - Intel)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

28-07-2015 13:53:57 Windows Update
29-07-2015 03:00:16 Windows Update
29-07-2015 15:46:12 JRT Pre-Junkware Removal
29-07-2015 16:00:29 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2015-07-28 16:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2439C1AE-E96F-48A5-9833-7920080C46FE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {25DEF0E3-D485-4A9E-86B9-8FD00DF5ECEF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {5092925A-94F9-4B07-BBC6-A9A8123E9BA0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {5D8BA1B5-59CC-4CB8-8AD4-6910F2B07F50} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-26] (Adobe Systems Incorporated)
Task: {628CFAA8-F0FE-473B-97A4-BBD9BFE36D38} - System32\Tasks\Opera scheduled Autoupdate 1427854332 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
Task: {7C2CE20E-36A1-4F2B-9684-0D3F5BE967CF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C205F7EC-1A7B-48AA-BD97-B2C626DD317B} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {D506FE16-D05D-4ACA-9F13-9A4C09E559E9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {E9BE10AB-521F-48B2-A2FF-3765877828F9} - System32\Tasks\D771WWN1\Administrator - Start WLAN Tray Applet => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE [2009-07-17] (Dell Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-07-28 18:59 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-07-28 18:59 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-07-28 18:59 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-07-28 18:59 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer trusted/restricted ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7866 mehr eingeschränkte Seiten.

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Datenträger ist nicht mit dem Internet verbunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: HP Deskjet 3050A J611 series (NET) => "C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN196482KK05PJ:NW" -scfn "HP Deskjet 3050A J611 series (NET)" -AutoStart 1
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{F5900A13-0BC3-4C6A-95C0-25AF7E09FEC9}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe
FirewallRules: [{89AE38D2-719A-405F-B013-51C266F7E18D}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{EF147DCC-3A65-4F2F-9FE7-30ECCC27AAB9}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{F690094A-B7C9-44C5-9A58-2CF85ACA0BE5}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{E0F6E34C-6C3A-479E-A582-F5B6D5B64A1A}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{DC796A2B-A113-413E-A0AA-D30E26EE1F91}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{4354BCA2-5F0E-4D18-9577-1814C38CC827}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{DC9FB468-88EA-4EBA-A6E7-226022DE8844}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{DABEF69A-C247-4552-8FEF-8C82974FBB63}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{1DF11C0D-4B5E-4C55-93D4-D0CB6419DF55}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [{9AC95574-C7C2-497A-906E-AEEF5CCF21FF}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/24/2015 11:51:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (07/22/2015 07:57:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm IEXPLORE.EXE, Version 11.0.9600.17909 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1758

Startzeit: 01d0c4a6ca88e147

Endzeit: 46

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Berichts-ID:

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07

Error: (07/22/2015 05:59:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07


Systemfehler:
=============
Error: (07/29/2015 06:06:09 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/29/2015 05:22:27 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\System32\bcmihvsrv64.dll

Error: (07/29/2015 04:01:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/29/2015 04:01:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/29/2015 03:47:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/29/2015 03:47:59 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SupportSoft Sprocket Service (DellSupportCenter)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/29/2015 03:47:59 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/29/2015 03:47:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Security Center Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (07/29/2015 03:47:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/29/2015 03:47:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (07/24/2015 11:51:38 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80004005

Error: (07/22/2015 07:57:27 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17909175801d0c4a6ca88e14746C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:29 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe

Error: (07/22/2015 05:59:28 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v8.1A\bin\NETFX 4.5.1 Tools\SecAnnotate.exe

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\WinMDExp.exe

Error: (07/22/2015 05:59:19 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe

Error: (07/22/2015 05:59:18 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe . Error code = 0x80131f07 
C:\Program Files (x86)\Microsoft SDKs\Windows\v10.0A\bin\NETFX 4.6 Tools\SecAnnotate.exe


CodeIntegrity:
===================================
  Date: 2015-07-28 16:14:28.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-07-28 16:14:28.175
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Processor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
Percentage of memory in use: 34%
Total physical RAM: 3956.54 MB
Available physical RAM: 2577.7 MB
Total Virtual: 7911.29 MB
Available Virtual: 6040.14 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:150.36 GB) (Free:103.26 GB) NTFS
Drive f: (Musik) (Fixed) (Total:150.36 GB) (Free:126.66 GB) NTFS
Drive g: (Allgemein) (Fixed) (Total:150.36 GB) (Free:150.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 70565D82)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=150.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=300.7 GB) - (Type=OF Extended)

==================== Ende von log ============================

schrauber · 30.07.2015, 08:19

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

qwery · 20.08.2015, 20:50

So, endlich dazu gekommen, den Laptop zu scannen.
Probleme, ja. Bzw. bin ich mir nicht sicher, da warte ich auf eure Meinung. Gefunden hat der Scanner jedenfalls etwas. Besonders der Keylogger macht mir Sorgen.
Was sind das für Sachen, die da gefunden wurden? Bitte um Aufklärung.

ESET Online Scanner Log

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=init
# utc_time=2015-07-30 01:50:13
# local_time=2015-07-30 03:50:13 (+0100, Mitteleuropäische Sommerzeit)
# country="country"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25049
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=updated
# utc_time=2015-07-30 01:55:07
# local_time=2015-07-30 03:55:07 (+0100, Mitteleuropäische Sommerzeit)
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# engine=25049
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-30 02:45:33
# local_time=2015-07-30 04:45:33 (+0100, Mitteleuropäische Sommerzeit)
# country="country"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 19293 189897383 0 0
# scanned=158442
# found=0
# cleaned=0
# scan_time=3025
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=init
# utc_time=2015-07-31 06:28:17
# local_time=2015-07-31 08:28:17 (+0100, Mitteleuropäische Sommerzeit)
# country="country"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25061
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=updated
# utc_time=2015-07-31 06:30:03
# local_time=2015-07-31 08:30:03 (+0100, Mitteleuropäische Sommerzeit)
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# engine=25061
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-31 10:01:39
# local_time=2015-07-31 12:01:39 (+0100, Mitteleuropäische Sommerzeit)
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 63355 189966749 0 0
# scanned=275205
# found=0
# cleaned=0
# scan_time=12695
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=init
# utc_time=2015-08-19 05:08:28
# local_time=2015-08-19 07:08:28 (+0100, Mitteleuropäische Sommerzeit)
# osver=6.1.7601 NT Service Pack 1
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=init
# utc_time=2015-08-19 05:09:02
# local_time=2015-08-19 07:09:02 (+0100, Mitteleuropäische Sommerzeit)
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25352
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# end=updated
# utc_time=2015-08-19 05:12:23
# local_time=2015-08-19 07:12:23 (+0100, Mitteleuropäische Sommerzeit)
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e971e57f17d19e47a2e181aac4771fc9
# engine=25352
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-20 06:20:44
# local_time=2015-08-20 08:20:44 (+0100, Mitteleuropäische Sommerzeit)
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 78861 191681494 0 0
# scanned=1062218
# found=22
# cleaned=0
# scan_time=47300
sh=77138604568D72B88A379C78FA4EE2573826E5AA ft=0 fh=0000000000000000 vn="Variante von Win32/Amonetize.DW evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\user\Downloads\video.cab"
sh=8A2BF90A965B30B50168E88EF2E6521F5E4B2913 ft=1 fh=aba66dc17a974db8 vn="Win32/Keylogger.HotKeysHook.A Virus" ac=I fn="K:\---private Ordner---\Cheats,Trainer,Maps,Saves\--- private Prdner ---Trainer.exe"
sh=505DDFCC43C467063863094CD673068D5618A2F2 ft=1 fh=cbc3ff1fa2ea9a7a vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\BlueStacks App Player - CHIP-Installer.exe"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=94583631094B4346C90FA26A896877F1558F8B9F ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\---private Ordner---\PHP-Skripte\google.zip"
sh=CEDBD0BBAD07832FB0AE74C637E748F6D425FCD3 ft=1 fh=cb9f78426360412a vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\Nitro PDF Reader 64 Bit - CHIP-Installer.exe"
sh=CF40722098EC05B0E090A0F3E78E2B8B70B3797D ft=1 fh=bb11b4ce130106da vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\Visual Basic 2010 Express - CHIP-Installer.exe"
sh=1B2E938EAEA27B990355B6C3DB6C1C1A9F33BFB4 ft=1 fh=c71c0011ddfe20fa vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll"
sh=7A18C5B083B2038CB2DE877694085DF633F40C46 ft=1 fh=c71c0011b1f6426d vn="Win32/Toolbar.Babylon evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll"
sh=AC056A6D25E04155BA23BF34670C3E6D2A85B248 ft=1 fh=c71c0011bbd638b2 vn="Variante von Win32/Toolbar.Babylon.AA evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe"
sh=C02A094933FD68AE44EAE0EA249EB6A981353C91 ft=1 fh=1cff81f31528b9a9 vn="Win32/Toolbar.Babylon evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll"
sh=9E60FE40C5BA463780413D5D22446858015EFF4B ft=1 fh=b2e9a257c367f009 vn="Win32/Toolbar.Babylon evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll"
sh=7CB1DF99020FC1498B79C6C265BE385AFA096481 ft=1 fh=c71c00112e778672 vn="Variante von Win32/Toolbar.Babylon.F evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\Babylon\Setup\BExternal.dll"
sh=AAF32BE04CB3E1915B2A1F71166F529C1B85329D ft=1 fh=25bd7a2d5da265ae vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\AppData\Local\Babylon\Setup\IECookieLow.dll"
sh=01C38F848B63E1C032551CDBBC4F67F7ADE66937 ft=1 fh=9c13e7191f38af1e vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\AppData\Local\Babylon\Setup\Setup.exe"
sh=249ADF9740F0A002149855A15D93F70698E8A30F ft=1 fh=870f20eae3692438 vn="Win32/Packed.Autoit.C.Gen verdÃ¤chtige Datei" ac=I fn="K:\Software\---private Ordner---\CRC-Killer.exe"
sh=B22621B2E760AEB8EE8DC609D4BEB5476D4BDAA2 ft=1 fh=92f0fff0bbfcb40b vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="K:\Software\---private Ordner---\Format_Factory260DE.exe"

Und checkup.txt von SecurityCheck

Code:

ATTFilter

 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Spybot - Search & Destroy 
 Java 8 Update 51  
 Microsoft VisualStudio JavaScript Language Service 
 Adobe Reader XI  
 Mozilla Firefox (39.0) 
 Mozilla Thunderbird (38.1.0) 
````````Process Check: objlist.exe by Laurent````````  
 Spybot Teatimer.exe is disabled! 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Und hier noch FRST

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von USER (Administrator) auf USER-PC (20-08-2015 09:53:35)
Gestartet von C:\Users\USER\Desktop
Geladene Profile: USER (Verfügbare Profile: USER)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\WINDOWS\System32\atiesrxx.exe
(IDT, Inc.) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\stacsv64.exe
(AMD) C:\WINDOWS\System32\atieclxx.exe
() C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\BCMWLTRY.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\WINDOWS\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(O2Micro International) C:\WINDOWS\System32\drivers\o2flash.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Dell Inc.) C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\WINDOWS\System32\GWX\GWX.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\31.0.1889.174\opera.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1909032 2010-01-15] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-01-21] (IDT, Inc.)
HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRAY.exe [4968960 2009-07-17] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-12-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2015-07-14]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3109766734-3921118406-2127283393-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.euro.dell.com/content/default.aspx?c=at&l=de&s=gen
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-04] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7A32B86E-8B29-4F5C-B0AE-DA738ADC9B88}: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox
FF NewTab: about:blank
FF SelectedSearchEngine: Startpage HTTPS
FF Homepage: about:home
FF NetworkProxy: "ftp", "127.0.0.1"
FF NetworkProxy: "ftp_port", 4001
FF NetworkProxy: "gopher", "127.0.0.1"
FF NetworkProxy: "gopher_port", 4001
FF NetworkProxy: "http", "127.0.0.1"
FF NetworkProxy: "http_port", 4001
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 4001
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "127.0.0.1"
FF NetworkProxy: "ssl_port", 4001
FF NetworkProxy: "type", 1
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-15] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\blekko-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\duckduckgo-ssl-javascript-free.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-de-ssl.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\google-encrypted-no-personalization.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick-ssl-pictures---english.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ixquick.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-eng-ger.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-esp-ale.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\leo-fra-all.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\metager2.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-deutsch.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\ssl-wikipedia-english.xml [2015-02-26]
FF SearchPlugin: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\searchplugins\startpage-https---deutsch.xml [2015-02-26]
FF Extension: HTTPS-Everywhere - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\https-everywhere@eff.org [2015-07-20]
FF Extension: CanvasBlocker - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\CanvasBlocker@kkapsner.de.xpi [2015-02-26]
FF Extension: JonDoFox - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{437be45a-4114-11dd-b9ab-71d256d89593}.xpi [2015-02-26]
FF Extension: NoScript - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-02-26]
FF Extension: Cookie Controller - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{ac2cfa60-bc96-11e0-962b-0800200c9a66}.xpi [2015-02-26]
FF Extension: Adblock Plus - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-02-26]
FF Extension: ProfileSwitcher - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\JonDoFox\Extensions\{fa8476cf-a98c-4e08-99b4-65a69cb4b7d4}.xpi [2015-02-26]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-23] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_0057cbec48a2d7cf\STacSV64.exe [244736 2010-01-21] (IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwltry.exe [3417088 2009-07-17] (Dell Inc.) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-20] (Microsoft Corporation)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-01-31] (Microsoft Corporation)
R5 Compbatt; C:\Windows\System32\DRIVERS\compbatt.sys [21584 2009-07-14] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\DRIVERS\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-01] (Disc Soft Ltd)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-20] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-20] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-20] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-20] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-20] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-20] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-20] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-20] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 CtClsFlt; system32\DRIVERS\CtClsFlt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-20 09:53 - 2015-08-20 09:53 - 02173952 _____ (Farbar) C:\Users\USER\Desktop\FRST64.exe
2015-08-20 09:52 - 2015-08-20 09:52 - 00000901 _____ C:\Users\USER\Desktop\checkup.txt
2015-08-20 09:47 - 2015-08-20 09:47 - 00852684 _____ C:\Users\USER\Desktop\SecurityCheck.exe
2015-08-20 03:01 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 03:01 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:01 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:01 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 19:07 - 2015-08-19 19:07 - 02870984 _____ (ESET) C:\Users\USER\Desktop\esetsmartinstaller_deu.exe
2015-08-19 00:19 - 2015-08-17 08:13 - 00000000 ____D C:\Users\USER\Downloads\s
2015-08-19 00:11 - 2015-08-19 00:19 - 115510324 _____ C:\Users\USER\Downloads\s.rar
2015-08-19 00:09 - 2015-08-17 07:53 - 00000000 ____D C:\Users\USER\Downloads\b
2015-08-18 23:59 - 2015-08-19 00:09 - 134463860 _____ C:\Users\USER\Downloads\b.rar
2015-08-17 17:26 - 2015-08-17 17:26 - 00000275 _____ C:\Users\USER\Documents\sdfsdf.txt
2015-08-17 11:27 - 2015-08-19 18:28 - 00000224 _____ C:\Windows\setupact.log
2015-08-17 11:27 - 2015-08-17 11:27 - 00408392 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-17 11:27 - 2015-08-17 11:27 - 00000000 _____ C:\Windows\setuperr.log
2015-08-16 23:11 - 2015-08-15 07:17 - 00000000 ____D C:\Users\USER\Downloads\f
2015-08-16 22:54 - 2015-08-16 23:11 - 138887708 _____ C:\Users\USER\Downloads\f.rar
2015-08-16 22:54 - 2015-08-15 07:19 - 00000000 ____D C:\Users\USER\Downloads\bb
2015-08-16 22:35 - 2015-08-16 22:53 - 155469452 _____ C:\Users\USER\Downloads\bb.part3.rar
2015-08-16 22:11 - 2015-08-16 22:33 - 188743680 _____ C:\Users\USER\Downloads\bb.part2.rar
2015-08-16 21:47 - 2015-08-16 22:09 - 188743680 _____ C:\Users\USER\Downloads\bb.part1.rar
2015-08-16 21:46 - 2015-08-15 07:51 - 00000000 ____D C:\Users\USER\Downloads\d
2015-08-16 21:21 - 2015-08-16 21:21 - 00109280 _____ C:\Users\USER\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-16 20:25 - 2015-08-16 21:46 - 194234556 _____ C:\Users\USER\Downloads\d.rar
2015-08-15 03:14 - 2015-08-15 03:15 - 01529854 _____ C:\Users\USER\Downloads\video.cab
2015-08-13 19:52 - 2015-08-11 06:28 - 00000000 ____D C:\Users\USER\Downloads\bbb
2015-08-13 19:38 - 2015-08-13 19:52 - 146206364 _____ C:\Users\USER\Downloads\bb.rar
2015-08-13 19:37 - 2015-08-08 04:05 - 00000000 ____D C:\Users\USER\Downloads\bbbb
2015-08-13 19:18 - 2015-08-13 19:37 - 203322484 _____ C:\Users\USER\Downloads\bbbb.part3.rar
2015-08-13 18:59 - 2015-08-13 19:17 - 208666624 _____ C:\Users\USER\Downloads\bbbb.part2.rar
2015-08-13 18:41 - 2015-08-13 18:59 - 208666624 _____ C:\Users\USER\Downloads\bbbb.part1.rar
2015-08-13 02:57 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 02:57 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:57 - 2015-08-12 22:57 - 00000297 _____ C:\Users\USER\Desktop\sdfsdfsdf.txt
2015-08-12 22:41 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 22:41 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 22:41 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 22:41 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 22:41 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 22:41 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 22:41 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 22:41 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 22:41 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:41 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 22:41 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 22:41 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:41 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 22:41 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 22:41 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:41 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 22:41 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 22:41 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:41 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:41 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 22:41 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 22:41 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 22:41 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 22:41 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 22:41 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 22:41 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 22:41 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 22:41 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 22:41 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 22:41 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 22:41 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 22:41 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 22:41 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 22:41 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:41 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 22:41 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 22:41 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 22:41 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 22:41 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 22:41 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 22:41 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 22:41 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 22:41 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 22:41 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 22:41 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 22:41 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 22:41 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 22:41 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 22:41 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 22:41 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 22:41 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 22:41 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 22:41 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 22:41 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 22:41 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 22:41 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 22:41 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 22:41 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 22:41 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 22:41 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 22:41 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 22:39 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:38 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 22:38 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 22:38 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 22:38 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 22:38 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 22:38 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 22:38 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 22:38 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 22:38 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 22:38 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 22:38 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 22:38 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 22:38 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 22:38 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 22:38 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 22:38 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 22:38 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 22:38 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 22:38 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 22:38 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 22:38 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 22:38 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 22:38 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 22:38 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 22:38 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 22:38 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 22:38 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 22:38 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 22:38 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 22:38 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 22:38 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 22:38 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 22:38 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 22:38 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 22:38 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 22:38 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 22:38 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 22:38 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 22:38 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 22:38 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 22:38 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 22:38 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 22:38 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 22:38 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 22:38 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 22:38 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 22:38 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 22:38 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 22:38 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 22:38 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 22:38 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 22:38 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 22:38 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 22:38 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 22:38 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 22:38 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 22:37 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 22:37 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 22:37 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:37 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 22:37 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:37 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 22:37 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 22:37 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:37 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:37 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:37 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:37 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:37 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 22:37 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 22:37 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:37 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:37 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 22:37 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 22:37 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 22:37 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:37 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:37 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:37 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:37 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 22:37 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:37 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 22:36 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 22:36 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 22:36 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 22:36 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 22:36 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 22:36 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 22:36 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 22:36 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 22:36 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-07 00:48 - 2015-08-06 13:22 - 00000000 ____D C:\Users\USER\Downloads\bbbbb
2015-08-07 00:40 - 2015-08-07 00:48 - 142826308 _____ C:\Users\USER\Downloads\bbbbb.rar
2015-08-07 00:39 - 2015-08-02 03:32 - 00000000 ____D C:\Users\USER\Downloads\sss
2015-08-07 00:28 - 2015-08-07 00:39 - 195802396 _____ C:\Users\USER\Downloads\sss.rar
2015-08-07 00:27 - 2015-08-04 07:16 - 00000000 ____D C:\Users\USER\Downloads\bbbbb
2015-08-07 00:16 - 2015-08-07 00:27 - 178576532 _____ C:\Users\USER\Downloads\bbbb.rar
2015-08-07 00:15 - 2015-08-04 07:15 - 00000000 ____D C:\Users\USER\Downloads\bbb
2015-08-07 00:09 - 2015-08-07 00:15 - 113049724 _____ C:\Users\USER\Downloads\bbb.rar
2015-08-07 00:08 - 2015-08-04 07:16 - 00000000 ____D C:\Users\USER\Downloads\ssss
2015-08-06 23:52 - 2015-08-07 00:08 - 225263116 _____ C:\Users\USER\Downloads\ssss.rar
2015-08-06 23:51 - 2015-08-06 05:17 - 00000000 ____D C:\Users\USER\Downloads\ff
2015-08-06 23:38 - 2015-08-06 23:51 - 182390230 _____ C:\Users\USER\Downloads\ff.rar
2015-08-06 23:37 - 2015-08-02 03:36 - 00000000 ____D C:\Users\USER\Downloads\bb
2015-08-06 23:25 - 2015-08-06 23:37 - 163742820 _____ C:\Users\USER\Downloads\bb.rar
2015-08-06 22:54 - 2015-08-06 05:18 - 00000000 ____D C:\Users\USER\Downloads\sssss
2015-08-06 22:43 - 2015-08-06 22:54 - 107393340 _____ C:\Users\USER\Downloads\sssss.rar
2015-08-05 00:01 - 2015-08-05 00:07 - 00000000 ____D C:\Users\USER\Desktop\Neuer Ordner (2)
2015-08-04 23:52 - 2015-08-04 23:52 - 00000000 ____D C:\Users\USER\Desktop\Neuer Ordner
2015-08-03 23:08 - 2015-08-03 23:08 - 00000000 ____D C:\Users\USER\AppData\Roaming\Thunderbird
2015-08-03 23:08 - 2015-08-03 23:08 - 00000000 ____D C:\Users\USER\AppData\Local\Thunderbird
2015-08-03 23:07 - 2015-08-03 23:07 - 00001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-08-03 23:07 - 2015-08-03 23:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-08-03 23:01 - 2015-08-03 23:02 - 33855496 _____ (Mozilla) C:\Users\USER\Downloads\Thunderbird_Setup_38.1.0de.exe
2015-08-03 00:46 - 2015-08-03 00:46 - 00000000 ____D C:\Users\USER\Downloads\su
2015-08-02 23:53 - 2015-08-02 04:38 - 00000000 ____D C:\Users\USER\Downloads\bu
2015-08-02 23:37 - 2015-08-02 23:52 - 164868356 _____ C:\Users\USER\Downloads\bu.rar
2015-08-02 23:36 - 2015-07-31 15:32 - 00000000 ____D C:\Users\USER\Downloads\bbu
2015-08-02 23:24 - 2015-08-02 23:36 - 118493513 _____ C:\Users\USER\Downloads\bbu.rar
2015-08-02 23:06 - 2015-08-02 23:23 - 178257920 _____ C:\Users\USER\Downloads\bbu.part1.rar
2015-07-30 11:53 - 2015-07-30 11:53 - 00102912 _____ C:\Users\USER\Downloads\u15__3_.xls
2015-07-29 21:36 - 2015-07-28 21:47 - 00000000 ____D C:\Users\USER\Downloads\bbu
2015-07-29 18:17 - 2015-07-29 19:18 - 00032989 _____ C:\Users\USER\Desktop\Addition.txt
2015-07-29 18:16 - 2015-08-20 09:53 - 00020128 _____ C:\Users\USER\Desktop\FRST.txt
2015-07-29 16:08 - 2015-07-29 19:28 - 00000604 _____ C:\Users\USER\Desktop\JRT.txt
2015-07-29 15:45 - 2015-07-29 15:45 - 01798176 _____ (Malwarebytes Corporation) C:\Users\USER\Desktop\JRT.exe
2015-07-29 15:11 - 2015-07-29 15:39 - 00000000 ____D C:\AdwCleaner
2015-07-29 15:08 - 2015-07-29 15:09 - 02248704 _____ C:\Users\USER\Desktop\AdwCleaner_4.208.exe
2015-07-29 00:26 - 2015-07-29 00:26 - 00000238 _____ C:\Users\USER\Desktop\fragen.txt
2015-07-28 23:37 - 2015-07-28 23:37 - 00000000 ____D C:\Windows\Sun
2015-07-28 19:12 - 2015-07-28 19:12 - 00000000 ____D C:\Program Files\Common Files\AV
2015-07-28 19:07 - 2015-07-28 19:15 - 00000360 _____ C:\Users\USER\Desktop\Anhänge.txt
2015-07-28 19:00 - 2015-07-28 19:00 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-07-28 19:00 - 2015-07-28 19:00 - 00001385 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-07-28 19:00 - 2015-07-28 19:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-07-28 19:00 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-07-28 16:48 - 2015-07-28 16:49 - 00034591 _____ C:\Users\USER\Desktop\ComboFix.txt
2015-07-28 16:33 - 2015-07-28 16:33 - 00034580 _____ C:\ComboFix.txt
2015-07-28 15:19 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-28 15:19 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-28 15:19 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-28 15:19 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-28 14:57 - 2015-07-28 14:57 - 00000085 _____ C:\Windows\wininit.ini
2015-07-28 14:49 - 2015-07-28 14:50 - 05633622 ____R (Swearware) C:\Users\USER\Desktop\ComboFix.exe
2015-07-26 15:56 - 2015-07-28 16:33 - 00000000 ____D C:\Qoobox
2015-07-26 15:55 - 2015-07-28 16:28 - 00000000 ____D C:\Windows\erdnt
2015-07-24 20:25 - 2015-07-24 20:25 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\USER\Desktop\tdsskiller.exe
2015-07-24 18:59 - 2015-07-24 18:59 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-24 18:58 - 2015-07-24 20:23 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-24 18:58 - 2015-07-24 18:58 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-24 18:56 - 2015-07-24 20:23 - 00000000 ____D C:\Users\USER\Desktop\mbar
2015-07-24 18:56 - 2015-07-24 18:56 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-24 18:55 - 2015-07-24 18:55 - 16502728 _____ (Malwarebytes Corp.) C:\Users\USER\Desktop\mbar-1.09.1.1004.exe
2015-07-23 13:56 - 2015-07-23 14:00 - 00000000 ____D C:\fuck
2015-07-22 20:13 - 2015-07-22 20:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\NuGet
2015-07-22 17:03 - 2015-07-22 20:02 - 00000000 ____D C:\Users\USER\Documents\Visual Studio 2015
2015-07-22 17:01 - 2015-07-22 17:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 12.0
2015-07-22 16:55 - 2015-07-22 16:55 - 00000000 ____D C:\ProgramData\NuGet
2015-07-22 16:55 - 2015-07-22 16:55 - 00000000 ____D C:\Program Files (x86)\NuGet
2015-07-22 16:34 - 2015-07-22 16:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-07-22 16:33 - 2015-07-22 16:43 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-07-22 16:31 - 2015-07-22 16:31 - 00001532 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VS Express für Desktop.lnk
2015-07-22 16:30 - 2015-07-22 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015
2015-07-22 16:24 - 2015-07-22 16:42 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2015-07-22 16:24 - 2015-07-22 16:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Help Viewer
2015-07-22 16:23 - 2015-07-22 16:51 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-07-22 16:23 - 2015-07-22 16:51 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\SysWOW64\1033
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\SysWOW64\1031
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\system32\1033
2015-07-22 16:23 - 2015-07-22 16:23 - 00000000 ____D C:\Windows\system32\1031
2015-07-22 16:15 - 2015-07-22 16:15 - 00000000 ____D C:\Program Files\Microsoft SQL Server Compact Edition
2015-07-22 16:09 - 2015-07-22 16:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 14.0
2015-07-22 15:41 - 2015-06-07 01:13 - 00961192 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00062304 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:13 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00883712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00064352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-07-22 15:41 - 2015-06-07 01:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-07-22 15:18 - 2015-07-22 15:27 - 00000000 ____D C:\CAE1
2015-07-22 15:13 - 2015-07-22 19:48 - 00000000 ____D C:\ProgramData\VsTelemetry
2015-07-21 00:49 - 2015-08-20 09:53 - 00000000 ____D C:\FRST
2015-07-21 00:34 - 2015-07-21 00:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-21 00:34 - 2015-07-21 00:34 - 00000000 ____D C:\Program Files\McAfee Security Scan

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-20 09:48 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-20 09:48 - 2009-07-14 06:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-20 08:47 - 2009-07-14 07:10 - 01555537 _____ C:\Windows\WindowsUpdate.log
2015-08-19 18:28 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-18 19:18 - 2015-04-01 04:12 - 00003848 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1427854332
2015-08-18 19:18 - 2015-04-01 04:11 - 00000000 ____D C:\Program Files (x86)\Opera
2015-08-17 15:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-17 11:27 - 2015-03-31 14:46 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-08-17 02:39 - 2015-03-31 19:10 - 00000000 ____D C:\Users\USER\AppData\Roaming\vlc
2015-08-16 20:45 - 2015-04-02 17:04 - 00000000 ____D C:\Windows\Minidump
2015-08-16 20:12 - 2015-03-31 14:46 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-08-16 20:11 - 2015-03-31 14:46 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-16 20:11 - 2015-03-31 14:46 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-16 20:08 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-13 16:33 - 2015-03-31 22:20 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 16:33 - 2015-03-31 22:20 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-13 02:43 - 2015-03-31 13:46 - 00000000 ____D C:\Windows\system32\MRT
2015-08-13 02:35 - 2015-03-31 13:46 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-05 00:02 - 2009-07-14 19:58 - 00699340 _____ C:\Windows\system32\perfh007.dat
2015-08-05 00:02 - 2009-07-14 19:58 - 00149448 _____ C:\Windows\system32\perfc007.dat
2015-08-05 00:02 - 2009-07-14 07:13 - 01619272 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 00:07 - 2015-07-06 12:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-03 00:51 - 2015-07-10 19:28 - 00000000 ___HD C:\$Windows.~BT
2015-08-03 00:14 - 2010-11-23 01:38 - 00000000 ____D C:\Windows\Panther
2015-07-30 11:17 - 2015-04-01 01:51 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 11:17 - 2015-04-01 01:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-28 19:12 - 2015-04-01 02:08 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-28 18:59 - 2015-04-01 02:08 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-07-28 16:25 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-25 15:51 - 2015-03-31 21:05 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-23 14:00 - 2015-07-08 22:13 - 00000000 ____D C:\Users\USER\AppData\Roaming\CodeBlocks
2015-07-23 12:38 - 2015-04-01 02:16 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-23 12:38 - 2015-04-01 02:16 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-22 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-07-22 16:25 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-07-22 16:16 - 2015-03-31 23:59 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2015-07-22 16:07 - 2015-03-31 13:54 - 01592824 _____ C:\Windows\SysWOW64\PerfStringBackup.INI

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-04-01 02:33 - 2015-04-01 02:33 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-01 12:35 - 2015-04-01 12:35 - 0000000 _____ () C:\ProgramData\Yes

Einige Dateien in TEMP:
====================
C:\Users\USER\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-12 21:29

==================== Ende von Ergebnis ============================

schrauber · 21.08.2015, 07:32

Naja, diesen "Keylogger" solltest Du ja kennen, selbst heruntergeladen

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\Users\user\Downloads\video.cab

K:\---private Ordner---\Cheats,Trainer,Maps,Saves\--- private Prdner ---Trainer.exe

K:\---private Ordner---\BlueStacks App Player - CHIP-Installer.exe

K:\---private Ordner---\PHP-Skripte\google.zip

K:\Software\Nitro PDF Reader 64 Bit - CHIP-Installer.exe

K:\Software\Visual Basic 2010 Express - CHIP-Installer.exe

K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarApp.dll

K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarEng.dll

K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarsrv.exe

K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\BabylonToolbarTlbr.dll

K:\Software\---private Ordner---\BabylonToolbar\BabylonToolbar\1.5.3.17\bh\BabylonToolbar.dll

K:\Software\---private Ordner---\Babylon\Setup\BExternal.dll

K:\Software\---private Ordner---\AppData\Local\Babylon\Setup\IECookieLow.dll

K:\Software\---private Ordner---\AppData\Local\Babylon\Setup\Setup.exe

K:\Software\---private Ordner---\CRC-Killer.exe

K:\Software\---private Ordner---\Format_Factory260DE.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

allgemein mal über das Downloadverhalten nachdenken.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Regelmäßige Spitzenauslastung des Drahtlosnetzwerks im Task Manager

Plagegeister aller Art und deren Bekämpfung: Regelmäßige Spitzenauslastung des Drahtlosnetzwerks im Task Manager