| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: PC reagiert kaum nochWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.11.2015, 20:49
| #1 |
 |  PC reagiert kaum noch Hallo ihr, hab seit gestern ein Problem mit dem PC, beim hochfahren öffnen sich der Text-Editor und Mozilla mit Einem Screen auf Englisch zusätzlich haben alle Dateien ein Änderungsdatum von heute und in allen Programmen sind Dateien mit dem Namen _how_to_Recover mit verschiedenen Endungen(dvx,mxh,ieh usw, es kommt ein neuer Bildschirmhintergrund, Taskmanager lässt sich nicht öffnen, Volume C: hat 0 Byte Speicherplatz egal wie viel ich dort lösche, Ram und CPU zeigen oft bis 100 % Auslastung an. Egal welche I-Net Seiten ich aufrufe im Hintergrund laufen irgendwelche Nachrichten Hoffe ihr könnt damit was Anfangen und mir helfen. Gruß Heinz |
|
25.11.2015, 20:52
| #2 |
| /// the machine /// TB-Ausbilder    | PC reagiert kaum noch hi,
__________________Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8) Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
__________________ |
|
26.11.2015, 16:47
| #3 |
| | PC reagiert kaum nochCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-11-2015 02
durchgeführt von SYSTEM auf MININT-2S1VM7F (26-11-2015 16:20:47)
Gestartet von f:\
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11
Start-Modus: Recovery
Standard: ControlSet001
ACHTUNG!:=====> Wenn das System startfähig ist sollte FRST im normalen oder abgesicherten Modus ausgeführt werden, um ein vollständiges Ergebnis zu erhalten.
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [fgdh4563] => C:\Users\buebi\AppData\Roaming\fhhkg-a.exe [311296 2015-11-24] ()
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [5893920 2015-11-12] (IObit)
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ACHTUNG
HKU\buebi\...\Run: [GUDelayStartup] => D:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-02-12] (Glarysoft Ltd)
HKU\buebi\...\Run: [fgdh4563] => C:\Users\buebi\AppData\Roaming\fhhkg-a.exe [311296 2015-11-24] ()
HKU\buebi\...\Run: [BrowserUpdate] => C:\Users\buebi\AppData\Roaming\BrowserMe\GoogleUpdate.exe [40126464 2015-11-24] ()
HKU\buebi\...\Run: [BrowserMe] => C:\Users\buebi\AppData\Roaming\BrowserMe\GoogleUpdate.exe [40126464 2015-11-24] ()
HKU\buebi\...\Policies\system: [DisableTaskMgr] 1
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-03-01] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.HTML [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.TXT [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.HTML [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.TXT [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.HTML [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.TXT [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.HTML [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.TXT [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.HTML [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.TXT [2015-11-24] ()
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [821024 2015-08-05] (IObit)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-12] (Avira Operations GmbH & Co. KG)
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S2 Bigfoot Networks Killer Service; D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [882464 2015-11-04] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-02-13] (Advanced Micro Devices Inc.)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-26] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-26] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-26] (Avira Operations GmbH & Co. KG)
S3 BfEdge7x64; C:\Windows\System32\DRIVERS\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc.)
S3 BFN7x64; C:\Windows\System32\DRIVERS\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc.)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2015-03-25] (IObit)
S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-23] (Glarysoft Ltd)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2015-03-25] (IObit.com)
S0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2015-03-25] (IObit.com)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-26 16:19 - 2015-11-26 16:20 - 00000000 ____D C:\FRST
2015-11-26 15:18 - 2015-11-26 15:18 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.HTML
2015-11-26 15:18 - 2015-11-26 15:18 - 00007307 _____ C:\users\_how_recover_ayk.HTML
2015-11-26 15:18 - 2015-11-26 15:18 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.TXT
2015-11-26 15:18 - 2015-11-26 15:18 - 00002588 _____ C:\users\_how_recover_ayk.TXT
2015-11-26 15:18 - 2015-11-26 15:18 - 00000253 _____ C:\Users\buebi\Documents\recover_file_myhsbxcfi.txt
2015-11-26 15:12 - 2015-11-26 15:13 - 00007307 _____ C:\users\_how_recover_ooy.HTML
2015-11-26 15:12 - 2015-11-26 15:13 - 00002588 _____ C:\users\_how_recover_ooy.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000253 _____ C:\Users\buebi\Documents\recover_file_gfonguptg.txt
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 14:24 - 2015-11-26 14:27 - 00007307 _____ C:\users\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:27 - 00002588 _____ C:\users\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\Program Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\ProgramData\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\Program Files\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00000253 _____ C:\Users\buebi\Documents\recover_file_thywwjvit.txt
2015-11-25 20:31 - 2015-11-26 15:21 - 00000054 _____ C:\Users\buebi\Desktop\HOWTO_RESTORE_FILES.bmp
2015-11-25 20:31 - 2015-11-26 15:18 - 00003006 _____ C:\Users\buebi\Desktop\HOWTO_RESTORE_FILES.TXT.ccc
2015-11-25 20:26 - 2015-11-25 20:26 - 00000000 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\Public\Documents\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\users\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\Public\Documents\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\users\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Program Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\ProgramData\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Program Files\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00000253 _____ C:\Users\buebi\Documents\recover_file_sjbhiuunc.txt
2015-11-25 20:08 - 2015-11-25 20:08 - 00000000 ____H C:\asc_rdflag
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\Public\Documents\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\Public\Documents\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00000253 _____ C:\Users\buebi\Documents\recover_file_nexgsdfur.txt
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\Public\Documents\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\Public\Documents\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\ProgramData\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00000253 _____ C:\Users\buebi\Documents\recover_file_xjwqccuvf.txt
2015-11-25 18:03 - 2015-11-25 18:03 - 00001086 _____ C:\Windows\System32\Tasks - Verknüpfung.lnk
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Public\Downloads\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Public\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\Downloads\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\Documents\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\Downloads\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\Documents\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\Downloads\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\Documents\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Public\Downloads\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Public\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\Downloads\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\Documents\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\Downloads\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\Documents\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\Downloads\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\Documents\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\_how_recover_mxh.TXT
2015-11-25 17:46 - 2015-11-25 17:47 - 00001251 _____ C:\Users\buebi\Desktop\taskmgr.lnk
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Public\Documents\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Public\Documents\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00000253 _____ C:\Users\buebi\Documents\recover_file_fuexfrnmk.txt
2015-11-25 16:47 - 2015-11-25 16:47 - 00001183 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-11-25 16:45 - 2015-11-25 16:46 - 13788160 _____ (IObit ) C:\Users\buebi\Downloads\driver_booster_setup (3.1.0.332).exe
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Public\Downloads\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Public\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\Downloads\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\Documents\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\Downloads\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\Documents\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\Downloads\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\Documents\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Public\Downloads\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Public\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\Downloads\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\Documents\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\Downloads\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\Documents\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\Downloads\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\Documents\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Public\Documents\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 00007307 _____ C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Public\Documents\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 00002588 _____ C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 00007307 _____ C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 00002588 _____ C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 00000253 _____ C:\Users\buebi\Documents\recover_file_ogqinrttd.txt
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Public\Downloads\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Public\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\Downloads\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\Documents\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\Downloads\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\Documents\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\Downloads\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\Documents\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Public\Downloads\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Public\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\Downloads\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\Documents\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\Downloads\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\Documents\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\Downloads\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\Documents\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Public\Documents\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Public\Documents\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Program Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\ProgramData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00000253 _____ C:\Users\buebi\Documents\recover_file_ddrygbkka.txt
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\Public\Downloads\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\Public\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\Downloads\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\Documents\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\Public\Downloads\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\Public\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\Downloads\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\Documents\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\Public\Documents\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\Public\Documents\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00000253 _____ C:\Users\buebi\Documents\recover_file_yqjqasbgu.txt
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\Public\Documents\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\Public\Documents\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\ProgramData\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00000253 _____ C:\Users\buebi\Documents\recover_file_gaajnclru.txt
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\Public\Documents\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\Public\Documents\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 20:08 - 2015-11-24 20:08 - 00000253 _____ C:\Users\buebi\Documents\recover_file_fgyxhbupb.txt
2015-11-24 19:41 - 2015-11-26 15:21 - 00007307 _____ C:\Users\buebi\Desktop\HOWTO_RESTORE_FILES.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Public\Downloads\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Public\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\Downloads\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\Documents\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\Downloads\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\Documents\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\Downloads\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\Documents\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Public\Downloads\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Public\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\Downloads\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\Documents\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\Downloads\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\Documents\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\Downloads\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\Documents\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\_how_recover_txi.TXT
2015-11-24 19:21 - 2015-11-24 19:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:21 - 2015-11-24 19:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 00000904 ____H C:\ProgramData\@system.temp
2015-11-24 19:18 - 2015-11-26 15:19 - 00000640 ____H C:\ProgramData\@system3.att
2015-11-24 19:18 - 2015-11-24 19:18 - 00000480 ____H C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\Roaming\BrowserMe
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{A7678D9E-37E4-4D52-A9B2-11777696009D}
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{56569604-F8FD-4B74-AFE1-A9BF4392C217}
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Public\Documents\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Public\Documents\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Program Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\ProgramData\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Program Files\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00000253 _____ C:\Users\buebi\Documents\recover_file_bfpkyfjya.txt
2015-11-24 19:16 - 2015-11-25 20:09 - 00000000 ___HD C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
2015-11-24 19:16 - 2015-11-24 19:16 - 00311296 _____ C:\Users\buebi\AppData\Roaming\fhhkg-a.exe
2015-11-18 08:08 - 2015-11-18 08:08 - 30003568 _____ (IObit ) C:\Users\buebi\Downloads\IObit-Malware-Fighter-Setup.exe
2015-11-15 10:24 - 2015-11-25 20:08 - 44236800 _____ C:\Windows\System32\config\components.iodefrag.bak
2015-11-14 11:25 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{D55E3194-1AF1-4F77-8E95-158F7A791250}
2015-11-14 11:25 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{189F0F8A-EE01-4590-871B-397920EA8882}
2015-11-12 15:41 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2015-11-11 15:50 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 15:50 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2015-11-11 15:50 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2015-11-11 15:50 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2015-11-11 15:50 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:50 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 15:50 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2015-11-11 15:50 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 15:50 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 15:50 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 15:50 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:49 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2015-11-11 15:49 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2015-11-11 15:49 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2015-11-11 15:49 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2015-11-11 15:49 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2015-11-11 15:49 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2015-11-11 15:49 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2015-11-11 15:49 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2015-11-11 15:49 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2015-11-11 15:49 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 15:49 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 15:49 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 15:49 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2015-11-11 15:49 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 15:49 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 15:49 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2015-11-11 15:49 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:49 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2015-11-11 15:49 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2015-11-11 15:49 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:49 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\System32\aelupsvc.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\System32\sdbinst.exe
2015-11-11 15:49 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2015-11-11 15:49 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2015-11-11 15:49 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\System32\wow64win.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\System32\wow64.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\System32\winsrv.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\wow64cpu.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\srcore.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\System32\schannel.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\System32\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\System32\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\rstrui.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\System32\wdigest.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\System32\smss.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\System32\srclient.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\System32\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\System32\csrsrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\System32\sspisrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\System32\secur32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\System32\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\System32\conhost.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\auditpol.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\lsass.exe
2015-11-11 15:49 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\System32\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\System32\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\System32\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 15:49 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 15:49 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 15:49 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb10.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2015-11-11 15:49 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 15:49 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 15:49 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2015-11-11 15:49 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tdx.sys
2015-11-11 15:49 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2015-11-11 15:49 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\System32\InkEd.dll
2015-11-11 15:49 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\System32\jnwmon.dll
2015-11-11 15:49 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 15:49 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2015-11-11 15:49 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\System32\bcryptprimitives.dll
2015-11-11 15:49 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 03168768 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 02608128 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00696320 _____ (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00192512 _____ (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00140288 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00098816 _____ (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00091136 _____ (Microsoft Corporation) C:\Windows\System32\WinSetupUI.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wups2.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\System32\wups.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00012288 _____ (Microsoft Corporation) C:\Windows\System32\wu.upgrade.ps.dll
2015-11-04 09:59 - 2015-11-25 20:09 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-11-04 09:58 - 2015-11-26 14:24 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-04 00:06 - 2015-11-25 20:09 - 00000000 ____D C:\Users\buebi\AppData\Local\CEF
2015-11-04 00:00 - 2015-11-04 00:00 - 00002053 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-04 00:00 - 2015-11-04 00:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-03 23:35 - 2015-11-25 20:26 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA
2015-11-03 23:34 - 2015-11-03 23:34 - 00001387 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-11-03 23:34 - 2015-10-03 06:06 - 01756424 _____ (NVIDIA Corporation) C:\Windows\System32\nvspbridge64.dll
2015-11-03 23:34 - 2015-10-03 06:06 - 01710568 _____ (NVIDIA Corporation) C:\Windows\System32\nvspcap64.dll
2015-11-03 23:34 - 2015-10-03 06:06 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-11-03 23:34 - 2015-10-03 06:06 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-11-03 23:32 - 2015-11-25 20:09 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-03 23:32 - 2015-10-03 06:06 - 00112944 _____ (Khronos Group) C:\Windows\System32\OpenCL.dll
2015-11-03 23:32 - 2015-10-03 06:06 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-03 23:32 - 2015-10-03 03:49 - 06358648 _____ (NVIDIA Corporation) C:\Windows\System32\nvcpl.dll
2015-11-03 23:32 - 2015-10-03 03:49 - 02982520 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvc64.dll
2015-11-03 23:32 - 2015-10-03 03:49 - 02554488 _____ (NVIDIA Corporation) C:\Windows\System32\nvsvcr.dll
2015-11-03 23:32 - 2015-10-03 03:49 - 00938800 _____ (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
2015-11-03 23:32 - 2015-10-03 03:49 - 00385328 _____ (NVIDIA Corporation) C:\Windows\System32\nvmctray.dll
2015-11-03 23:32 - 2015-10-03 03:49 - 00062768 _____ (NVIDIA Corporation) C:\Windows\System32\nvshext.dll
2015-11-03 23:32 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-11-03 23:32 - 2015-10-01 10:33 - 05284082 _____ C:\Windows\System32\nvcoproc.bin
2015-11-03 23:31 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\System32\nvcompiler.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglv64.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 17395512 _____ (NVIDIA Corporation) C:\Windows\System32\nvwgf2umx.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\System32\nvopencl.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\System32\nvd3dumx.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 15002304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuda.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 12769408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvlddmkm.sys
2015-11-03 23:31 - 2015-10-03 06:06 - 03573832 _____ (NVIDIA Corporation) C:\Windows\System32\nvapi64.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 03154104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\System32\nvcuvid.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 01567576 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdagenco6420103.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\System32\NvFBC64.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\System32\NvIFR64.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\System32\nvumdshimx.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00204648 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvhda64v.sys
2015-11-03 23:31 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\System32\nvinitx.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\System32\nvoglshim64.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00072504 _____ (NVIDIA Corporation) C:\Windows\System32\nvaudcap64v.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-11-03 23:31 - 2015-10-03 06:06 - 00050472 _____ (NVIDIA Corporation) C:\Windows\System32\Drivers\nvvad64v.sys
2015-11-03 23:31 - 2015-10-03 06:06 - 00040280 _____ (NVIDIA Corporation) C:\Windows\System32\nvhdap64.dll
2015-11-03 23:30 - 2015-11-26 15:18 - 00000000 ____D C:\NVIDIA
2015-11-03 12:42 - 2015-11-26 15:34 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-03 12:42 - 2015-11-25 20:26 - 00000000 ____D C:\Users\buebi\AppData\Local\YSearchUtil
2015-11-03 12:42 - 2015-11-03 12:42 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-11-03 12:40 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Sun
2015-11-03 12:40 - 2015-11-25 20:09 - 00000000 ____D C:\Users\buebi\.oracle_jre_usage
2015-11-03 12:40 - 2015-11-25 20:09 - 00000000 ____D C:\ProgramData\Oracle
2015-11-03 12:40 - 2015-11-25 17:48 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Sun
2015-11-03 12:40 - 2015-11-03 12:40 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-03 12:40 - 2015-11-03 12:40 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-03 12:37 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Oracle
2015-11-03 12:37 - 2015-11-03 12:37 - 00584288 _____ (Oracle Corporation) C:\Users\buebi\JavaSetup8u65.exe
2015-11-03 12:10 - 2015-11-26 14:24 - 00000000 ____D C:\ProgramData\Adobe
2015-11-03 11:46 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispco6435850.dll
2015-11-03 11:46 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\System32\nvdispgenco6435850.dll
2015-11-03 11:46 - 2015-10-03 06:06 - 00033507 _____ C:\Windows\System32\nvinfo.pb
2015-10-31 11:35 - 2015-10-31 11:35 - 00001256 _____ C:\Users\buebi\Desktop\IObit Uninstaller.lnk
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-26 15:34 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-26 15:25 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-26 15:25 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-26 15:18 - 2015-10-24 08:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\HearthstoneDeckTracker
2015-11-26 15:18 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2015-11-26 15:18 - 2015-08-14 08:56 - 00000000 ____D C:\Users\buebi\AppData\Roaming\LolClient
2015-11-26 15:18 - 2015-05-13 18:52 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{DD317EB4-7D95-4B43-A5FA-6A090E6A62C0}
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\GlarySoft
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DiskDefrag
2015-11-26 15:18 - 2015-02-13 19:23 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\StarStableOnline
2015-11-26 15:18 - 2015-02-13 09:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Apple Computer
2015-11-26 15:18 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\Roaming\IObit
2015-11-26 15:18 - 2014-04-06 21:49 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\TB
2015-11-26 15:18 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Battle.net
2015-11-26 15:18 - 2013-08-16 19:29 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Avira
2015-11-26 15:18 - 2013-07-20 06:53 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Games
2015-11-26 15:18 - 2013-06-18 04:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DivX
2015-11-26 15:18 - 2013-06-17 18:39 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Temp
2015-11-26 15:18 - 2013-04-04 18:46 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Curse Advertising
2015-11-26 15:18 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Adobe
2015-11-26 15:18 - 2013-03-12 18:29 - 00000000 ____D C:\Users\buebi\AppData\Local\Deployment
2015-11-26 15:18 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Leadertech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logitech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logishrd
2015-11-26 15:18 - 2013-03-09 20:47 - 00000000 ____D C:\Lokaler Datenträger
2015-11-26 15:17 - 2015-02-23 09:30 - 00000334 _____ C:\Windows\Tasks\GlaryInitialize 5.job
2015-11-26 15:12 - 2013-08-20 14:04 - 00000000 ____D C:\NvidiaLogging
2015-11-26 15:12 - 2013-08-16 19:24 - 00000000 ____D C:\ProgramData\Avira
2015-11-26 15:12 - 2013-03-10 13:40 - 00000000 ____D C:\Program Files\Bigfoot Networks
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-26 14:27 - 2015-02-13 09:41 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (buebi)
2015-11-26 14:27 - 2014-08-07 11:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Mozilla
2015-11-26 14:27 - 2014-05-18 09:11 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Research
2015-11-26 14:27 - 2013-11-06 20:52 - 00000000 ____D C:\Users\buebi\AppData\Local\NativeMessaging
2015-11-26 14:27 - 2013-07-27 09:44 - 00000000 ____D C:\Users\buebi\AppData\Local\My Games
2015-11-26 14:24 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Binarysense
2015-11-26 14:24 - 2014-07-24 20:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-26 14:24 - 2013-10-20 11:30 - 00000000 ____D C:\SearchProtect
2015-11-26 14:24 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\DivX
2015-11-26 14:24 - 2013-04-11 17:09 - 00000000 ____D C:\Program Files\Google
2015-11-26 14:24 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\ASUS OC Profiles
2015-11-26 14:24 - 2013-03-10 14:21 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-11-26 14:24 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-26 14:24 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\MSBuild
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Services
2015-11-26 14:23 - 2015-02-13 09:41 - 00000000 ____D C:\ProgramData\ProductData
2015-11-25 20:26 - 2015-04-01 14:24 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Avira
2015-11-25 20:26 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\IObit
2015-11-25 20:26 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieBrowserModeList
2015-11-25 20:26 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Local\Skype
2015-11-25 20:26 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieUserList
2015-11-25 20:26 - 2014-04-12 08:33 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieSiteList
2015-11-25 20:26 - 2013-11-12 17:11 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA Corporation
2015-11-25 20:26 - 2013-08-17 07:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Adobe
2015-11-25 20:26 - 2013-08-15 16:13 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\boost_interprocess
2015-11-25 20:26 - 2013-06-17 18:38 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Conduit
2015-11-25 20:26 - 2013-03-21 18:02 - 00000000 ____D C:\Users\buebi\AppData\Local\Tukui
2015-11-25 20:26 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Local\VirtualStore
2015-11-25 20:09 - 2015-10-26 16:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Genymobile
2015-11-25 20:09 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\TEMP
2015-11-25 20:09 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Licenses
2015-11-25 20:09 - 2015-06-22 14:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-25 20:09 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\GlarySoft
2015-11-25 20:09 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-11-25 20:09 - 2015-02-13 09:41 - 00000000 ____D C:\ProgramData\IObit
2015-11-25 20:09 - 2015-02-07 08:40 - 00000000 ____D C:\Users\buebi\AppData\Local\eSupport.com
2015-11-25 20:09 - 2014-12-26 09:24 - 00000000 ____D C:\Users\buebi\AppData\Local\Gameforge4d
2015-11-25 20:09 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieBrowserModeList
2015-11-25 20:09 - 2014-09-08 18:00 - 00000000 ____D C:\Users\buebi\AppData\Local\Adobe
2015-11-25 20:09 - 2014-08-07 11:21 - 00000000 ____D C:\ProgramData\Mozilla
2015-11-25 20:09 - 2014-05-23 12:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieUserList
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieSiteList
2015-11-25 20:09 - 2014-03-14 16:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard
2015-11-25 20:09 - 2013-08-18 21:35 - 00000000 ____D C:\Users\buebi\AppData\Local\Chromium
2015-11-25 20:09 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard Entertainment
2015-11-25 20:09 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Battle.net
2015-11-25 20:09 - 2013-06-17 18:38 - 00000000 ____D C:\Users\buebi\AppData\Local\CRE
2015-11-25 20:09 - 2013-06-17 18:38 - 00000000 ____D C:\ProgramData\Conduit
2015-11-25 20:09 - 2013-06-17 18:31 - 00000000 ____D C:\ProgramData\DivX
2015-11-25 20:09 - 2013-04-11 17:09 - 00000000 ____D C:\ProgramData\Google
2015-11-25 20:09 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\LogiShrd
2015-11-25 20:09 - 2013-03-10 13:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Apps\2.0
2015-11-25 20:08 - 2015-05-04 21:59 - 66076672 _____ C:\Windows\System32\config\software.iodefrag.bak
2015-11-25 20:08 - 2015-05-04 21:59 - 66076672 _____ C:\Windows\System32\config\software.iodefrag
2015-11-25 20:08 - 2015-05-04 21:59 - 00270336 _____ C:\Windows\System32\config\default.iodefrag.bak
2015-11-25 20:08 - 2015-05-04 21:59 - 00024576 _____ C:\Windows\System32\config\security.iodefrag.bak
2015-11-25 20:08 - 2015-05-04 21:59 - 00024576 _____ C:\Windows\System32\config\sam.iodefrag.bak
2015-11-25 19:12 - 2015-02-13 09:42 - 00002904 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_buebi
2015-11-25 18:37 - 2011-04-12 08:43 - 00713958 _____ C:\Windows\System32\perfh007.dat
2015-11-25 18:37 - 2011-04-12 08:43 - 00154074 _____ C:\Windows\System32\perfc007.dat
2015-11-25 18:37 - 2009-07-14 06:13 - 01648656 _____ C:\Windows\System32\PerfStringBackup.INI
2015-11-25 18:34 - 2015-10-22 06:56 - 00003242 _____ C:\Windows\System32\Tasks\Driver Booster Scheduler
2015-11-25 18:31 - 2015-06-02 07:01 - 00000000 ____D C:\Users\buebi\AppData\Local\GWX
2015-11-25 18:31 - 2014-08-07 11:26 - 00000000 ____D C:\Users\buebi\AppData\Local\Macromedia
2015-11-25 18:31 - 2013-04-11 17:09 - 00000000 ____D C:\Users\buebi\AppData\Local\Google
2015-11-25 18:31 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Logitech
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-02 11:18 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Riot Games
2015-11-25 17:48 - 2015-06-21 13:04 - 00000000 ____D C:\Users\buebi\Documents\StarCraft II
2015-11-25 17:48 - 2015-06-20 19:30 - 00000000 ____D C:\Users\buebi\Documents\Heroes of the Storm
2015-11-25 17:48 - 2015-04-24 08:09 - 00000000 ____D C:\Users\buebi\Norisbank
2015-11-25 17:48 - 2015-02-13 09:43 - 00000000 ____D C:\Users\buebi\AppData\Roaming\ProductData
2015-11-25 17:48 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Skype
2015-11-25 17:48 - 2014-06-27 19:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Mozilla
2015-11-25 17:48 - 2014-05-05 14:04 - 00000000 ____D C:\Users\buebi\Documents\ofen
2015-11-25 17:48 - 2014-04-21 13:15 - 00000000 ____D C:\Users\buebi\Documents\My Art
2015-11-25 17:48 - 2014-04-18 11:34 - 00000000 ____D C:\Users\buebi\Documents\NPS
2015-11-25 17:48 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\Documents\My NPS Files
2015-11-25 17:48 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Samsung
2015-11-25 17:48 - 2014-04-18 11:30 - 00000000 ____D C:\Users\buebi\Documents\Samsung
2015-11-25 17:48 - 2013-09-23 17:02 - 00000000 ____D C:\Users\buebi\AppData\Roaming\SimulationCraft
2015-11-25 17:48 - 2013-07-27 09:42 - 00000000 ____D C:\Users\buebi\Documents\My Games
2015-11-25 17:48 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Macromedia
2015-11-25 17:48 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\Documents\My Curse
2015-11-25 17:48 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2013-03-09 21:40 - 00000000 ____D C:\users\buebi
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-25 16:53 - 2013-08-17 06:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-25 16:47 - 2015-10-22 06:56 - 00001053 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2015-11-24 19:24 - 2015-10-24 08:53 - 14882558 _____ C:\Users\buebi\Hearthstone.Deck.Tracker-v0.12.3.zip.ccc
2015-11-24 19:24 - 2015-10-02 18:48 - 00024510 _____ C:\Users\buebi\Kontoauszug_430401338900_2015-10-02_1216 (1).pdf.ccc
2015-11-24 19:24 - 2015-10-02 18:46 - 00024510 _____ C:\Users\buebi\Kontoauszug_430401338900_2015-10-02_1216.pdf.ccc
2015-11-24 19:24 - 2015-09-05 12:10 - 00452782 _____ C:\Users\buebi\BMO-Satzung i. d. F. d. 6. Nachtrag.pdf.ccc
2015-11-24 19:24 - 2015-09-05 11:25 - 00263182 _____ C:\Users\buebi\Bonusformular_ffc_200_2015.pdf.ccc
2015-11-24 19:24 - 2015-09-02 18:10 - 00023102 _____ C:\Users\buebi\Kontoauszug_430401338900_2015-09-01_0756.pdf.ccc
2015-11-24 19:24 - 2014-05-15 22:58 - 02803982 _____ C:\Users\buebi\Desktop\Hearthstone_Screenshot_5.15.2014.23.58.50.png.ccc
2015-11-24 19:17 - 2015-10-02 18:46 - 00025998 _____ C:\Users\buebi\Abrechnung_430401338900_2015-10-01_0827.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:40 - 00139742 _____ C:\Users\buebi\11451971_5906313504_R_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:38 - 00030158 _____ C:\Users\buebi\11451971_5906313504_EVN_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-05 12:18 - 00195902 _____ C:\Users\buebi\Antrag auf doppelten Festzuschuss (Zahnersatz) 2015.pdf.ccc
2015-11-22 11:14 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-18 08:12 - 2015-02-13 09:42 - 00001364 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-11-15 10:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-11-15 05:59 - 2013-08-04 12:52 - 00000000 ____D C:\Windows\Minidump
2015-11-13 03:17 - 2009-07-14 05:45 - 00278800 _____ C:\Windows\System32\FNTCACHE.DAT
2015-11-11 19:35 - 2013-05-27 18:03 - 01622000 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-04 00:00 - 2014-12-25 14:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 23:34 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-03 23:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2015-11-03 10:49 - 2015-04-20 10:50 - 00001180 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\buebi\JavaSetup8u65.exe
Einige Dateien in TEMP:
====================
C:\Users\buebi\AppData\Local\Temp\avgnt.exe
C:\Users\buebi\AppData\Local\Temp\update.exe
==================== Known DLLs (Nicht auf der Ausnahmeliste) =========================
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => MD5 ist legitim
C:\Windows\System32\wininit.exe => MD5 ist legitim
C:\Windows\SysWOW64\wininit.exe => MD5 ist legitim
C:\Windows\explorer.exe => MD5 ist legitim
C:\Windows\SysWOW64\explorer.exe => MD5 ist legitim
C:\Windows\System32\svchost.exe => MD5 ist legitim
C:\Windows\SysWOW64\svchost.exe => MD5 ist legitim
C:\Windows\System32\services.exe => MD5 ist legitim
C:\Windows\System32\User32.dll => MD5 ist legitim
C:\Windows\SysWOW64\User32.dll => MD5 ist legitim
C:\Windows\System32\userinit.exe => MD5 ist legitim
C:\Windows\SysWOW64\userinit.exe => MD5 ist legitim
C:\Windows\System32\rpcss.dll => MD5 ist legitim
C:\Windows\System32\dnsapi.dll => MD5 ist legitim
C:\Windows\SysWOW64\dnsapi.dll => MD5 ist legitim
C:\Windows\System32\Drivers\volsnap.sys => MD5 ist legitim
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============
==================== Wiederherstellungspunkte =========================
==================== Speicherinformationen ===========================
Prozentuale Nutzung des RAM: 9%
Installierter physikalischer RAM: 8174.12 MB
Verfügbarer physikalischer RAM: 7361.43 MB
Summe virtueller Speicher: 8172.32 MB
Verfügbarer virtueller Speicher: 7372.21 MB
==================== Laufwerke ================================
Drive c: (Volume) (Fixed) (Total:48.83 GB) (Free:0.11 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:184.05 GB) (Free:82.61 GB) NTFS
Drive e: (GSP1RMCHPXFRER_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
Drive f: (USB_DISK) (Removable) (Total:7.38 GB) (Free:7.38 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9DFFEAD0)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 7.4 GB) (Disk ID: 49E2A461)
Partition 1: (Not Active) - (Size=7.4 GB) - (Type=0B)
LastRegBack: 2015-11-12 17:50
==================== Ende von FRST.txt ============================
Liebe Grüße Heinz |
|
27.11.2015, 00:15
| #4 |
| /// the machine /// TB-Ausbilder | PC reagiert kaum noch Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [fgdh4563] => C:\Users\buebi\AppData\Roaming\fhhkg-a.exe [311296 2015-11-24] ()
C:\Users\buebi\AppData\Roaming\fhhkg-a.exe
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ACHTUNG
HKU\buebi\...\Run: [fgdh4563] => C:\Users\buebi\AppData\Roaming\fhhkg-a.exe [311296 2015-11-24] ()
HKU\buebi\...\Run: [BrowserUpdate] => C:\Users\buebi\AppData\Roaming\BrowserMe\GoogleUpdate.exe [40126464 2015-11-24] ()
HKU\buebi\...\Run: [BrowserMe] => C:\Users\buebi\AppData\Roaming\BrowserMe\GoogleUpdate.exe [40126464 2015-11-24] ()
HKU\buebi\...\Policies\system: [DisableTaskMgr] 1
C:\Users\buebi\AppData\Roaming\BrowserMe
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-03-01] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.HTML [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.TXT [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.HTML [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.TXT [2015-11-25] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.HTML [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.TXT [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.HTML [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.TXT [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.HTML [2015-11-24] ()
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.TXT [2015-11-24] ()
Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.11.2015, 22:51
| #5 |
| | PC reagiert kaum noch Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-11-2015 durchgeführt von SYSTEM (2015-11-27 22:39:48) Run:1 Gestartet von f:\ Start-Modus: Recovery ============================================== fixlist Inhalt: ***************** HKLM-x32\...\Run: [fgdh4563] => C:\Users\buebi\AppData\Roaming\fhhkg-a.exe [311296 2015-11-24] () C:\Users\buebi\AppData\Roaming\fhhkg-a.exe HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig] <===== ACHTUNG HKU\buebi\...\Run: [fgdh4563] => C:\Users\buebi\AppData\Roaming\fhhkg-a.exe [311296 2015-11-24] () HKU\buebi\...\Run: [BrowserUpdate] => C:\Users\buebi\AppData\Roaming\BrowserMe\GoogleUpdate.exe [40126464 2015-11-24] () HKU\buebi\...\Run: [BrowserMe] => C:\Users\buebi\AppData\Roaming\BrowserMe\GoogleUpdate.exe [40126464 2015-11-24] () HKU\buebi\...\Policies\system: [DisableTaskMgr] 1 C:\Users\buebi\AppData\Roaming\BrowserMe Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-03-01] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.HTML [2015-11-25] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.TXT [2015-11-25] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.HTML [2015-11-25] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.TXT [2015-11-25] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.HTML [2015-11-24] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.TXT [2015-11-24] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.HTML [2015-11-24] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.TXT [2015-11-24] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.HTML [2015-11-24] () Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.TXT [2015-11-24] () ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\fgdh4563 => Wert erfolgreich entfernt C:\Users\buebi\AppData\Roaming\fhhkg-a.exe => erfolgreich verschoben HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Avira <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\COMODO <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\Microsoft Security Client <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ACHTUNG => erfolgreich wiederhergestellt "HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore" => Schlüssel erfolgreich entfernt HKU\buebi\Software\Microsoft\Windows\CurrentVersion\Run\\fgdh4563 => Wert erfolgreich entfernt HKU\buebi\Software\Microsoft\Windows\CurrentVersion\Run\\BrowserUpdate => Wert erfolgreich entfernt HKU\buebi\Software\Microsoft\Windows\CurrentVersion\Run\\BrowserMe => Wert erfolgreich entfernt HKU\buebi\Software\Microsoft\Windows\CurrentVersion\Policies\system\\DisableTaskMgr => Wert erfolgreich entfernt C:\Users\buebi\AppData\Roaming\BrowserMe => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.HTML => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_ieh.TXT => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.HTML => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_mxh.TXT => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.HTML => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_pap.TXT => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.HTML => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_txi.TXT => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.HTML => erfolgreich verschoben C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_how_recover_xwl.TXT => erfolgreich verschoben ==== Ende von Fixlog 22:39:50 ==== |
|
29.11.2015, 07:02
| #6 |
| /// the machine /// TB-Ausbilder | PC reagiert kaum noch Kannst Du den Rechner normal starten?
__________________ --> PC reagiert kaum noch |
|
29.11.2015, 09:58
| #7 |
| | PC reagiert kaum noch Mittlerweile ja, die nervigen Texteditoren die sich geöffnet haben sind verschwunden. Mein alter Malware schutz konnte nichts finden, MBAM hat gestern (hust^^) 210 Bedrohungen gefunden. Einzig die Dateien _how_Recover_ mit Verschiedensten Endungen (dvx,ieh,oad usw.) sind noch vorhanden. |
|
30.11.2015, 07:45
| #8 |
| /// the machine /// TB-Ausbilder | PC reagiert kaum noch Sind persönliche Dokumente von Dir verschlüsselt? Vom Desktop aus: Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.11.2015, 09:48
| #9 |
| | PC reagiert kaum nochCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von buebi (2015-11-30 09:38:53)
Gestartet von C:\Users\buebi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-03-09 20:40:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1771663753-3355759307-1885394415-500 - Administrator - Disabled)
buebi (S-1-5-21-1771663753-3355759307-1885394415-1000 - Administrator - Enabled) => C:\Users\buebi
Gast (S-1-5-21-1771663753-3355759307-1885394415-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
Bigfoot Networks Killer Network Manager (Version: 6.1.0.603 - Bigfoot Networks) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.)
Curse Client (HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version: - Copyright © 2013 eSupport.com, Inc • All Rights Reserved)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Glary Utilities 5.19 (HKLM-x32\...\Glary Utilities 5) (Version: 5.19.0.32 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Firefox 42.0 (x64 de) (HKLM\...\Mozilla Firefox 42.0 (x64 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Tukui Client (HKLM-x32\...\{C47A9389-88D4-43B0-BBF6-FB88664055FD}) (Version: 2.4.2 - Tukui)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
30-11-2015 08:50:44 Removed GeekBuddy.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C292418-8523-411C-BB9D-61CA92EEEF0A} - System32\Tasks\GlaryInitialize 5 => D:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-02-12] (Glarysoft Ltd)
Task: {0FD43E77-F761-4EF7-93A7-ADCB5FABAABA} - System32\Tasks\Driver Booster SkipUAC (buebi) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {20D07060-C2C4-4EA1-ABC5-02FA73C07A66} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {22D161FA-9097-453C-8C68-F928E70FC771} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {232E260F-DCBD-4548-A102-9BFBAC94AEE5} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {39173D6E-18E1-4355-9D01-EB466774E0A5} - System32\Tasks\{8D80FDD6-5209-4FB2-8BD1-D3B1E7FFD0D4} => pcalua.exe -a E:\setup\rsrc\Autorun.exe -d E:\
Task: {3945F233-95C1-49D8-B8E9-3320D49C9E62} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-04-01] (COMODO)
Task: {5B0257FA-502A-4789-851F-884D272E7756} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {637BB08B-84B5-4988-85AF-01ED090FE6D8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {74904296-01DC-4503-9E57-F46CF1E46F35} - System32\Tasks\{62043818-362E-4438-82CD-DB7E306399CF} => D:\Westwood\Renegade\Renegade.exe
Task: {76457E35-C1F7-4A48-90BA-2DC77B428078} - System32\Tasks\GU5SkipUAC => D:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-02-12] (Glarysoft Ltd)
Task: {8EDF891E-E52B-43F4-8535-099D2301D1A2} - System32\Tasks\{A492109E-110B-4220-B9D7-05ACA2BAA0C8} => D:\World of Warcraft\World of Warcraft Launcher.exe [2015-10-09] (Blizzard Entertainment)
Task: {9F55E214-DF93-49F4-9DE3-7B565775A020} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2015-11-06] (IObit)
Task: {A6859DA6-9786-4BBE-82B4-5E6732B42B2B} - System32\Tasks\{A02B08A9-ABEB-4CAE-A526-CD638BD063A5} => D:\World of Warcraft\World of Warcraft Launcher.exe [2015-10-09] (Blizzard Entertainment)
Task: {B480061E-62EB-4861-89FF-950955A509EC} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-10-27] (IObit)
Task: {C11C634C-D047-4BCE-87D2-4575725D9311} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-29] (Adobe Systems Incorporated)
Task: {C149FD29-0F2A-496A-AC0D-FE35F488D1B3} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {C2C02354-A69C-4ADE-BA4F-04746CC58894} - System32\Tasks\ASC8_SkipUac_buebi => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {C5FCA5AD-66AA-4B7A-A3E0-FF87378A0E5B} - System32\Tasks\{5697353D-EC7C-46EA-841C-CFCB920996B4} => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2015-11-20] (Blizzard Entertainment)
Task: {C9D7E72A-AABB-4543-AC1F-32822DA40196} - System32\Tasks\ASC9_SkipUac_buebi => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-23] (IObit)
Task: {D83FB367-D005-4C10-A419-ACEB7CBAB494} - System32\Tasks\{2655E930-9CFC-4B90-BE27-6C23D5243FEE} => D:\Westwood\Renegade\Renegade.exe
Task: {DDF3F1E4-EE42-451A-8608-5FCA9AFE3AFB} - System32\Tasks\{2473E712-50C2-4048-B240-B30C820E7F62} => E:\autorun.exe
Task: {E14081F1-9F5F-4B1C-9CDA-84CA0A49B3A8} - System32\Tasks\{95B490BB-1A31-4564-982B-8402A49CB1E3} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F11355FB-CB54-4EC1-BC18-7F3830904286} - System32\Tasks\{CD827ED8-44D2-49BD-9906-C99AA9595535} => pcalua.exe -a C:\Users\buebi\Downloads\setup.exe -d C:\Users\buebi\Downloads
Task: {F4AAE9D6-55DF-4957-8479-9A888F06354C} - System32\Tasks\{17747926-FA99-42AF-BBD2-A395FB91254F} => E:\setup.exe [2011-04-12] (Microsoft Corporation)
Task: {FB831D57-593D-4A67-87FD-692AC661E1ED} - System32\Tasks\{44D5E6E2-3DED-4CFD-826C-E6D817A45DD4} => D:\Westwood\Renegade\Renegade.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => D:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-11-03 23:32 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00494080 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00217600 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00564224 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
2013-10-09 14:39 - 2013-10-09 14:39 - 00404992 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modApplications.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00036864 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFeatures.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00025088 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFraps.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00241152 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modGraph.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00062464 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modlcd.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00289280 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNetwork.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00184832 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNpu.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00210944 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOptions.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00055808 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOverview.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00329216 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll
2015-06-17 01:20 - 2015-06-17 01:20 - 00016384 ____N () C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2015-06-17 01:20 - 2015-06-17 01:20 - 00035840 ____N () C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2015-06-17 01:20 - 2015-06-17 01:20 - 00099840 ____N () C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2015-11-28 15:51 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2015-11-28 15:51 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2015-11-28 15:51 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2015-11-03 10:49 - 2015-10-27 14:05 - 00618784 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\ProductStatistics.dll
2015-04-20 10:50 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll
2015-11-28 15:51 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2015-11-28 15:51 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2013-03-10 18:24 - 2009-04-29 14:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2013-03-10 18:24 - 2009-04-29 14:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2013-03-10 18:24 - 2009-04-29 14:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6435286.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6435900.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6435286.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6435900.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\LGBusEnum.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\LGJoyXlCore.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\LGVirHid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57
AlternateDataStreams: C:\Users\buebi\Downloads\FRST64.exe:$CmdZnID
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: APNMCP => 2
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{80C7286C-79A9-44F7-A472-03C12EAA165B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78FD29BB-4C2A-415D-A63D-F3DB0E2C76D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5011A43D-AEE0-4B82-9388-D0D308D0E2C1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FA0706CF-6AA9-48AC-82BD-F102CD6CCE23}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BF2088DC-EDAD-4F42-A482-4D2F683A326F}] => (Allow) D:\Program Files (x86)\gPotato.eu\Allods Online\bin\Launcher.exe
FirewallRules: [TCP Query User{68CAE716-E9B9-40CA-8369-42A41FFD80DB}D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{8DC26E9F-82F5-4329-936B-192DFD033D07}D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [{2CE11767-8071-438A-9D86-EDDFD12F056E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7149F3DF-1B40-449F-AE93-FCDC4B67384D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{65E4EA3C-7D22-4FB1-885B-8766CE1A57D0}] => (Allow) D:\Program Files (x86)\wow ptr\Hearthstone\Hearthstone.exe
FirewallRules: [{84986174-6986-4A61-B5AA-3D5062258EFD}] => (Allow) D:\Program Files (x86)\wow ptr\Hearthstone\Hearthstone.exe
FirewallRules: [{0F4B8410-7D62-44A6-9C7D-4EEED311FC0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{04575A68-46DD-4519-B71E-B2B65342C7A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{8C028205-0154-4280-9195-6DA5F4EF9AED}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II.exe
FirewallRules: [{9619AAED-F5D1-477A-8442-F4419D90065F}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II.exe
FirewallRules: [{6725506A-5193-4837-8739-3388937BA48D}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{019A9367-A3C9-41ED-906C-D7C56762DE91}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{33D69813-F831-4E83-9365-38B02F7CDDCF}D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{43F824FA-4DB9-45D7-974D-C0453E2D3FA0}D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{9DF52A1F-2211-4D4F-B7C4-21351BA52BAE}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{1805991B-A48F-4BFF-9EF6-77BD5F5038B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CBA80638-16F3-4C41-9AD9-9DEE6B463C19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{C3BB1075-DE00-4B07-991C-F16C3752ED91}D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C8ABBF18-2945-42EA-9CB2-0DC7F36DF952}D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{42307AC7-5BDF-465F-A8CD-E134E0AD33E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7978362B-B9EC-4459-8E9C-FA05F27AC283}D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4374D22D-F8C9-4995-91D4-129A991B5958}D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{63A46F7F-D3C3-421B-B13F-DAA7552A3034}D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{EA682D7F-9837-4B01-BC38-750B87981945}D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{905840DC-6F8F-4225-85C7-463968F42234}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE6C7CA5-7A4D-444E-92C3-C656E2229242}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{80B24C07-E954-4726-826C-5703755CF7FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{8EB2B8FC-51DB-4801-9D7A-3A6BBC0D4974}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{FB13E498-C34D-4E3A-89D2-F0266062904C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{7A2F868D-D1A9-4C5B-9D8E-940CE83F97C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{678A6116-B6E6-45F1-98AD-45DF8C5DC093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{1B9AB833-4C1A-4D93-BED0-5B35918D76C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{7FB55508-2561-4763-A8D5-EFDC0AD271A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C767F1AC-6B4D-4FA2-9714-CA38AE3D2E26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{89B1EBAA-221B-454C-9652-9CC78EF01585}D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe] => (Block) D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe
FirewallRules: [UDP Query User{6AB3A3C6-8FBB-490E-B96D-CF039681F795}D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe] => (Block) D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe
FirewallRules: [{99A7EC9C-70A2-4FC2-986A-89A085AC1C14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7D8F1A4F-76D4-443F-9F07-80F0A76F3CC6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{C64AC53F-CB53-4469-9DCC-50779DBFD7B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2096\Agent.exe
FirewallRules: [{89ACC8C7-F680-444C-96F5-4BF0DDCCE551}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2096\Agent.exe
FirewallRules: [{633362BD-6EC5-45AC-A53A-AE349979B6A2}] => (Allow) C:\gPotato.eu\Allods Online\bin\launcher.exe
FirewallRules: [TCP Query User{9A46C14E-0D34-4507-B21F-5ED5B5EC7604}C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{BE457151-DCD0-45D0-A8CF-D35DC6B263DE}C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [{F331D6F7-94FF-4D77-AB32-0BCD9B75EE2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2110\Agent.exe
FirewallRules: [{0CBA2F35-252B-439C-ADE5-5B4F6C91699A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2110\Agent.exe
FirewallRules: [{B70E630E-9E66-4249-B3BD-22449A07407A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2163\Agent.exe
FirewallRules: [{2EFE3D89-92D8-4F82-BAC4-56F2653CA3B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2163\Agent.exe
FirewallRules: [TCP Query User{4419986F-7557-4055-9EF1-D50FA1320636}C:\programdata\battle.net\agent\agent.beta.2293\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2293\agent.exe
FirewallRules: [UDP Query User{B1365917-43C0-462C-9F51-D59DB7F0A449}C:\programdata\battle.net\agent\agent.beta.2293\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2293\agent.exe
FirewallRules: [{FA735E99-9EE5-4EFC-9610-3B9F2EC3BC7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{488BB0D8-B61E-45A4-99CA-2CE133EE5D26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{3FACCC13-C1CC-489B-A360-6406D63B2E33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2359\Agent.exe
FirewallRules: [{4A036664-0DBF-4C1D-AAE5-EFED0AD4711D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2359\Agent.exe
FirewallRules: [{447AAEA7-C5A5-4478-AB48-C99FD4BCBC18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{CFBC9A86-F4C1-4B85-B974-416F8DF2F1B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{73546093-37DA-4585-B2D5-11BB61BEA6A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{2E20DEE0-444B-4E3D-AC53-7388B633301A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{FAF691A7-5B2E-4F6A-9B7E-6C736410A7EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{AD36A43D-F96B-46A0-88A5-3B8BAB8F59C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{9C2E42AD-19CF-40F3-A402-BB4F83416C00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{4E05B9C0-8D4D-4998-9321-230502D10AA7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{CB5B6FC9-2F6F-44D7-A4F1-7C44305EDD74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{25D9F05A-9BD8-4A12-B904-C2C70813EFD3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{3009DBEF-2942-4E05-827C-D894E610154F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{1F0B7BA8-0381-4B08-B6E8-4928602E9543}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{0E391620-151E-4547-86D1-954608E73136}D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CCF2F049-B7DC-48CF-B77E-6140AEF39A32}D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B2D29578-C2EC-4BD7-96A1-0774A8696FE2}D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6CD5FFFD-3D1A-418C-9DB7-E9BCE9B87838}D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [{461E8D54-A5BE-43BE-80C5-927AD585B2D8}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0EF2A3AA-7116-4BF6-A562-EEF582BE5DC6}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/30/2015 09:28:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2015 07:40:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 08:10:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis
Systemfehler:
=============
Error: (11/30/2015 09:26:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/30/2015 07:38:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/29/2015 08:09:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/29/2015 07:52:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/29/2015 06:16:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Bigfoot Networks Killer Service erreicht.
Error: (11/29/2015 06:15:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Bigfoot Networks Killer Service erreicht.
Error: (11/29/2015 04:12:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/29/2015 04:11:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/29/2015 02:59:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/29/2015 02:44:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
CodeIntegrity:
===================================
Date: 2015-02-07 08:40:26.887
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.791
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.693
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.597
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.499
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.404
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.306
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.209
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.016
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-4100 Quad-Core Processor
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8174.12 MB
Verfügbarer physikalischer RAM: 5820.44 MB
Summe virtueller Speicher: 16346.44 MB
Verfügbarer virtueller Speicher: 13481.29 MB
==================== Laufwerke ================================
Drive c: (Volume) (Fixed) (Total:48.83 GB) (Free:1.97 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:184.05 GB) (Free:104.95 GB) NTFS
Drive e: (GSP1RMCHPXFRER_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9DFFEAD0)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:29-11-2015
durchgeführt von buebi (2015-11-30 09:38:53)
Gestartet von C:\Users\buebi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2013-03-09 20:40:09)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1771663753-3355759307-1885394415-500 - Administrator - Disabled)
buebi (S-1-5-21-1771663753-3355759307-1885394415-1000 - Administrator - Enabled) => C:\Users\buebi
Gast (S-1-5-21-1771663753-3355759307-1885394415-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Advanced SystemCare 9 (HKLM-x32\...\Advanced SystemCare_is1) (Version: 9.0.3 - IObit)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bigfoot Networks Killer Network Manager (HKLM-x32\...\InstallShield_{DF446558-ADF7-4884-9B2D-281979CCE71F}) (Version: 6.1.0.603 - Bigfoot Networks)
Bigfoot Networks Killer Network Manager (Version: 6.1.0.603 - Bigfoot Networks) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.12 - Piriform)
COMODO Firewall (HKLM\...\{73830292-868E-4C82-9AF5-CCFE2047B6A3}) (Version: 8.2.0.4508 - COMODO Security Solutions Inc.)
Curse Client (HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DriverAgent by eSupport.com (HKLM-x32\...\DriverAgent_is1) (Version: - Copyright © 2013 eSupport.com, Inc • All Rights Reserved)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Glary Utilities 5.19 (HKLM-x32\...\Glary Utilities 5) (Version: 5.19.0.32 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Joulemeter (HKLM-x32\...\{E043568C-1745-4C69-9D52-43F6E79EB03B}) (Version: 1.2.0 - Microsoft Research)
Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Firefox 42.0 (x64 de) (HKLM\...\Mozilla Firefox 42.0 (x64 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Smart Defrag 4 (HKLM-x32\...\Smart Defrag 4_is1) (Version: 4.3 - IObit)
SSDlife Pro (HKLM-x32\...\{6F104B6D-535A-4D27-9A11-8525368AEB1F}) (Version: 2.5.82 - BinarySense Inc.)
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.3 - IObit)
Tukui Client (HKLM-x32\...\{C47A9389-88D4-43B0-BBF6-FB88664055FD}) (Version: 2.4.2 - Tukui)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
30-11-2015 08:50:44 Removed GeekBuddy.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C292418-8523-411C-BB9D-61CA92EEEF0A} - System32\Tasks\GlaryInitialize 5 => D:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-02-12] (Glarysoft Ltd)
Task: {0FD43E77-F761-4EF7-93A7-ADCB5FABAABA} - System32\Tasks\Driver Booster SkipUAC (buebi) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {20D07060-C2C4-4EA1-ABC5-02FA73C07A66} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2015-11-16] (Piriform Ltd)
Task: {22D161FA-9097-453C-8C68-F928E70FC771} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {232E260F-DCBD-4548-A102-9BFBAC94AEE5} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {39173D6E-18E1-4355-9D01-EB466774E0A5} - System32\Tasks\{8D80FDD6-5209-4FB2-8BD1-D3B1E7FFD0D4} => pcalua.exe -a E:\setup\rsrc\Autorun.exe -d E:\
Task: {3945F233-95C1-49D8-B8E9-3320D49C9E62} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [2015-04-01] (COMODO)
Task: {5B0257FA-502A-4789-851F-884D272E7756} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {637BB08B-84B5-4988-85AF-01ED090FE6D8} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2015-04-01] (COMODO)
Task: {74904296-01DC-4503-9E57-F46CF1E46F35} - System32\Tasks\{62043818-362E-4438-82CD-DB7E306399CF} => D:\Westwood\Renegade\Renegade.exe
Task: {76457E35-C1F7-4A48-90BA-2DC77B428078} - System32\Tasks\GU5SkipUAC => D:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-02-12] (Glarysoft Ltd)
Task: {8EDF891E-E52B-43F4-8535-099D2301D1A2} - System32\Tasks\{A492109E-110B-4220-B9D7-05ACA2BAA0C8} => D:\World of Warcraft\World of Warcraft Launcher.exe [2015-10-09] (Blizzard Entertainment)
Task: {9F55E214-DF93-49F4-9DE3-7B565775A020} - System32\Tasks\ASC9_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe [2015-11-06] (IObit)
Task: {A6859DA6-9786-4BBE-82B4-5E6732B42B2B} - System32\Tasks\{A02B08A9-ABEB-4CAE-A526-CD638BD063A5} => D:\World of Warcraft\World of Warcraft Launcher.exe [2015-10-09] (Blizzard Entertainment)
Task: {B480061E-62EB-4861-89FF-950955A509EC} - System32\Tasks\SmartDefrag4_Startup => C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe [2015-10-27] (IObit)
Task: {C11C634C-D047-4BCE-87D2-4575725D9311} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-29] (Adobe Systems Incorporated)
Task: {C149FD29-0F2A-496A-AC0D-FE35F488D1B3} - System32\Tasks\SmartDefrag4_Update => C:\Program Files (x86)\IObit\Smart Defrag 4\AutoUpdate.exe [2015-08-21] (IObit)
Task: {C2C02354-A69C-4ADE-BA4F-04746CC58894} - System32\Tasks\ASC8_SkipUac_buebi => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {C5FCA5AD-66AA-4B7A-A3E0-FF87378A0E5B} - System32\Tasks\{5697353D-EC7C-46EA-841C-CFCB920996B4} => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2015-11-20] (Blizzard Entertainment)
Task: {C9D7E72A-AABB-4543-AC1F-32822DA40196} - System32\Tasks\ASC9_SkipUac_buebi => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe [2015-11-23] (IObit)
Task: {D83FB367-D005-4C10-A419-ACEB7CBAB494} - System32\Tasks\{2655E930-9CFC-4B90-BE27-6C23D5243FEE} => D:\Westwood\Renegade\Renegade.exe
Task: {DDF3F1E4-EE42-451A-8608-5FCA9AFE3AFB} - System32\Tasks\{2473E712-50C2-4048-B240-B30C820E7F62} => E:\autorun.exe
Task: {E14081F1-9F5F-4B1C-9CDA-84CA0A49B3A8} - System32\Tasks\{95B490BB-1A31-4564-982B-8402A49CB1E3} => pcalua.exe -a E:\setup.exe -d E:\
Task: {F11355FB-CB54-4EC1-BC18-7F3830904286} - System32\Tasks\{CD827ED8-44D2-49BD-9906-C99AA9595535} => pcalua.exe -a C:\Users\buebi\Downloads\setup.exe -d C:\Users\buebi\Downloads
Task: {F4AAE9D6-55DF-4957-8479-9A888F06354C} - System32\Tasks\{17747926-FA99-42AF-BBD2-A395FB91254F} => E:\setup.exe [2011-04-12] (Microsoft Corporation)
Task: {FB831D57-593D-4A67-87FD-692AC661E1ED} - System32\Tasks\{44D5E6E2-3DED-4CFD-826C-E6D817A45DD4} => D:\Westwood\Renegade\Renegade.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => D:\Program Files (x86)\Glary Utilities 5\Initialize.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-11-03 23:32 - 2015-11-14 07:06 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00494080 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
2011-05-09 19:46 - 2011-05-09 19:46 - 02760192 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtCore4.dll
2011-05-09 19:56 - 2011-05-09 19:56 - 09856000 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtGui4.dll
2011-05-09 19:47 - 2011-05-09 19:47 - 00416256 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtXml4.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00217600 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\BFCommon.dll
2011-05-10 11:32 - 2011-05-10 11:32 - 00731648 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\qwt5.dll
2011-05-09 19:48 - 2011-05-09 19:48 - 00990720 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\QtNetwork4.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00564224 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
2013-10-09 14:39 - 2013-10-09 14:39 - 00404992 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modApplications.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00036864 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFeatures.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00025088 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modFraps.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00241152 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modGraph.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00062464 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modlcd.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00289280 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNetwork.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00184832 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modNpu.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00210944 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOptions.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00055808 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modOverview.dll
2013-10-09 14:39 - 2013-10-09 14:39 - 00329216 _____ () D:\Program Files\Bigfoot Networks\Killer Network Manager\plugins\modSystemInfo.dll
2015-06-17 01:20 - 2015-06-17 01:20 - 00016384 ____N () C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.WowDb.dll
2015-06-17 01:20 - 2015-06-17 01:20 - 00035840 ____N () C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.Advertising.dll
2015-06-17 01:20 - 2015-06-17 01:20 - 00099840 ____N () C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\Curse.CurseClient.CMOD2.dll
2015-11-28 15:51 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madExcept_.bpl
2015-11-28 15:51 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madBasic_.bpl
2015-11-28 15:51 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\madDisAsm_.bpl
2015-11-03 10:49 - 2015-10-27 14:05 - 00618784 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\ProductStatistics.dll
2015-04-20 10:50 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Smart Defrag 4\webres.dll
2015-11-28 15:51 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\webres.dll
2015-11-28 15:51 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare\ProductStatistics.dll
2013-03-10 18:24 - 2009-04-29 14:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2013-03-10 18:24 - 2009-04-29 14:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2013-03-10 18:24 - 2009-04-29 14:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\system32\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_39.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvapi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvd3dumx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6435286.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispco6435900.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6435286.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvdispgenco6435900.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvFBC64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvhdagenco6420103.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvhdap64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\NvIFR64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvinitx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglshim64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvoglv64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvumdshimx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvvsvc.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\nvwgf2umx.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DCompiler_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dcsx_43.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx10_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx11_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_24.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_25.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_26.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_27.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_28.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_29.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_30.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_31.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_33.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_34.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_35.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\d3dx9_36.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_37.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_38.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_40.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_41.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\D3DX9_42.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvapi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcompiler.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuda.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvcuvid.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvd3dum.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvFBC.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\NvIFR.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvinit.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglshim32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvoglv32.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvopencl.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvumdshim.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\nvwgf2um.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\OpenCL.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\x3daudio1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\X3DAudio1_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_10.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_8.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine2_9.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xactengine3_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAPOFX1_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_0.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_4.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_5.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_6.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\XAudio2_7.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_1.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_2.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\xinput1_3.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\LGBusEnum.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\LGJoyXlCore.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\LGVirHid.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvhda64v.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\nvlddmkm.sys:$CmdTcID
AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57
AlternateDataStreams: C:\Users\buebi\Downloads\FRST64.exe:$CmdZnID
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\100sexlinks.com -> 100sexlinks.com
Da befinden sich 4788 mehr Seiten.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: APNMCP => 2
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{80C7286C-79A9-44F7-A472-03C12EAA165B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{78FD29BB-4C2A-415D-A63D-F3DB0E2C76D0}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5011A43D-AEE0-4B82-9388-D0D308D0E2C1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FA0706CF-6AA9-48AC-82BD-F102CD6CCE23}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BF2088DC-EDAD-4F42-A482-4D2F683A326F}] => (Allow) D:\Program Files (x86)\gPotato.eu\Allods Online\bin\Launcher.exe
FirewallRules: [TCP Query User{68CAE716-E9B9-40CA-8369-42A41FFD80DB}D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{8DC26E9F-82F5-4329-936B-192DFD033D07}D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) D:\program files (x86)\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [{2CE11767-8071-438A-9D86-EDDFD12F056E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{7149F3DF-1B40-449F-AE93-FCDC4B67384D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{65E4EA3C-7D22-4FB1-885B-8766CE1A57D0}] => (Allow) D:\Program Files (x86)\wow ptr\Hearthstone\Hearthstone.exe
FirewallRules: [{84986174-6986-4A61-B5AA-3D5062258EFD}] => (Allow) D:\Program Files (x86)\wow ptr\Hearthstone\Hearthstone.exe
FirewallRules: [{0F4B8410-7D62-44A6-9C7D-4EEED311FC0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{04575A68-46DD-4519-B71E-B2B65342C7A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{8C028205-0154-4280-9195-6DA5F4EF9AED}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II.exe
FirewallRules: [{9619AAED-F5D1-477A-8442-F4419D90065F}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II.exe
FirewallRules: [{6725506A-5193-4837-8739-3388937BA48D}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{019A9367-A3C9-41ED-906C-D7C56762DE91}] => (Allow) D:\Program Files (x86)\wow ptr\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{33D69813-F831-4E83-9365-38B02F7CDDCF}D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{43F824FA-4DB9-45D7-974D-C0453E2D3FA0}D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{9DF52A1F-2211-4D4F-B7C4-21351BA52BAE}] => (Allow) D:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{1805991B-A48F-4BFF-9EF6-77BD5F5038B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CBA80638-16F3-4C41-9AD9-9DEE6B463C19}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{C3BB1075-DE00-4B07-991C-F16C3752ED91}D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C8ABBF18-2945-42EA-9CB2-0DC7F36DF952}D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{42307AC7-5BDF-465F-A8CD-E134E0AD33E2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7978362B-B9EC-4459-8E9C-FA05F27AC283}D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4374D22D-F8C9-4995-91D4-129A991B5958}D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Block) D:\program files (x86)\wow ptr\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{63A46F7F-D3C3-421B-B13F-DAA7552A3034}D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{EA682D7F-9837-4B01-BC38-750B87981945}D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\program files (x86)\wow ptr\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{905840DC-6F8F-4225-85C7-463968F42234}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE6C7CA5-7A4D-444E-92C3-C656E2229242}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{80B24C07-E954-4726-826C-5703755CF7FF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{8EB2B8FC-51DB-4801-9D7A-3A6BBC0D4974}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{FB13E498-C34D-4E3A-89D2-F0266062904C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{7A2F868D-D1A9-4C5B-9D8E-940CE83F97C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{678A6116-B6E6-45F1-98AD-45DF8C5DC093}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{1B9AB833-4C1A-4D93-BED0-5B35918D76C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{7FB55508-2561-4763-A8D5-EFDC0AD271A1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{C767F1AC-6B4D-4FA2-9714-CA38AE3D2E26}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{89B1EBAA-221B-454C-9652-9CC78EF01585}D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe] => (Block) D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe
FirewallRules: [UDP Query User{6AB3A3C6-8FBB-490E-B96D-CF039681F795}D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe] => (Block) D:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe
FirewallRules: [{99A7EC9C-70A2-4FC2-986A-89A085AC1C14}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{7D8F1A4F-76D4-443F-9F07-80F0A76F3CC6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{C64AC53F-CB53-4469-9DCC-50779DBFD7B3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2096\Agent.exe
FirewallRules: [{89ACC8C7-F680-444C-96F5-4BF0DDCCE551}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2096\Agent.exe
FirewallRules: [{633362BD-6EC5-45AC-A53A-AE349979B6A2}] => (Allow) C:\gPotato.eu\Allods Online\bin\launcher.exe
FirewallRules: [TCP Query User{9A46C14E-0D34-4507-B21F-5ED5B5EC7604}C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [UDP Query User{BE457151-DCD0-45D0-A8CF-D35DC6B263DE}C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe] => (Allow) C:\gpotato.eu\allods online\bin\gamecenterlight\gamecenter@mail.ru.exe
FirewallRules: [{F331D6F7-94FF-4D77-AB32-0BCD9B75EE2E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2110\Agent.exe
FirewallRules: [{0CBA2F35-252B-439C-ADE5-5B4F6C91699A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2110\Agent.exe
FirewallRules: [{B70E630E-9E66-4249-B3BD-22449A07407A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2163\Agent.exe
FirewallRules: [{2EFE3D89-92D8-4F82-BAC4-56F2653CA3B5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2163\Agent.exe
FirewallRules: [TCP Query User{4419986F-7557-4055-9EF1-D50FA1320636}C:\programdata\battle.net\agent\agent.beta.2293\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2293\agent.exe
FirewallRules: [UDP Query User{B1365917-43C0-462C-9F51-D59DB7F0A449}C:\programdata\battle.net\agent\agent.beta.2293\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2293\agent.exe
FirewallRules: [{FA735E99-9EE5-4EFC-9610-3B9F2EC3BC7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{488BB0D8-B61E-45A4-99CA-2CE133EE5D26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{3FACCC13-C1CC-489B-A360-6406D63B2E33}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2359\Agent.exe
FirewallRules: [{4A036664-0DBF-4C1D-AAE5-EFED0AD4711D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2359\Agent.exe
FirewallRules: [{447AAEA7-C5A5-4478-AB48-C99FD4BCBC18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{CFBC9A86-F4C1-4B85-B974-416F8DF2F1B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{73546093-37DA-4585-B2D5-11BB61BEA6A7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{2E20DEE0-444B-4E3D-AC53-7388B633301A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{FAF691A7-5B2E-4F6A-9B7E-6C736410A7EC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{AD36A43D-F96B-46A0-88A5-3B8BAB8F59C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2417\Agent.exe
FirewallRules: [{9C2E42AD-19CF-40F3-A402-BB4F83416C00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{4E05B9C0-8D4D-4998-9321-230502D10AA7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2426\Agent.exe
FirewallRules: [{CB5B6FC9-2F6F-44D7-A4F1-7C44305EDD74}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{25D9F05A-9BD8-4A12-B904-C2C70813EFD3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2514\Agent.exe
FirewallRules: [{3009DBEF-2942-4E05-827C-D894E610154F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{1F0B7BA8-0381-4B08-B6E8-4928602E9543}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{0E391620-151E-4547-86D1-954608E73136}D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{CCF2F049-B7DC-48CF-B77E-6140AEF39A32}D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B2D29578-C2EC-4BD7-96A1-0774A8696FE2}D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{6CD5FFFD-3D1A-418C-9DB7-E9BCE9B87838}D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) D:\program files (x86)\wow ptr\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe
FirewallRules: [{461E8D54-A5BE-43BE-80C5-927AD585B2D8}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0EF2A3AA-7116-4BF6-A562-EEF582BE5DC6}] => (Allow) D:\Program Files\Mozilla Firefox\firefox.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/30/2015 09:28:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2015 07:40:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 08:10:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisFileRatingChangeCisFileRatingChange//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisStatusChangeCisStatusChange//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisNotificationCisNotification//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM FwAlertFwAlert//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM DfAlertDfAlert//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM AvAlertAvAlert//./root/cis
Error: (11/29/2015 04:10:59 PM) (Source: WinMgmt) (EventID: 24) (User: )
Description: CisWmiSELECT * FROM CisAlertCisAlert//./root/cis
Systemfehler:
=============
Error: (11/30/2015 09:26:45 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/30/2015 07:38:39 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/29/2015 08:09:18 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/29/2015 07:52:35 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/29/2015 06:16:07 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Bigfoot Networks Killer Service erreicht.
Error: (11/29/2015 06:15:37 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Bigfoot Networks Killer Service erreicht.
Error: (11/29/2015 04:12:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/29/2015 04:11:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
Error: (11/29/2015 02:59:02 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (11/29/2015 02:44:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
VBoxNetAdp
CodeIntegrity:
===================================
Date: 2015-02-07 08:40:26.887
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.791
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.693
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.597
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.499
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.404
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.306
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.209
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.112
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-02-07 08:40:26.016
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\SysWOW64\drivers\DrvAgent64.SYS" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: AMD FX(tm)-4100 Quad-Core Processor
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8174.12 MB
Verfügbarer physikalischer RAM: 5820.44 MB
Summe virtueller Speicher: 16346.44 MB
Verfügbarer virtueller Speicher: 13481.29 MB
==================== Laufwerke ================================
Drive c: (Volume) (Fixed) (Total:48.83 GB) (Free:1.97 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Volume) (Fixed) (Total:184.05 GB) (Free:104.95 GB) NTFS
Drive e: (GSP1RMCHPXFRER_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 9DFFEAD0)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=184.1 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
30.11.2015, 09:59
| #10 |
| | PC reagiert kaum nochCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:29-11-2015
durchgeführt von buebi (Administrator) auf BUEBI-PC (30-11-2015 09:43:14)
Gestartet von C:\Users\buebi\Downloads
Geladene Profile: buebi (Verfügbare Profile: buebi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
() D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 4\SmartDefrag.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe
() D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Curse) C:\Users\buebi\AppData\Local\Apps\2.0\PRJMT154.CA8\DTBNOEBC.H54\curs..tion_9e9e83ddf3ed3ead_0005.0001_fb8944c2684f5b6c\CurseClient.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) D:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-29] (Logitech Inc.)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1426136 2015-04-01] (COMODO)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-11-29] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1067736 2015-10-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [Advanced SystemCare 9] => C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe [2010912 2015-11-17] (IObit)
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\...\Run: [GUDelayStartup] => D:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-02-12] (Glarysoft Ltd)
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bigfoot Networks Killer Network Manager.lnk [2015-09-03]
ShortcutTarget: Bigfoot Networks Killer Network Manager.lnk -> D:\Program Files\Bigfoot Networks\Killer Network Manager\KillerNetManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2014-08-11]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (Keine Datei)
Startup: C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2015-11-29] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9 15 C:\Windows\SysWOW64\BfLLR.dll [174592 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 01 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 02 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 03 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 04 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Winsock: Catalog9-x64 15 C:\Windows\system32\BfLLR.dll [189952 2013-10-09] (Bigfoot Networks, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{4A67349A-00D0-4C9E-B689-69B4EF2FAF4F}: [DhcpNameServer] 192.168.178.1
Code:
ATTFilter Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://safesearch.avira.com/#web/result?source=art&q=
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1771663753-3355759307-1885394415-1000 -> {085A28F2-59A0-49F0-8AAC-B6C52B414F0C} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-29] (Oracle Corporation)
BHO: Kein Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-03] (Oracle Corporation)
BHO-x32: Kein Name -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> Keine Datei
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-07-09] (IObit)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-03] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-29] ()
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-29] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\avira-safesearch.xml [2015-11-30]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\yahoo-ysp.xml [2015-11-03]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_ieh.HTML [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_ieh.TXT [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_mxh.HTML [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_mxh.TXT [2015-11-25]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_pap.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_pap.TXT [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_txi.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_txi.TXT [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_xwl.HTML [2015-11-24]
FF SearchPlugin: C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\searchplugins\_how_recover_xwl.TXT [2015-11-24]
FF Extension: Avira Browser Safety - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\abs@avira.com [2015-11-25] [ist nicht signiert]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\ascsurfingprotection@iobit.com [2015-11-28] [ist nicht signiert]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\iobitascsurfingprotection@iobit.com [2015-11-25] [ist nicht signiert]
FF Extension: Avira SafeSearch - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\safesearch@avira.com.xpi [2015-11-07] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\buebi\AppData\Roaming\Mozilla\Firefox\Profiles\w33kqme1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-28]
StartMenuInternet: FIREFOX.EXE - D:\Program Files\Mozilla Firefox\firefox.exe
Chrome:
=======
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\PepperFlash\pepflashplayer.dll => Keine Datei
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\ppGoogleNaClPluginChrome.dll => Keine Datei
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll => Keine Datei
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll => Keine Datei
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll => Keine Datei
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll => Keine Datei
CHR Profile: C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaacalgebmfelllfiaoknifldpngjh [2015-11-25]
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-25]
CHR Extension: (Google Drive) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-25]
CHR Extension: (YouTube) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-25]
CHR Extension: (Google-Suche) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-25]
CHR Extension: (Avira SearchFree Toolbar plus Web Protection) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglgfnfolcgijipffhlhbbnefdcbjbml [2015-11-25]
CHR Extension: (Google Wallet) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-25]
CHR Extension: (Google Mail) - C:\Users\buebi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-25]
CHR HKU\S-1-5-21-1771663753-3355759307-1885394415-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdvancedSystemCareService9; C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe [827680 2015-11-04] (IObit)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-12] (Avira Operations GmbH & Co. KG)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 Bigfoot Networks Killer Service; D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe [494080 2013-10-09] () [Datei ist nicht signiert]
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [5540424 2015-04-01] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2265816 2015-04-01] (COMODO)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-11-10] (IObit)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-29] (Logitech Inc.)
S2 MBAMService; D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2015-02-13] (Advanced Micro Devices Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-26] (Avira Operations GmbH & Co. KG)
R3 BfEdge7x64; C:\Windows\System32\DRIVERS\Edge7x64.sys [31336 2013-10-09] (Bigfoot Networks, Inc.)
R3 BFN7x64; C:\Windows\System32\DRIVERS\Xeno7x64.sys [157288 2013-10-09] (Bigfoot Networks, Inc.)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [20696 2015-04-01] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [797280 2015-04-01] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [45880 2015-04-01] (COMODO)
S3 DrvAgent64; C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [13824 2015-02-07] (Phoenix Technologies) [Datei ist nicht signiert]
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-02-23] (Glarysoft Ltd)
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [104608 2015-04-01] (COMODO)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-11-29] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-17] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2014-06-04] (IObit)
S1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-09-08] (Oracle Corporation)
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 09:38 - 2015-11-30 09:43 - 00022461 _____ C:\Users\buebi\Downloads\FRST.txt
2015-11-30 09:38 - 2015-11-30 09:40 - 00059889 _____ C:\Users\buebi\Downloads\Addition.txt
2015-11-30 09:37 - 2015-11-30 09:37 - 02350080 _____ (Farbar) C:\Users\buebi\Downloads\FRST64.exe
2015-11-29 20:07 - 2015-11-29 20:07 - 00002968 _____ C:\Windows\System32\Tasks\{A02B08A9-ABEB-4CAE-A526-CD638BD063A5}
2015-11-29 20:06 - 2015-11-29 20:06 - 00002968 _____ C:\Windows\System32\Tasks\{A492109E-110B-4220-B9D7-05ACA2BAA0C8}
2015-11-29 20:05 - 2015-11-29 20:05 - 00000000 ____D C:\Users\buebi\AppData\Local\ElevatedDiagnostics
2015-11-29 20:04 - 2015-11-29 20:04 - 00002980 _____ C:\Windows\System32\Tasks\{5697353D-EC7C-46EA-841C-CFCB920996B4}
2015-11-29 19:25 - 2015-11-29 19:25 - 05631312 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04992520 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04379984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02605920 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02106216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 02036576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01942552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 01846632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_39.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00530776 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00528216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00527192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00521560 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00519000 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00518488 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00518480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00517960 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00517448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00515416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00514384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00513544 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_41.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00452440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_40.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00239960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176984 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00176968 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00175440 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00174936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00078680 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00077656 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074576 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00074072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00073544 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00072200 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00070992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00069464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00025936 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00024920 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00023376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-11-29 19:25 - 2015-11-29 19:25 - 00022360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 05081608 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04991496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04910088 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04496232 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04494184 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 04398360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_32.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03977496 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03927248 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03850760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03786760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03734536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03497832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03495784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 03426072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_32.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02414360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_31.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02388176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_30.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 02006552 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01941528 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01860120 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01491992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01420824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01401200 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01400176 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01374232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01124720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 01123696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00540688 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00529424 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00511496 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00507400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00506728 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00489480 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00479752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00469264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_38.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00462864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_37.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_36.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_34.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00443752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_33.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00440080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00411656 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00411496 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00409960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00403304 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00393576 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00390424 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00364824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00363288 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00355536 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00354072 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00352464 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00267272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_10.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00267112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_9.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00266088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_8.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00261480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_7.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00255848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_6.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00251672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_5.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00238088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine3_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00237848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00236824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00229584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00177672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00107368 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00083736 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00083664 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00081768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00068104 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00065032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00062744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00062672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xinput1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00028168 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00025608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00021000 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00017928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00017688 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00016592 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00015128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_1.dll
2015-11-29 19:24 - 2015-11-29 19:24 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-11-29 18:58 - 2015-11-29 20:08 - 00050168 _____ C:\Windows\system32\Drivers\fvstore.dat
2015-11-29 18:58 - 2015-11-29 18:58 - 00000000 ___HD C:\VTRoot
2015-11-29 16:09 - 2015-11-29 16:09 - 00001870 _____ C:\Users\Public\Desktop\COMODO Firewall.lnk
2015-11-29 16:09 - 2015-11-29 16:09 - 00000000 ____D C:\Windows\System32\Tasks\COMODO
2015-11-29 16:08 - 2015-11-30 08:51 - 00000000 ____D C:\Program Files\COMODO
2015-11-29 16:08 - 2015-11-29 16:08 - 00000000 ____D C:\ProgramData\Shared Space
2015-11-29 16:07 - 2015-11-30 08:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2015-11-29 16:07 - 2015-11-29 16:07 - 00000000 ____D C:\Users\buebi\AppData\Local\Comodo
2015-11-29 16:05 - 2015-11-29 16:09 - 00000000 ____D C:\ProgramData\Comodo
2015-11-29 15:04 - 2015-11-29 15:06 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-11-29 14:59 - 2015-11-29 14:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-29 14:05 - 2015-11-29 14:05 - 00000146 _____ C:\Users\buebi\Desktop\NVIDIA Systemsteuerung - Verknüpfung.lnk
2015-11-29 12:10 - 2015-11-29 12:10 - 00000000 ____D C:\NVIDIA
2015-11-29 12:03 - 2015-11-29 12:03 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-29 12:03 - 2015-11-29 12:03 - 00000000 ____D C:\Program Files\Java
2015-11-29 11:53 - 2015-11-29 11:54 - 01905272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435900.dll
2015-11-29 11:53 - 2015-11-29 11:54 - 01564792 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435900.dll
2015-11-29 11:40 - 2015-11-29 11:40 - 00205456 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-11-29 11:40 - 2015-11-29 11:40 - 00039240 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-11-29 10:11 - 2015-11-29 10:11 - 00000000 ____D C:\ProgramData\McAfee
2015-11-29 09:16 - 2015-11-29 09:16 - 00002063 _____ C:\Users\buebi\Desktop\Curse - Verknüpfung.lnk
2015-11-29 09:14 - 2015-11-29 09:14 - 00003118 _____ C:\Windows\System32\Tasks\{CD827ED8-44D2-49BD-9906-C99AA9595535}
2015-11-29 04:24 - 2015-11-29 12:03 - 00000000 ____D C:\Users\buebi\.oracle_jre_usage
2015-11-28 19:25 - 2015-11-28 19:25 - 00000917 _____ C:\Users\buebi\Desktop\Revo Uninstaller.lnk
2015-11-28 19:25 - 2015-11-28 19:25 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-11-28 19:07 - 2015-11-28 19:07 - 00000788 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-11-28 19:07 - 2015-11-28 19:07 - 00000788 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-11-28 17:06 - 2015-11-28 17:06 - 00000000 ____H C:\asc_rdflag
2015-11-28 16:47 - 2015-11-29 10:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-28 16:47 - 2015-11-28 16:47 - 00000787 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-11-28 16:47 - 2015-11-28 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-11-28 16:47 - 2015-11-28 16:47 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-28 16:47 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-28 16:47 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-28 16:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-28 15:51 - 2015-11-28 16:41 - 00002266 _____ C:\Users\Public\Desktop\Advanced SystemCare 9.lnk
2015-11-28 15:51 - 2015-11-28 15:51 - 00003180 _____ C:\Windows\System32\Tasks\ASC9_PerformanceMonitor
2015-11-28 15:51 - 2015-11-28 15:51 - 00002868 _____ C:\Windows\System32\Tasks\ASC9_SkipUac_buebi
2015-11-28 15:51 - 2015-11-28 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
2015-11-28 15:51 - 2015-11-28 15:51 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2015-11-26 16:19 - 2015-11-30 09:43 - 00000000 ____D C:\FRST
2015-11-26 15:18 - 2015-11-26 15:18 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.HTML
2015-11-26 15:18 - 2015-11-26 15:18 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ayk.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 00000000 _____ C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00007307 _____ C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\ProgramData\_how_recover_qpk.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 00002588 _____ C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-25 20:26 - 2015-11-25 20:26 - 00000000 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00007307 _____ C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\ProgramData\_how_recover_smn.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 00002588 _____ C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00007307 _____ C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 18:31 - 2015-11-25 18:31 - 00002588 _____ C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00007307 _____ C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\ProgramData\_how_recover_oad.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 00002588 _____ C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-25 18:03 - 2015-11-25 18:03 - 00001086 _____ C:\Windows\system32\Tasks - Verknüpfung.lnk
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_mxh.HTML
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_mxh.TXT
2015-11-25 17:48 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_mxh.TXT
2015-11-25 17:46 - 2015-11-25 17:47 - 00001251 _____ C:\Users\buebi\Desktop\taskmgr.lnk
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00007307 _____ C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 00002588 _____ C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 00007307 _____ C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 00002588 _____ C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 00007307 _____ C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 00002588 _____ C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_xwl.HTML
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_xwl.TXT
2015-11-24 20:47 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00007307 _____ C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\ProgramData\_how_recover_xwl.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 00002588 _____ C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_pap.HTML
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_pap.TXT
2015-11-24 20:21 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00007307 _____ C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pap.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 00002588 _____ C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00007307 _____ C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 00002588 _____ C:\ProgramData\_how_recover_pcn.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00007307 _____ C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 00002588 _____ C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\Default User\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\_how_recover_txi.HTML
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\Default User\AppData\_how_recover_txi.TXT
2015-11-24 19:24 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\_how_recover_txi.TXT
2015-11-24 19:21 - 2015-11-24 19:21 - 00007307 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.HTML
2015-11-24 19:21 - 2015-11-24 19:21 - 00002588 _____ C:\Users\buebi\AppData\LocalLow\_how_recover_txi.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 00000904 ____H C:\ProgramData\@system.temp
2015-11-24 19:18 - 2015-11-26 15:19 - 00000640 ____H C:\ProgramData\@system3.att
2015-11-24 19:18 - 2015-11-24 19:18 - 00000480 ____H C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{A7678D9E-37E4-4D52-A9B2-11777696009D}
2015-11-24 19:17 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{56569604-F8FD-4B74-AFE1-A9BF4392C217}
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00007307 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 00002588 _____ C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00007307 _____ C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Users\buebi\AppData\Local\Apps\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\ProgramData\_how_recover_txi.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 00002588 _____ C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-15 10:24 - 2015-11-28 17:06 - 44236800 _____ C:\Windows\system32\config\components.iodefrag.bak
2015-11-14 11:25 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{D55E3194-1AF1-4F77-8E95-158F7A791250}
2015-11-14 11:25 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{189F0F8A-EE01-4590-871B-397920EA8882}
2015-11-12 15:41 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 15:50 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 15:50 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 15:50 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 15:50 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 15:50 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 15:50 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 15:50 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 15:50 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 15:50 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 15:50 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 15:50 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 15:50 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 15:50 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 15:49 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 15:49 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 15:49 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 15:49 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 15:49 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 15:49 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 15:49 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 15:49 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 15:49 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 15:49 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 15:49 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 15:49 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 15:49 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 15:49 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 15:49 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 15:49 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 15:49 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 15:49 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 15:49 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 15:49 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 15:49 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 15:49 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 15:49 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 15:49 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 15:49 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 15:49 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 15:49 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 15:49 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 15:49 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 15:49 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 15:49 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 15:49 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 15:49 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 15:49 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 15:49 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 15:49 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 15:49 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 15:49 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 15:49 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 15:49 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 15:49 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 15:49 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 15:49 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 15:49 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 15:49 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 15:49 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 15:49 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 15:49 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 15:49 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 15:49 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 15:49 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 15:49 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 15:49 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 15:49 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 15:49 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 15:49 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 15:49 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 15:49 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 15:49 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 15:49 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 15:49 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 15:49 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 15:49 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-07 13:40 - 2015-11-07 13:40 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-07 13:40 - 2015-11-07 13:40 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-04 09:59 - 2015-11-25 20:09 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2015-11-04 09:58 - 2015-11-26 14:24 - 00000000 ____D C:\ProgramData\Battle.net
2015-11-04 00:06 - 2015-11-25 20:09 - 00000000 ____D C:\Users\buebi\AppData\Local\CEF
2015-11-04 00:00 - 2015-11-28 16:02 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-04 00:00 - 2015-11-04 00:00 - 00002053 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-04 00:00 - 2015-11-04 00:00 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-03 23:35 - 2015-11-29 12:15 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA
2015-11-03 23:32 - 2015-11-29 12:16 - 00938800 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-11-03 23:32 - 2015-11-29 12:16 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-11-03 23:32 - 2015-11-29 12:16 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-11-03 23:32 - 2015-11-29 12:16 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-11-03 23:32 - 2015-11-14 07:06 - 06358832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-11-03 23:32 - 2015-11-14 07:06 - 02983032 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-11-03 23:32 - 2015-11-14 07:06 - 02554488 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-11-03 23:32 - 2015-11-14 07:06 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-11-03 23:32 - 2015-11-14 07:06 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-11-03 23:32 - 2015-10-28 09:17 - 06027430 _____ C:\Windows\system32\nvcoproc.bin
2015-11-03 23:31 - 2015-11-29 11:40 - 01572496 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-11-03 12:42 - 2015-11-29 12:18 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-03 12:42 - 2015-11-25 20:26 - 00000000 ____D C:\Users\buebi\AppData\Local\YSearchUtil
2015-11-03 12:42 - 2015-11-03 12:42 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-11-03 12:40 - 2015-11-29 12:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-03 12:40 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Sun
2015-11-03 12:40 - 2015-11-25 20:09 - 00000000 ____D C:\ProgramData\Oracle
2015-11-03 12:40 - 2015-11-25 17:48 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Sun
2015-11-03 12:40 - 2015-11-03 12:40 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-03 12:40 - 2015-11-03 12:40 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-03 12:37 - 2015-11-26 15:18 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Oracle
2015-11-03 12:37 - 2015-11-03 12:37 - 00584288 _____ (Oracle Corporation) C:\Users\buebi\JavaSetup8u65.exe
2015-11-03 12:10 - 2015-11-26 14:24 - 00000000 ____D C:\ProgramData\Adobe
2015-11-03 11:46 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-11-03 11:46 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-11-03 11:46 - 2015-05-25 12:20 - 00029329 _____ C:\Windows\system32\nvinfo.pb
|
|
30.11.2015, 10:04
| #11 |
| | PC reagiert kaum nochCode:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-11-30 09:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-11-30 09:36 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-30 09:36 - 2009-07-14 05:45 - 00020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-30 09:31 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Bigfoot Networks
2015-11-30 09:31 - 2013-03-12 18:29 - 00000000 ____D C:\Users\buebi\AppData\Local\Deployment
2015-11-30 09:26 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-30 09:16 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Battle.net
2015-11-30 08:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-30 07:46 - 2013-08-17 06:47 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-11-29 20:03 - 2013-07-14 11:28 - 00007597 _____ C:\Users\buebi\AppData\Local\Resmon.ResmonCfg
2015-11-29 18:35 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files (x86)\DivX
2015-11-29 18:35 - 2013-06-17 18:31 - 00000000 ____D C:\ProgramData\DivX
2015-11-29 16:09 - 2011-04-12 08:43 - 01406972 _____ C:\Windows\system32\perfh007.dat
2015-11-29 16:09 - 2011-04-12 08:43 - 00533928 _____ C:\Windows\system32\perfc007.dat
2015-11-29 15:03 - 2013-08-15 16:13 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\boost_interprocess
2015-11-29 14:10 - 2014-10-19 11:39 - 00000743 _____ C:\Users\Public\Desktop\World of Warcraft.lnk
2015-11-29 14:10 - 2013-03-11 19:36 - 00000930 _____ C:\Users\buebi\Desktop\Wow-64 - Verknüpfung.lnk
2015-11-29 13:53 - 2013-03-10 14:21 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-11-29 13:52 - 2015-06-11 01:33 - 00068384 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGJoyXlCore.sys
2015-11-29 13:52 - 2015-06-11 01:33 - 00037408 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGBusEnum.sys
2015-11-29 13:52 - 2015-06-11 01:33 - 00026912 _____ (Logitech Inc.) C:\Windows\system32\Drivers\LGVirHid.sys
2015-11-29 13:52 - 2013-03-10 14:21 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-11-29 13:52 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-11-29 13:51 - 2014-05-23 12:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-29 12:50 - 2014-06-28 17:54 - 00000000 ____D C:\Windows\pss
2015-11-29 12:28 - 2013-07-26 19:14 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-29 12:17 - 2015-05-25 12:20 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-29 12:17 - 2015-05-25 12:20 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-11-29 12:17 - 2015-05-25 12:20 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-11-29 12:16 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-11-29 11:56 - 2015-05-30 15:20 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-11-29 11:56 - 2015-05-30 15:20 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-11-29 11:54 - 2013-03-10 14:10 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-11-29 11:46 - 2013-11-12 17:11 - 00000000 ____D C:\Users\buebi\AppData\Local\NVIDIA Corporation
2015-11-29 11:42 - 2015-02-13 09:41 - 00000000 ____D C:\ProgramData\ProductData
2015-11-29 11:35 - 2015-02-13 09:41 - 00002874 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (buebi)
2015-11-29 11:24 - 2013-03-12 18:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-11-29 10:14 - 2015-02-13 09:42 - 00000000 ____D C:\Program Files (x86)\IObit
2015-11-29 10:11 - 2014-09-08 18:00 - 00000000 ____D C:\Users\buebi\AppData\Local\Adobe
2015-11-29 10:11 - 2014-04-23 02:17 - 00000030 _____ C:\AVScanner.ini
2015-11-29 10:11 - 2013-03-12 18:35 - 00003824 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-29 10:10 - 2013-03-12 18:35 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-29 10:10 - 2013-03-12 18:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-29 09:46 - 2013-10-20 11:30 - 00000000 ____D C:\SearchProtect
2015-11-29 09:45 - 2015-04-24 08:09 - 00000000 ____D C:\Users\buebi\Norisbank
2015-11-29 09:45 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi
2015-11-29 09:43 - 2013-03-09 20:47 - 00000000 ____D C:\Lokaler Datenträger
2015-11-29 09:02 - 2014-08-07 11:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-28 18:38 - 2015-06-20 19:30 - 00000000 ____D C:\Users\buebi\Documents\Heroes of the Storm
2015-11-28 18:38 - 2014-05-05 14:04 - 00000000 ____D C:\Users\buebi\Documents\ofen
2015-11-28 18:38 - 2014-04-21 13:15 - 00000000 ____D C:\Users\buebi\Documents\My Art
2015-11-28 18:38 - 2014-04-18 11:34 - 00000000 ____D C:\Users\buebi\Documents\NPS
2015-11-28 18:38 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\Documents\My NPS Files
2015-11-28 18:38 - 2013-07-27 09:42 - 00000000 ____D C:\Users\buebi\Documents\My Games
2015-11-28 18:38 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\Documents\My Curse
2015-11-28 18:38 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-11-28 18:38 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-11-28 18:37 - 2015-09-03 14:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bigfoot Networks
2015-11-28 18:37 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SSDlife
2015-11-28 18:37 - 2015-04-20 10:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 4
2015-11-28 18:37 - 2015-02-23 09:39 - 00000000 ___HD C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2015-11-28 18:37 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-11-28 18:37 - 2015-02-13 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Stable
2015-11-28 18:37 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 8
2015-11-28 18:37 - 2015-02-07 08:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eSupport.com
2015-11-28 18:37 - 2014-12-26 09:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-11-28 18:37 - 2014-10-19 11:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2015-11-28 18:37 - 2014-07-24 20:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-11-28 18:37 - 2014-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-11-28 18:37 - 2014-03-14 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-11-28 18:37 - 2014-03-11 17:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-11-28 18:37 - 2013-11-04 13:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tukui
2015-11-28 18:37 - 2013-08-17 06:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2015-11-28 18:37 - 2013-08-16 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-28 18:37 - 2013-07-27 09:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
2015-11-28 18:37 - 2013-04-11 17:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-28 18:37 - 2013-03-12 18:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2015-11-28 18:37 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-11-28 18:37 - 2013-03-10 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-11-28 18:37 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-11-28 18:35 - 2015-06-21 13:04 - 00000000 ____D C:\Users\buebi\Documents\StarCraft II
2015-11-28 18:00 - 2015-02-23 09:30 - 00000334 _____ C:\Windows\Tasks\GlaryInitialize 5.job
2015-11-28 17:57 - 2015-02-23 09:30 - 00002632 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2015-11-28 17:43 - 2014-03-11 17:55 - 00002772 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-28 17:43 - 2014-03-11 17:55 - 00000694 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-28 17:06 - 2015-05-04 21:59 - 66076672 _____ C:\Windows\system32\config\software.iodefrag.bak
2015-11-28 17:06 - 2015-05-04 21:59 - 66076672 _____ C:\Windows\system32\config\software.iodefrag
2015-11-28 17:06 - 2015-05-04 21:59 - 00270336 _____ C:\Windows\system32\config\default.iodefrag.bak
2015-11-28 17:06 - 2015-05-04 21:59 - 00024576 _____ C:\Windows\system32\config\security.iodefrag.bak
2015-11-28 17:06 - 2015-05-04 21:59 - 00024576 _____ C:\Windows\system32\config\sam.iodefrag.bak
2015-11-28 17:04 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\Performance
2015-11-28 15:51 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\Roaming\IObit
2015-11-28 15:51 - 2015-02-13 09:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\IObit
2015-11-28 15:51 - 2015-02-13 09:41 - 00000000 ____D C:\ProgramData\IObit
2015-11-26 15:18 - 2015-10-24 08:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\HearthstoneDeckTracker
2015-11-26 15:18 - 2015-08-14 08:56 - 00000000 ____D C:\Users\buebi\AppData\Roaming\LolClient
2015-11-26 15:18 - 2015-05-13 18:52 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\{DD317EB4-7D95-4B43-A5FA-6A090E6A62C0}
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\GlarySoft
2015-11-26 15:18 - 2015-02-23 09:30 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DiskDefrag
2015-11-26 15:18 - 2015-02-13 19:23 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\StarStableOnline
2015-11-26 15:18 - 2015-02-13 09:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Apple Computer
2015-11-26 15:18 - 2014-04-06 21:49 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\TB
2015-11-26 15:18 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Battle.net
2015-11-26 15:18 - 2013-08-16 19:29 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Avira
2015-11-26 15:18 - 2013-07-20 06:53 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Games
2015-11-26 15:18 - 2013-06-18 04:55 - 00000000 ____D C:\Users\buebi\AppData\Roaming\DivX
2015-11-26 15:18 - 2013-06-17 18:39 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Temp
2015-11-26 15:18 - 2013-04-04 18:46 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Curse Advertising
2015-11-26 15:18 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Adobe
2015-11-26 15:18 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Leadertech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logitech
2015-11-26 15:18 - 2013-03-10 14:21 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Logishrd
2015-11-26 15:12 - 2013-08-20 14:04 - 00000000 ____D C:\NvidiaLogging
2015-11-26 15:12 - 2013-08-16 19:24 - 00000000 ____D C:\ProgramData\Avira
2015-11-26 15:12 - 2013-03-10 13:40 - 00000000 ____D C:\Program Files\Bigfoot Networks
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\SpeechEngines
2015-11-26 15:12 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-11-26 14:27 - 2014-08-07 11:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Mozilla
2015-11-26 14:27 - 2014-05-18 09:11 - 00000000 ____D C:\Users\buebi\AppData\Local\Microsoft Research
2015-11-26 14:27 - 2013-11-06 20:52 - 00000000 ____D C:\Users\buebi\AppData\Local\NativeMessaging
2015-11-26 14:27 - 2013-07-27 09:44 - 00000000 ____D C:\Users\buebi\AppData\Local\My Games
2015-11-26 14:24 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Binarysense
2015-11-26 14:24 - 2014-07-24 20:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-11-26 14:24 - 2013-06-17 18:38 - 00000000 ____D C:\Program Files\DivX
2015-11-26 14:24 - 2013-04-11 17:09 - 00000000 ____D C:\Program Files\Google
2015-11-26 14:24 - 2013-03-10 18:24 - 00000000 ____D C:\ProgramData\ASUS OC Profiles
2015-11-26 14:24 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\MSBuild
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\Microsoft Games
2015-11-26 14:24 - 2009-07-14 06:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Windows NT
2015-11-26 14:24 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Services
2015-11-25 20:26 - 2015-04-01 14:24 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Avira
2015-11-25 20:26 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieBrowserModeList
2015-11-25 20:26 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Local\Skype
2015-11-25 20:26 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieUserList
2015-11-25 20:26 - 2014-04-12 08:33 - 00000000 __SHD C:\Users\buebi\AppData\LocalLow\EmieSiteList
2015-11-25 20:26 - 2013-08-17 07:41 - 00000000 ____D C:\Users\buebi\AppData\LocalLow\Adobe
2015-11-25 20:26 - 2013-03-21 18:02 - 00000000 ____D C:\Users\buebi\AppData\Local\Tukui
2015-11-25 20:26 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Local\VirtualStore
2015-11-25 20:09 - 2015-10-26 16:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Genymobile
2015-11-25 20:09 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\TEMP
2015-11-25 20:09 - 2015-08-14 07:56 - 00000000 ____D C:\ProgramData\Licenses
2015-11-25 20:09 - 2015-06-22 14:25 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-11-25 20:09 - 2015-02-23 09:30 - 00000000 ____D C:\ProgramData\GlarySoft
2015-11-25 20:09 - 2015-02-13 09:42 - 00000000 ____D C:\ProgramData\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
2015-11-25 20:09 - 2015-02-07 08:40 - 00000000 ____D C:\Users\buebi\AppData\Local\eSupport.com
2015-11-25 20:09 - 2014-12-26 09:24 - 00000000 ____D C:\Users\buebi\AppData\Local\Gameforge4d
2015-11-25 20:09 - 2014-11-12 16:21 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieBrowserModeList
2015-11-25 20:09 - 2014-08-07 11:21 - 00000000 ____D C:\ProgramData\Mozilla
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieUserList
2015-11-25 20:09 - 2014-04-12 08:34 - 00000000 __SHD C:\Users\buebi\AppData\Local\EmieSiteList
2015-11-25 20:09 - 2014-03-14 16:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard
2015-11-25 20:09 - 2013-08-18 21:35 - 00000000 ____D C:\Users\buebi\AppData\Local\Chromium
2015-11-25 20:09 - 2013-08-17 06:47 - 00000000 ____D C:\Users\buebi\AppData\Local\Blizzard Entertainment
2015-11-25 20:09 - 2013-06-17 18:38 - 00000000 ____D C:\Users\buebi\AppData\Local\CRE
2015-11-25 20:09 - 2013-06-17 18:38 - 00000000 ____D C:\ProgramData\Conduit
2015-11-25 20:09 - 2013-04-11 17:09 - 00000000 ____D C:\ProgramData\Google
2015-11-25 20:09 - 2013-03-10 14:21 - 00000000 ____D C:\ProgramData\LogiShrd
2015-11-25 20:09 - 2013-03-10 13:21 - 00000000 ____D C:\Users\buebi\AppData\Local\Apps\2.0
2015-11-25 18:37 - 2009-07-14 06:13 - 01648656 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-25 18:31 - 2015-06-02 07:01 - 00000000 ____D C:\Users\buebi\AppData\Local\GWX
2015-11-25 18:31 - 2014-08-07 11:26 - 00000000 ____D C:\Users\buebi\AppData\Local\Macromedia
2015-11-25 18:31 - 2013-04-11 17:09 - 00000000 ____D C:\Users\buebi\AppData\Local\Google
2015-11-25 18:31 - 2013-03-10 14:22 - 00000000 ____D C:\Users\buebi\AppData\Local\Logitech
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-19 17:16 - 00000000 ____D C:\Users\Default User\AppData\LocalLow\IObit
2015-11-25 17:48 - 2015-08-02 11:18 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Riot Games
2015-11-25 17:48 - 2015-02-13 09:43 - 00000000 ____D C:\Users\buebi\AppData\Roaming\ProductData
2015-11-25 17:48 - 2014-11-02 17:42 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Skype
2015-11-25 17:48 - 2014-06-27 19:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Mozilla
2015-11-25 17:48 - 2014-04-18 11:31 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Samsung
2015-11-25 17:48 - 2013-09-23 17:02 - 00000000 ____D C:\Users\buebi\AppData\Roaming\SimulationCraft
2015-11-25 17:48 - 2013-03-12 18:36 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Macromedia
2015-11-25 17:48 - 2013-03-09 21:40 - 00000000 ____D C:\Users\buebi\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default\AppData\Roaming\Media Center Programs
2015-11-25 17:48 - 2011-04-12 08:54 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Media Center Programs
2015-11-24 19:24 - 2015-10-24 08:53 - 14882558 _____ C:\Users\buebi\Hearthstone.Deck.Tracker-v0.12.3.zip.ccc
2015-11-24 19:24 - 2015-09-05 12:10 - 00452782 _____ C:\Users\buebi\BMO-Satzung i. d. F. d. 6. Nachtrag.pdf.ccc
2015-11-24 19:24 - 2015-09-05 11:25 - 00263182 _____ C:\Users\buebi\Bonusformular_ffc_200_2015.pdf.ccc
2015-11-24 19:24 - 2014-05-15 22:58 - 02803982 _____ C:\Users\buebi\Desktop\Hearthstone_Screenshot_5.15.2014.23.58.50.png.ccc
2015-11-24 19:17 - 2015-10-02 18:46 - 00025998 _____ C:\Users\buebi\Abrechnung_430401338900_2015-10-01_0827.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:40 - 00139742 _____ C:\Users\buebi\11451971_5906313504_R_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-26 15:38 - 00030158 _____ C:\Users\buebi\11451971_5906313504_EVN_20150909_201508_33.26_O_1of1.pdf.ccc
2015-11-24 19:17 - 2015-09-05 12:18 - 00195902 _____ C:\Users\buebi\Antrag auf doppelten Festzuschuss (Zahnersatz) 2015.pdf.ccc
2015-11-22 11:14 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-15 05:59 - 2013-08-04 12:52 - 00000000 ____D C:\Windows\Minidump
2015-11-13 03:17 - 2009-07-14 05:45 - 00278800 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-11 19:35 - 2013-05-27 18:03 - 01622000 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-04 00:00 - 2014-12-25 14:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-03 23:32 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\Help
2015-11-03 10:49 - 2015-04-20 10:50 - 00001180 _____ C:\Users\Public\Desktop\Smart Defrag 4.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-25 18:31 - 2015-11-25 18:31 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_dvx.TXT
2015-11-25 16:42 - 2015-11-25 16:42 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:42 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_oad.TXT
2015-11-26 15:12 - 2015-11-26 15:12 - 0000000 _____ () C:\Program Files\Common Files\_how_recover_ooy.HTML
2015-11-26 15:12 - 2015-11-26 15:12 - 0000000 _____ () C:\Program Files\Common Files\_how_recover_ooy.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_qpk.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_txi.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 0007307 _____ () C:\Program Files\Common Files\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 0002588 _____ () C:\Program Files\Common Files\_how_recover_xwl.TXT
2015-11-25 18:31 - 2015-11-25 18:44 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_dvx.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_pcn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 0007307 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 0002588 _____ () C:\Users\buebi\AppData\Roaming\_how_recover_xwl.TXT
2015-11-24 19:18 - 2015-11-24 19:18 - 0000480 ____H () C:\Users\buebi\AppData\Roaming\½ž’“Ó™œ‰
2013-07-14 11:28 - 2015-11-29 20:03 - 0007597 _____ () C:\Users\buebi\AppData\Local\Resmon.ResmonCfg
2015-11-25 18:31 - 2015-11-25 18:44 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:44 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_dvx.TXT
2015-11-25 16:43 - 2015-11-25 16:43 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_ieh.HTML
2015-11-25 16:43 - 2015-11-25 16:43 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:48 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:48 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:21 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:21 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_pcn.TXT
2015-11-25 20:09 - 2015-11-25 20:27 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:27 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:24 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:24 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:47 - 0007307 _____ () C:\Users\buebi\AppData\Local\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:47 - 0002588 _____ () C:\Users\buebi\AppData\Local\_how_recover_xwl.TXT
2015-11-24 19:20 - 2015-11-26 15:19 - 0000904 ____H () C:\ProgramData\@system.temp
2015-11-24 19:18 - 2015-11-26 15:19 - 0000640 ____H () C:\ProgramData\@system3.att
2015-11-25 18:31 - 2015-11-25 18:31 - 0007307 _____ () C:\ProgramData\_how_recover_dvx.HTML
2015-11-25 18:31 - 2015-11-25 18:31 - 0002588 _____ () C:\ProgramData\_how_recover_dvx.TXT
2015-11-25 16:42 - 2015-11-25 16:43 - 0007307 _____ () C:\ProgramData\_how_recover_ieh.HTML
2015-11-25 16:42 - 2015-11-25 16:43 - 0002588 _____ () C:\ProgramData\_how_recover_ieh.TXT
2015-11-25 17:26 - 2015-11-25 17:26 - 0007307 _____ () C:\ProgramData\_how_recover_mxh.HTML
2015-11-25 17:26 - 2015-11-25 17:26 - 0002588 _____ () C:\ProgramData\_how_recover_mxh.TXT
2015-11-25 18:19 - 2015-11-25 18:19 - 0007307 _____ () C:\ProgramData\_how_recover_oad.HTML
2015-11-25 18:19 - 2015-11-25 18:19 - 0002588 _____ () C:\ProgramData\_how_recover_oad.TXT
2015-11-24 20:14 - 2015-11-24 20:14 - 0007307 _____ () C:\ProgramData\_how_recover_pap.HTML
2015-11-24 20:14 - 2015-11-24 20:14 - 0002588 _____ () C:\ProgramData\_how_recover_pap.TXT
2015-11-24 20:11 - 2015-11-24 20:11 - 0007307 _____ () C:\ProgramData\_how_recover_pcn.HTML
2015-11-24 20:11 - 2015-11-24 20:11 - 0002588 _____ () C:\ProgramData\_how_recover_pcn.TXT
2015-11-26 14:24 - 2015-11-26 14:24 - 0007307 _____ () C:\ProgramData\_how_recover_qpk.HTML
2015-11-26 14:24 - 2015-11-26 14:24 - 0002588 _____ () C:\ProgramData\_how_recover_qpk.TXT
2015-11-25 20:09 - 2015-11-25 20:09 - 0007307 _____ () C:\ProgramData\_how_recover_smn.HTML
2015-11-25 20:09 - 2015-11-25 20:09 - 0002588 _____ () C:\ProgramData\_how_recover_smn.TXT
2015-11-24 19:17 - 2015-11-24 19:17 - 0007307 _____ () C:\ProgramData\_how_recover_txi.HTML
2015-11-24 19:17 - 2015-11-24 19:17 - 0002588 _____ () C:\ProgramData\_how_recover_txi.TXT
2015-11-24 20:09 - 2015-11-24 20:09 - 0007307 _____ () C:\ProgramData\_how_recover_vnc.HTML
2015-11-24 20:09 - 2015-11-24 20:09 - 0002588 _____ () C:\ProgramData\_how_recover_vnc.TXT
2015-11-24 20:46 - 2015-11-24 20:46 - 0007307 _____ () C:\ProgramData\_how_recover_xwl.HTML
2015-11-24 20:46 - 2015-11-24 20:46 - 0002588 _____ () C:\ProgramData\_how_recover_xwl.TXT
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\buebi\JavaSetup8u65.exe
Einige Dateien in TEMP:
====================
C:\Users\buebi\AppData\Local\Temp\avgnt.exe
C:\Users\buebi\AppData\Local\Temp\BingBarSetup-Partner.exe
C:\Users\buebi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\buebi\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\buebi\AppData\Local\Temp\nvStInst.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-29 16:38
==================== Ende von FRST.txt ============================
Grüße Heinz |
|
01.12.2015, 12:51
| #12 |
| /// the machine /// TB-Ausbilder | PC reagiert kaum noch hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.12.2015, 00:22
| #13 |
| | PC reagiert kaum nochCode:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.01.07
rootkit: v2015.11.26.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18097
buebi :: BUEBI-PC [administrator]
01.12.2015 23:14:16
mbar-log-2015-12-01 (23-14-16).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 353699
Time elapsed: 13 minute(s), 55 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 23:30:22.0840 0x1610 TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
23:30:27.0709 0x1610 ============================================================
23:30:27.0709 0x1610 Current date / time: 2015/12/01 23:30:27.0709
23:30:27.0709 0x1610 SystemInfo:
23:30:27.0709 0x1610
23:30:27.0709 0x1610 OS Version: 6.1.7601 ServicePack: 1.0
23:30:27.0709 0x1610 Product type: Workstation
23:30:27.0710 0x1610 ComputerName: BUEBI-PC
23:30:27.0710 0x1610 UserName: buebi
23:30:27.0710 0x1610 Windows directory: C:\Windows
23:30:27.0710 0x1610 System windows directory: C:\Windows
23:30:27.0710 0x1610 Running under WOW64
23:30:27.0710 0x1610 Processor architecture: Intel x64
23:30:27.0710 0x1610 Number of processors: 4
23:30:27.0710 0x1610 Page size: 0x1000
23:30:27.0710 0x1610 Boot type: Normal boot
23:30:27.0710 0x1610 ============================================================
23:30:28.0163 0x1610 KLMD registered as C:\Windows\system32\drivers\13747204.sys
23:30:28.0550 0x1610 System UUID: {E2F63BCB-D9A2-95B6-3889-3A81C5175EED}
23:30:29.0464 0x1610 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:30:29.0470 0x1610 ============================================================
23:30:29.0470 0x1610 \Device\Harddisk0\DR0:
23:30:29.0470 0x1610 MBR partitions:
23:30:29.0470 0x1610 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x61A8000
23:30:29.0470 0x1610 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61A8800, BlocksNum 0x1701C000
23:30:29.0470 0x1610 ============================================================
23:30:29.0471 0x1610 C: <-> \Device\Harddisk0\DR0\Partition1
23:30:29.0473 0x1610 D: <-> \Device\Harddisk0\DR0\Partition2
23:30:29.0473 0x1610 ============================================================
23:30:29.0473 0x1610 Initialize success
23:30:29.0473 0x1610 ============================================================
23:31:40.0443 0x17d4 ============================================================
23:31:40.0443 0x17d4 Scan started
23:31:40.0443 0x17d4 Mode: Manual;
23:31:40.0443 0x17d4 ============================================================
23:31:40.0443 0x17d4 KSN ping started
23:31:43.0236 0x17d4 KSN ping finished: true
23:31:44.0218 0x17d4 ================ Scan system memory ========================
23:31:44.0218 0x17d4 System memory - ok
23:31:44.0218 0x17d4 ================ Scan services =============================
23:31:44.0250 0x17d4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:31:44.0265 0x17d4 1394ohci - ok
23:31:44.0281 0x17d4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:31:44.0296 0x17d4 ACPI - ok
23:31:44.0296 0x17d4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:31:44.0296 0x17d4 AcpiPmi - ok
23:31:44.0312 0x17d4 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:31:44.0312 0x17d4 AdobeARMservice - ok
23:31:44.0328 0x17d4 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:31:44.0343 0x17d4 AdobeFlashPlayerUpdateSvc - ok
23:31:44.0359 0x17d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:31:44.0374 0x17d4 adp94xx - ok
23:31:44.0374 0x17d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:31:44.0390 0x17d4 adpahci - ok
23:31:44.0390 0x17d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:31:44.0406 0x17d4 adpu320 - ok
23:31:44.0421 0x17d4 [ A1936493AC94D7C4350327049ED5B953, 1D7DAD68E7DA6BC975405C47C2B1D1334C83614997559375A464BC398B6B3B51 ] AdvancedSystemCareService9 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe
23:31:44.0437 0x17d4 AdvancedSystemCareService9 - ok
23:31:44.0452 0x17d4 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:31:44.0452 0x17d4 AeLookupSvc - ok
23:31:44.0468 0x17d4 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
23:31:44.0468 0x17d4 AFD - ok
23:31:44.0484 0x17d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
23:31:44.0484 0x17d4 agp440 - ok
23:31:44.0484 0x17d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
23:31:44.0484 0x17d4 ALG - ok
23:31:44.0499 0x17d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
23:31:44.0499 0x17d4 aliide - ok
23:31:44.0499 0x17d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
23:31:44.0499 0x17d4 amdide - ok
23:31:44.0499 0x17d4 [ 35D34AD337A1AC46F74C3377B4CCA88E, 046695BDF540EDCA87C36EDC725615ACA99DA57558A54CAC1B49F245D702B406 ] amdide64 C:\Windows\system32\DRIVERS\amdide64.sys
23:31:44.0499 0x17d4 amdide64 - ok
23:31:44.0515 0x17d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:31:44.0515 0x17d4 AmdK8 - ok
23:31:44.0515 0x17d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:31:44.0515 0x17d4 AmdPPM - ok
23:31:44.0515 0x17d4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:31:44.0530 0x17d4 amdsata - ok
23:31:44.0530 0x17d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
23:31:44.0530 0x17d4 amdsbs - ok
23:31:44.0546 0x17d4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:31:44.0546 0x17d4 amdxata - ok
23:31:44.0577 0x17d4 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
23:31:44.0593 0x17d4 AntiVirMailService - ok
23:31:44.0608 0x17d4 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:31:44.0624 0x17d4 AntiVirSchedulerService - ok
23:31:44.0640 0x17d4 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:31:44.0640 0x17d4 AntiVirService - ok
23:31:44.0686 0x17d4 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
23:31:44.0718 0x17d4 AntiVirWebService - ok
23:31:44.0718 0x17d4 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
23:31:44.0733 0x17d4 AppID - ok
23:31:44.0733 0x17d4 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:31:44.0733 0x17d4 AppIDSvc - ok
23:31:44.0733 0x17d4 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
23:31:44.0733 0x17d4 Appinfo - ok
23:31:44.0749 0x17d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
23:31:44.0749 0x17d4 arc - ok
23:31:44.0749 0x17d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:31:44.0749 0x17d4 arcsas - ok
23:31:44.0764 0x17d4 [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
23:31:44.0764 0x17d4 AsIO - ok
23:31:44.0764 0x17d4 [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
23:31:44.0764 0x17d4 asmthub3 - ok
23:31:44.0780 0x17d4 [ C5DF54A0DF339BBA59A8FCAC67796DC9, A29584B43721AD02A8BBD51E9308805AA424486502AFD5C862F52D9237502D4F ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
23:31:44.0796 0x17d4 asmtxhci - ok
23:31:44.0811 0x17d4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:31:44.0811 0x17d4 aspnet_state - ok
23:31:44.0811 0x17d4 [ 798A87B2D7AD73B16B7CD968C5D1F18F, A2C1567D7BCF1280FDD827D25D4996FB55B3F2983C300BB91F3A96A3A8603446 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
23:31:44.0811 0x17d4 AsSysCtrlService - ok
23:31:44.0811 0x17d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:31:44.0811 0x17d4 AsyncMac - ok
23:31:44.0827 0x17d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
23:31:44.0827 0x17d4 atapi - ok
23:31:44.0936 0x17d4 [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:31:45.0061 0x17d4 atikmdag - ok
23:31:45.0092 0x17d4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:31:45.0108 0x17d4 AudioEndpointBuilder - ok
23:31:45.0123 0x17d4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:31:45.0139 0x17d4 AudioSrv - ok
23:31:45.0154 0x17d4 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:31:45.0154 0x17d4 avgntflt - ok
23:31:45.0154 0x17d4 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:31:45.0170 0x17d4 avipbb - ok
23:31:45.0170 0x17d4 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:31:45.0186 0x17d4 Avira.ServiceHost - ok
23:31:45.0186 0x17d4 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:31:45.0186 0x17d4 avkmgr - ok
23:31:45.0186 0x17d4 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
23:31:45.0201 0x17d4 avnetflt - ok
23:31:45.0201 0x17d4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:31:45.0201 0x17d4 AxInstSV - ok
23:31:45.0217 0x17d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
23:31:45.0232 0x17d4 b06bdrv - ok
23:31:45.0232 0x17d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:31:45.0248 0x17d4 b57nd60a - ok
23:31:45.0248 0x17d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
23:31:45.0248 0x17d4 BDESVC - ok
23:31:45.0264 0x17d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
23:31:45.0264 0x17d4 Beep - ok
23:31:45.0279 0x17d4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
23:31:45.0295 0x17d4 BFE - ok
23:31:45.0295 0x17d4 [ 07132255ADCB05CD7078B6C7B7215058, 85BE5A3E055FA61B53C70D2967C47E2A9F761B717FD94489D49A68FCDEEDFF6A ] BfEdge7x64 C:\Windows\system32\DRIVERS\Edge7x64.sys
23:31:45.0310 0x17d4 BfEdge7x64 - ok
23:31:45.0310 0x17d4 [ 33B114FC0394358DB521828B6F6ACC54, 3EF2AB62A23BDB2C5976B5C470E48FCD11154C1CCFC5633CA90C08D32E97D330 ] BFN7x64 C:\Windows\system32\DRIVERS\Xeno7x64.sys
23:31:45.0310 0x17d4 BFN7x64 - ok
23:31:45.0326 0x17d4 [ 16FF3A2135B87D448ED197A1D6C2FDCE, 36DE3AB5315DAB683E26405775E2AB3BBBBDC4C9703E126E53E608128044D4FE ] Bigfoot Networks Killer Service D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe
23:31:45.0342 0x17d4 Bigfoot Networks Killer Service - ok
23:31:45.0373 0x17d4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
23:31:45.0388 0x17d4 BITS - ok
23:31:45.0388 0x17d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:31:45.0404 0x17d4 blbdrive - ok
23:31:45.0404 0x17d4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:31:45.0404 0x17d4 bowser - ok
23:31:45.0404 0x17d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
23:31:45.0420 0x17d4 BrFiltLo - ok
23:31:45.0420 0x17d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
23:31:45.0420 0x17d4 BrFiltUp - ok
23:31:45.0420 0x17d4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
23:31:45.0420 0x17d4 Browser - ok
23:31:45.0435 0x17d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:31:45.0451 0x17d4 Brserid - ok
23:31:45.0451 0x17d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:31:45.0451 0x17d4 BrSerWdm - ok
23:31:45.0451 0x17d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:31:45.0451 0x17d4 BrUsbMdm - ok
23:31:45.0451 0x17d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:31:45.0451 0x17d4 BrUsbSer - ok
23:31:45.0466 0x17d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:31:45.0466 0x17d4 BTHMODEM - ok
23:31:45.0466 0x17d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
23:31:45.0466 0x17d4 bthserv - ok
23:31:45.0482 0x17d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:31:45.0482 0x17d4 cdfs - ok
23:31:45.0482 0x17d4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:31:45.0498 0x17d4 cdrom - ok
23:31:45.0498 0x17d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
23:31:45.0498 0x17d4 CertPropSvc - ok
23:31:45.0498 0x17d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
23:31:45.0498 0x17d4 circlass - ok
23:31:45.0513 0x17d4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
23:31:45.0529 0x17d4 CLFS - ok
23:31:45.0529 0x17d4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:31:45.0529 0x17d4 clr_optimization_v2.0.50727_32 - ok
23:31:45.0544 0x17d4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:31:45.0544 0x17d4 clr_optimization_v2.0.50727_64 - ok
23:31:45.0560 0x17d4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:31:45.0560 0x17d4 clr_optimization_v4.0.30319_32 - ok
23:31:45.0560 0x17d4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:31:45.0560 0x17d4 clr_optimization_v4.0.30319_64 - ok
23:31:45.0576 0x17d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
23:31:45.0576 0x17d4 CmBatt - ok
23:31:45.0700 0x17d4 [ 3BE967B88EFD7F1AE2E60A7AAA941E50, C3751F9E1A463D6EE8B5A5DA71FA07F103BE116147E65986B7A14F60FFA2492B ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
23:31:45.0810 0x17d4 CmdAgent - ok
23:31:45.0825 0x17d4 [ E647139EA5C54D2245074DBD551DF637, 53F1F98E1CF6234FDB3890A78C8D0343EE6E4CF538A7D504726A63D6A139AED8 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
23:31:45.0825 0x17d4 cmderd - ok
23:31:45.0856 0x17d4 [ 5BDC0D839189FC02412291885FC00DEB, 405E7DADCD1132C0CF4DFA4E41A700313A76E97E59331E284D7087A54D786E13 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
23:31:45.0872 0x17d4 cmdGuard - ok
23:31:45.0872 0x17d4 [ D68EAB573AC627A87DC89528A81465FB, 232BA61F0F9889C280E7B66EFAE5F6EB2B29B28FC2CCA8867AE4A1EEB99108BA ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
23:31:45.0872 0x17d4 cmdHlp - ok
23:31:45.0872 0x17d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:31:45.0888 0x17d4 cmdide - ok
23:31:45.0934 0x17d4 [ 5D97D2938DD414D5F76B521AE4F91F3A, C2B7C533DE0D88360E18964C0EC68FA9D244149406A259F84C0489C61C83FA48 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
23:31:45.0997 0x17d4 cmdvirth - ok
23:31:46.0012 0x17d4 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
23:31:46.0028 0x17d4 CNG - ok
23:31:46.0028 0x17d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
23:31:46.0028 0x17d4 Compbatt - ok
23:31:46.0044 0x17d4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
23:31:46.0044 0x17d4 CompositeBus - ok
23:31:46.0044 0x17d4 COMSysApp - ok
23:31:46.0044 0x17d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:31:46.0044 0x17d4 crcdisk - ok
23:31:46.0059 0x17d4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:31:46.0059 0x17d4 CryptSvc - ok
23:31:46.0075 0x17d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:31:46.0090 0x17d4 DcomLaunch - ok
23:31:46.0106 0x17d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
23:31:46.0106 0x17d4 defragsvc - ok
23:31:46.0122 0x17d4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:31:46.0122 0x17d4 DfsC - ok
23:31:46.0137 0x17d4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
23:31:46.0137 0x17d4 Dhcp - ok
23:31:46.0168 0x17d4 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
23:31:46.0215 0x17d4 DiagTrack - ok
23:31:46.0215 0x17d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
23:31:46.0215 0x17d4 discache - ok
23:31:46.0215 0x17d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
23:31:46.0231 0x17d4 Disk - ok
23:31:46.0231 0x17d4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:31:46.0231 0x17d4 Dnscache - ok
23:31:46.0246 0x17d4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
23:31:46.0246 0x17d4 dot3svc - ok
23:31:46.0262 0x17d4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
23:31:46.0262 0x17d4 DPS - ok
23:31:46.0262 0x17d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:31:46.0262 0x17d4 drmkaud - ok
23:31:46.0293 0x17d4 [ FE71C99A5830F94D77A8792741D6E6C7, 4DB1E0FDC9E6CEFEB1D588668EA6161A977C372D841E7B87098CF90AA679ABFB ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
23:31:46.0293 0x17d4 DrvAgent64 - ok
23:31:46.0309 0x17d4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:31:46.0340 0x17d4 DXGKrnl - ok
23:31:46.0340 0x17d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
23:31:46.0356 0x17d4 EapHost - ok
23:31:46.0434 0x17d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
23:31:46.0512 0x17d4 ebdrv - ok
23:31:46.0512 0x17d4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
23:31:46.0512 0x17d4 EFS - ok
23:31:46.0527 0x17d4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:31:46.0558 0x17d4 ehRecvr - ok
23:31:46.0558 0x17d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
23:31:46.0558 0x17d4 ehSched - ok
23:31:46.0574 0x17d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:31:46.0590 0x17d4 elxstor - ok
23:31:46.0590 0x17d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:31:46.0605 0x17d4 ErrDev - ok
23:31:46.0605 0x17d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
23:31:46.0621 0x17d4 EventSystem - ok
23:31:46.0636 0x17d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
23:31:46.0636 0x17d4 exfat - ok
23:31:46.0636 0x17d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:31:46.0652 0x17d4 fastfat - ok
23:31:46.0668 0x17d4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
23:31:46.0683 0x17d4 Fax - ok
23:31:46.0683 0x17d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
23:31:46.0683 0x17d4 fdc - ok
23:31:46.0699 0x17d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
23:31:46.0699 0x17d4 fdPHost - ok
23:31:46.0699 0x17d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
23:31:46.0699 0x17d4 FDResPub - ok
23:31:46.0699 0x17d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:31:46.0714 0x17d4 FileInfo - ok
23:31:46.0714 0x17d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:31:46.0714 0x17d4 Filetrace - ok
23:31:46.0714 0x17d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
23:31:46.0714 0x17d4 flpydisk - ok
23:31:46.0730 0x17d4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:31:46.0730 0x17d4 FltMgr - ok
23:31:46.0761 0x17d4 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
23:31:46.0792 0x17d4 FontCache - ok
23:31:46.0792 0x17d4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:31:46.0808 0x17d4 FontCache3.0.0.0 - ok
23:31:46.0808 0x17d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:31:46.0808 0x17d4 FsDepends - ok
23:31:46.0808 0x17d4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:31:46.0808 0x17d4 Fs_Rec - ok
23:31:46.0824 0x17d4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:31:46.0824 0x17d4 fvevol - ok
23:31:46.0839 0x17d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:31:46.0839 0x17d4 gagp30kx - ok
23:31:46.0855 0x17d4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
23:31:46.0870 0x17d4 gpsvc - ok
23:31:46.0886 0x17d4 [ 0636745A40DEA06283D45885C228AF01, 514EF6F912CB9BF552AE109739BC02A2BC46B4784C65BC3C0B03DB6F60BBF380 ] GUBootStartup C:\Windows\System32\drivers\GUBootStartup.sys
23:31:46.0886 0x17d4 GUBootStartup - ok
23:31:46.0886 0x17d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:31:46.0886 0x17d4 hcw85cir - ok
23:31:46.0902 0x17d4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:31:46.0902 0x17d4 HdAudAddService - ok
23:31:46.0917 0x17d4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:31:46.0917 0x17d4 HDAudBus - ok
23:31:46.0917 0x17d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
23:31:46.0917 0x17d4 HidBatt - ok
23:31:46.0933 0x17d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:31:46.0933 0x17d4 HidBth - ok
23:31:46.0933 0x17d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
23:31:46.0933 0x17d4 HidIr - ok
23:31:46.0948 0x17d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
23:31:46.0948 0x17d4 hidserv - ok
23:31:46.0948 0x17d4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:31:46.0948 0x17d4 HidUsb - ok
23:31:46.0948 0x17d4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:31:46.0964 0x17d4 hkmsvc - ok
23:31:46.0964 0x17d4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:31:46.0964 0x17d4 HomeGroupListener - ok
23:31:46.0980 0x17d4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:31:46.0980 0x17d4 HomeGroupProvider - ok
23:31:46.0995 0x17d4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:31:46.0995 0x17d4 HpSAMD - ok
23:31:47.0011 0x17d4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:31:47.0026 0x17d4 HTTP - ok
23:31:47.0042 0x17d4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:31:47.0042 0x17d4 hwpolicy - ok
23:31:47.0042 0x17d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:31:47.0042 0x17d4 i8042prt - ok
23:31:47.0058 0x17d4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:31:47.0073 0x17d4 iaStorV - ok
23:31:47.0089 0x17d4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:31:47.0104 0x17d4 idsvc - ok
23:31:47.0120 0x17d4 IEEtwCollectorService - ok
23:31:47.0120 0x17d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:31:47.0120 0x17d4 iirsp - ok
23:31:47.0151 0x17d4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
23:31:47.0167 0x17d4 IKEEXT - ok
23:31:47.0167 0x17d4 [ E973F9A8734ABAB33BE777CE940F9562, FA9E44AF737BC42467E734A50A48A0D4176A79DB54DBBA3504674F1E3568AC73 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
23:31:47.0182 0x17d4 inspect - ok
23:31:47.0182 0x17d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
23:31:47.0182 0x17d4 intelide - ok
23:31:47.0182 0x17d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
23:31:47.0182 0x17d4 intelppm - ok
23:31:47.0198 0x17d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:31:47.0198 0x17d4 IPBusEnum - ok
23:31:47.0198 0x17d4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:31:47.0198 0x17d4 IpFilterDriver - ok
23:31:47.0214 0x17d4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:31:47.0229 0x17d4 iphlpsvc - ok
23:31:47.0245 0x17d4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:31:47.0245 0x17d4 IPMIDRV - ok
23:31:47.0245 0x17d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:31:47.0260 0x17d4 IPNAT - ok
23:31:47.0260 0x17d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:31:47.0260 0x17d4 IRENUM - ok
23:31:47.0260 0x17d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:31:47.0260 0x17d4 isapnp - ok
23:31:47.0276 0x17d4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:31:47.0276 0x17d4 iScsiPrt - ok
23:31:47.0292 0x17d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:31:47.0292 0x17d4 kbdclass - ok
23:31:47.0292 0x17d4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:31:47.0292 0x17d4 kbdhid - ok
23:31:47.0292 0x17d4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
23:31:47.0292 0x17d4 KeyIso - ok
23:31:47.0307 0x17d4 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:31:47.0307 0x17d4 KSecDD - ok
23:31:47.0307 0x17d4 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:31:47.0323 0x17d4 KSecPkg - ok
23:31:47.0323 0x17d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:31:47.0323 0x17d4 ksthunk - ok
23:31:47.0338 0x17d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
23:31:47.0338 0x17d4 KtmRm - ok
23:31:47.0354 0x17d4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:31:47.0354 0x17d4 LanmanServer - ok
23:31:47.0370 0x17d4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:31:47.0370 0x17d4 LanmanWorkstation - ok
23:31:47.0370 0x17d4 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
23:31:47.0385 0x17d4 LGBusEnum - ok
23:31:47.0385 0x17d4 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
23:31:47.0401 0x17d4 LGCoreTemp - ok
23:31:47.0401 0x17d4 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
23:31:47.0401 0x17d4 LGJoyXlCore - ok
23:31:47.0416 0x17d4 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
23:31:47.0416 0x17d4 LGSHidFilt - ok
23:31:47.0416 0x17d4 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
23:31:47.0416 0x17d4 LGSUsbFilt - ok
23:31:47.0416 0x17d4 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
23:31:47.0432 0x17d4 LGVirHid - ok
23:31:47.0494 0x17d4 [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
23:31:47.0510 0x15b0 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
23:31:47.0557 0x17d4 LiveUpdateSvc - ok
23:31:47.0572 0x17d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:31:47.0572 0x17d4 lltdio - ok
23:31:47.0588 0x17d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:31:47.0588 0x17d4 lltdsvc - ok
23:31:47.0604 0x17d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:31:47.0604 0x17d4 lmhosts - ok
23:31:47.0604 0x17d4 [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
23:31:47.0604 0x17d4 LogiRegistryService - ok
23:31:47.0619 0x17d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:31:47.0619 0x17d4 LSI_FC - ok
23:31:47.0619 0x17d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:31:47.0635 0x17d4 LSI_SAS - ok
23:31:47.0635 0x17d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
23:31:47.0635 0x17d4 LSI_SAS2 - ok
23:31:47.0635 0x17d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:31:47.0650 0x17d4 LSI_SCSI - ok
23:31:47.0650 0x17d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
23:31:47.0650 0x17d4 luafv - ok
23:31:47.0650 0x17d4 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:31:47.0666 0x17d4 MBAMProtector - ok
23:31:47.0682 0x17d4 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
23:31:47.0713 0x17d4 MBAMService - ok
23:31:47.0728 0x17d4 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:31:47.0728 0x17d4 MBAMWebAccessControl - ok
23:31:47.0728 0x17d4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:31:47.0728 0x17d4 Mcx2Svc - ok
23:31:47.0728 0x17d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
23:31:47.0744 0x17d4 megasas - ok
23:31:47.0744 0x17d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
23:31:47.0760 0x17d4 MegaSR - ok
23:31:47.0760 0x17d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
23:31:47.0760 0x17d4 MMCSS - ok
23:31:47.0760 0x17d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
23:31:47.0760 0x17d4 Modem - ok
23:31:47.0775 0x17d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:31:47.0775 0x17d4 monitor - ok
23:31:47.0775 0x17d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:31:47.0775 0x17d4 mouclass - ok
23:31:47.0775 0x17d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:31:47.0791 0x17d4 mouhid - ok
23:31:47.0791 0x17d4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:31:47.0791 0x17d4 mountmgr - ok
23:31:47.0806 0x17d4 [ D917B49A7EEA56FC7F4C11F3A2E11806, DA8887394162CA3BD6414362498C5A8B8145E5CB67E78C554AD65FE77181EF76 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:31:47.0806 0x17d4 MozillaMaintenance - ok
23:31:47.0806 0x17d4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:31:47.0822 0x17d4 mpio - ok
23:31:47.0822 0x17d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:31:47.0822 0x17d4 mpsdrv - ok
23:31:47.0838 0x17d4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:31:47.0869 0x17d4 MpsSvc - ok
23:31:47.0869 0x17d4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:31:47.0884 0x17d4 MRxDAV - ok
23:31:47.0884 0x17d4 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:31:47.0884 0x17d4 mrxsmb - ok
23:31:47.0900 0x17d4 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:31:47.0900 0x17d4 mrxsmb10 - ok
23:31:47.0916 0x17d4 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:31:47.0916 0x17d4 mrxsmb20 - ok
23:31:47.0916 0x17d4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
23:31:47.0916 0x17d4 msahci - ok
23:31:47.0931 0x17d4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:31:47.0931 0x17d4 msdsm - ok
23:31:47.0931 0x17d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
23:31:47.0947 0x17d4 MSDTC - ok
23:31:47.0947 0x17d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:31:47.0947 0x17d4 Msfs - ok
23:31:47.0947 0x17d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:31:47.0947 0x17d4 mshidkmdf - ok
23:31:47.0962 0x17d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:31:47.0962 0x17d4 msisadrv - ok
23:31:47.0962 0x17d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:31:47.0962 0x17d4 MSiSCSI - ok
23:31:47.0978 0x17d4 msiserver - ok
23:31:47.0978 0x17d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:31:47.0978 0x17d4 MSKSSRV - ok
23:31:47.0978 0x17d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:31:47.0978 0x17d4 MSPCLOCK - ok
23:31:47.0978 0x17d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:31:47.0978 0x17d4 MSPQM - ok
23:31:47.0994 0x17d4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:31:48.0009 0x17d4 MsRPC - ok
23:31:48.0009 0x17d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:31:48.0009 0x17d4 mssmbios - ok
23:31:48.0009 0x17d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:31:48.0009 0x17d4 MSTEE - ok
23:31:48.0025 0x17d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
23:31:48.0025 0x17d4 MTConfig - ok
23:31:48.0025 0x17d4 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
23:31:48.0025 0x17d4 MTsensor - ok
23:31:48.0025 0x17d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
23:31:48.0025 0x17d4 Mup - ok
23:31:48.0040 0x17d4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
23:31:48.0056 0x17d4 napagent - ok
23:31:48.0072 0x17d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:31:48.0072 0x17d4 NativeWifiP - ok
23:31:48.0103 0x17d4 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:31:48.0118 0x17d4 NDIS - ok
23:31:48.0134 0x17d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:31:48.0134 0x17d4 NdisCap - ok
23:31:48.0134 0x17d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:31:48.0134 0x17d4 NdisTapi - ok
23:31:48.0150 0x17d4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:31:48.0150 0x17d4 Ndisuio - ok
23:31:48.0150 0x17d4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:31:48.0165 0x17d4 NdisWan - ok
23:31:48.0165 0x1414 Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost
23:31:48.0165 0x17d4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:31:48.0165 0x17d4 NDProxy - ok
23:31:48.0165 0x17d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:31:48.0181 0x17d4 NetBIOS - ok
23:31:48.0181 0x17d4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:31:48.0196 0x17d4 NetBT - ok
23:31:48.0196 0x17d4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
23:31:48.0196 0x17d4 Netlogon - ok
23:31:48.0212 0x17d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
23:31:48.0212 0x17d4 Netman - ok
23:31:48.0228 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:31:48.0228 0x17d4 NetMsmqActivator - ok
23:31:48.0243 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:31:48.0243 0x17d4 NetPipeActivator - ok
23:31:48.0259 0x17d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
23:31:48.0259 0x17d4 netprofm - ok
23:31:48.0274 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:31:48.0274 0x17d4 NetTcpActivator - ok
23:31:48.0290 0x17d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:31:48.0290 0x17d4 NetTcpPortSharing - ok
23:31:48.0290 0x17d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:31:48.0290 0x17d4 nfrd960 - ok
23:31:48.0306 0x17d4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
23:31:48.0321 0x17d4 NlaSvc - ok
23:31:48.0321 0x17d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:31:48.0321 0x17d4 Npfs - ok
23:31:48.0321 0x17d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
23:31:48.0321 0x17d4 nsi - ok
23:31:48.0337 0x17d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:31:48.0337 0x17d4 nsiproxy - ok
23:31:48.0368 0x17d4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:31:48.0415 0x17d4 Ntfs - ok
23:31:48.0415 0x17d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
23:31:48.0415 0x17d4 Null - ok
23:31:48.0430 0x17d4 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
23:31:48.0430 0x17d4 NVHDA - ok
23:31:48.0680 0x17d4 [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:31:48.0930 0x17d4 nvlddmkm - ok
23:31:48.0961 0x17d4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:31:48.0961 0x17d4 nvraid - ok
23:31:48.0976 0x17d4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:31:48.0976 0x17d4 nvstor - ok
23:31:49.0008 0x17d4 [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] nvsvc C:\Windows\system32\nvvsvc.exe
23:31:49.0023 0x17d4 nvsvc - ok
23:31:49.0023 0x17d4 nvvad_WaveExtensible - ok
23:31:49.0023 0x17d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:31:49.0039 0x17d4 nv_agp - ok
23:31:49.0039 0x17d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:31:49.0039 0x17d4 ohci1394 - ok
23:31:49.0054 0x17d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:31:49.0054 0x17d4 p2pimsvc - ok
23:31:49.0070 0x17d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
23:31:49.0086 0x17d4 p2psvc - ok
23:31:49.0086 0x17d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:31:49.0101 0x17d4 Parport - ok
23:31:49.0101 0x17d4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:31:49.0101 0x17d4 partmgr - ok
23:31:49.0117 0x17d4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:31:49.0117 0x17d4 PcaSvc - ok
23:31:49.0117 0x17d4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
23:31:49.0132 0x17d4 pci - ok
23:31:49.0132 0x17d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
23:31:49.0132 0x17d4 pciide - ok
23:31:49.0148 0x17d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
23:31:49.0148 0x17d4 pcmcia - ok
23:31:49.0148 0x17d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
23:31:49.0148 0x17d4 pcw - ok
23:31:49.0179 0x17d4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:31:49.0195 0x17d4 PEAUTH - ok
23:31:49.0210 0x17d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:31:49.0210 0x17d4 PerfHost - ok
23:31:49.0257 0x17d4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
23:31:49.0288 0x17d4 pla - ok
23:31:49.0304 0x17d4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:31:49.0320 0x17d4 PlugPlay - ok
23:31:49.0320 0x17d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:31:49.0320 0x17d4 PNRPAutoReg - ok
23:31:49.0335 0x17d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:31:49.0351 0x17d4 PNRPsvc - ok
23:31:49.0366 0x17d4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:31:49.0366 0x17d4 PolicyAgent - ok
23:31:49.0382 0x17d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
23:31:49.0382 0x17d4 Power - ok
23:31:49.0398 0x17d4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:31:49.0398 0x17d4 PptpMiniport - ok
23:31:49.0398 0x17d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
23:31:49.0398 0x17d4 Processor - ok
23:31:49.0413 0x17d4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
23:31:49.0429 0x17d4 ProfSvc - ok
23:31:49.0429 0x17d4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:31:49.0429 0x17d4 ProtectedStorage - ok
23:31:49.0444 0x17d4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:31:49.0444 0x17d4 Psched - ok
23:31:49.0476 0x17d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:31:49.0522 0x17d4 ql2300 - ok
23:31:49.0522 0x17d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:31:49.0522 0x17d4 ql40xx - ok
23:31:49.0538 0x17d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
23:31:49.0554 0x17d4 QWAVE - ok
23:31:49.0554 0x17d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:31:49.0554 0x17d4 QWAVEdrv - ok
23:31:49.0554 0x17d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:31:49.0554 0x17d4 RasAcd - ok
23:31:49.0569 0x17d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:31:49.0569 0x17d4 RasAgileVpn - ok
23:31:49.0569 0x17d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
23:31:49.0569 0x17d4 RasAuto - ok
23:31:49.0585 0x17d4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:31:49.0585 0x17d4 Rasl2tp - ok
23:31:49.0600 0x17d4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
23:31:49.0600 0x17d4 RasMan - ok
23:31:49.0616 0x17d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:31:49.0616 0x17d4 RasPppoe - ok
23:31:49.0616 0x17d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:31:49.0632 0x17d4 RasSstp - ok
23:31:49.0632 0x17d4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:31:49.0647 0x17d4 rdbss - ok
23:31:49.0647 0x17d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
23:31:49.0647 0x17d4 rdpbus - ok
23:31:49.0647 0x17d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:31:49.0647 0x17d4 RDPCDD - ok
23:31:49.0663 0x17d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:31:49.0663 0x17d4 RDPENCDD - ok
23:31:49.0663 0x17d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:31:49.0663 0x17d4 RDPREFMP - ok
23:31:49.0678 0x17d4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:31:49.0678 0x17d4 RdpVideoMiniport - ok
23:31:49.0678 0x17d4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:31:49.0678 0x17d4 RDPWD - ok
23:31:49.0694 0x17d4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:31:49.0694 0x17d4 rdyboost - ok
23:31:49.0710 0x17d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:31:49.0710 0x17d4 RemoteAccess - ok
23:31:49.0710 0x17d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:31:49.0725 0x17d4 RemoteRegistry - ok
23:31:49.0725 0x17d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:31:49.0725 0x17d4 RpcEptMapper - ok
23:31:49.0741 0x17d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
23:31:49.0741 0x17d4 RpcLocator - ok
23:31:49.0756 0x17d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
23:31:49.0756 0x17d4 RpcSs - ok
23:31:49.0772 0x17d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:31:49.0772 0x17d4 rspndr - ok
23:31:49.0772 0x17d4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
23:31:49.0772 0x17d4 SamSs - ok
23:31:49.0788 0x17d4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:31:49.0788 0x17d4 sbp2port - ok
23:31:49.0788 0x17d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:31:49.0803 0x17d4 SCardSvr - ok
23:31:49.0803 0x17d4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:31:49.0803 0x17d4 scfilter - ok
23:31:49.0834 0x17d4 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
23:31:49.0866 0x17d4 Schedule - ok
23:31:49.0866 0x17d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:31:49.0866 0x17d4 SCPolicySvc - ok
23:31:49.0881 0x17d4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:31:49.0881 0x17d4 SDRSVC - ok
23:31:49.0897 0x17d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:31:49.0897 0x17d4 secdrv - ok
23:31:49.0897 0x17d4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
23:31:49.0897 0x17d4 seclogon - ok
23:31:49.0897 0x17d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
23:31:49.0912 0x17d4 SENS - ok
23:31:49.0912 0x17d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:31:49.0912 0x17d4 SensrSvc - ok
23:31:49.0912 0x17d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:31:49.0912 0x17d4 Serenum - ok
23:31:49.0928 0x17d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:31:49.0928 0x17d4 Serial - ok
23:31:49.0928 0x17d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:31:49.0928 0x17d4 sermouse - ok
23:31:49.0944 0x17d4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
23:31:49.0944 0x17d4 SessionEnv - ok
23:31:49.0959 0x17d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:31:49.0959 0x17d4 sffdisk - ok
23:31:49.0959 0x17d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:31:49.0959 0x17d4 sffp_mmc - ok
23:31:49.0959 0x17d4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:31:49.0959 0x17d4 sffp_sd - ok
23:31:49.0959 0x17d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:31:49.0975 0x17d4 sfloppy - ok
23:31:49.0975 0x17d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:31:49.0990 0x17d4 SharedAccess - ok
23:31:50.0006 0x17d4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:31:50.0006 0x17d4 ShellHWDetection - ok
23:31:50.0022 0x17d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
23:31:50.0022 0x17d4 SiSRaid2 - ok
23:31:50.0022 0x17d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:31:50.0022 0x17d4 SiSRaid4 - ok
23:31:50.0037 0x17d4 [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
23:31:50.0037 0x17d4 SmartDefragDriver - ok
23:31:50.0037 0x17d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:31:50.0053 0x17d4 Smb - ok
23:31:50.0053 0x17d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:31:50.0053 0x17d4 SNMPTRAP - ok
23:31:50.0068 0x17d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
23:31:50.0068 0x17d4 spldr - ok
23:31:50.0084 0x17d4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
23:31:50.0100 0x17d4 Spooler - ok
23:31:50.0178 0x17d4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
23:31:50.0271 0x17d4 sppsvc - ok
23:31:50.0271 0x17d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:31:50.0287 0x17d4 sppuinotify - ok
23:31:50.0302 0x17d4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:31:50.0302 0x17d4 srv - ok
23:31:50.0318 0x17d4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:31:50.0334 0x17d4 srv2 - ok
23:31:50.0334 0x17d4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:31:50.0349 0x17d4 srvnet - ok
23:31:50.0349 0x17d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:31:50.0365 0x17d4 SSDPSRV - ok
23:31:50.0365 0x17d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:31:50.0365 0x15b0 Object send P2P result: true
23:31:50.0365 0x15b0 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
23:31:50.0365 0x17d4 SstpSvc - ok
23:31:50.0380 0x17d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
23:31:50.0380 0x17d4 stexstor - ok
23:31:50.0396 0x17d4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
23:31:50.0412 0x17d4 stisvc - ok
23:31:50.0412 0x17d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:31:50.0412 0x17d4 swenum - ok
23:31:50.0427 0x17d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
23:31:50.0443 0x17d4 swprv - ok
23:31:50.0490 0x17d4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
23:31:50.0536 0x17d4 SysMain - ok
23:31:50.0536 0x17d4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:31:50.0552 0x17d4 TabletInputService - ok
23:31:50.0552 0x17d4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
23:31:50.0568 0x17d4 TapiSrv - ok
23:31:50.0568 0x17d4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
23:31:50.0583 0x17d4 TBS - ok
23:31:50.0630 0x17d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:31:50.0677 0x17d4 Tcpip - ok
23:31:50.0724 0x17d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:31:50.0755 0x17d4 TCPIP6 - ok
23:31:50.0770 0x17d4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:31:50.0770 0x17d4 tcpipreg - ok
23:31:50.0770 0x17d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:31:50.0770 0x17d4 TDPIPE - ok
23:31:50.0786 0x17d4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:31:50.0786 0x17d4 TDTCP - ok
23:31:50.0786 0x17d4 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:31:50.0802 0x17d4 tdx - ok
23:31:50.0802 0x17d4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:31:50.0802 0x17d4 TermDD - ok
23:31:50.0817 0x17d4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
23:31:50.0833 0x17d4 TermService - ok
23:31:50.0848 0x17d4 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
23:31:50.0848 0x17d4 TFsExDisk - ok
23:31:50.0848 0x17d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
23:31:50.0848 0x17d4 Themes - ok
23:31:50.0864 0x17d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
23:31:50.0864 0x17d4 THREADORDER - ok
23:31:50.0864 0x17d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
23:31:50.0880 0x17d4 TrkWks - ok
23:31:50.0880 0x17d4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:31:50.0880 0x17d4 TrustedInstaller - ok
23:31:50.0895 0x17d4 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:31:50.0895 0x17d4 tssecsrv - ok
23:31:50.0895 0x17d4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:31:50.0895 0x17d4 TsUsbFlt - ok
23:31:50.0911 0x17d4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
23:31:50.0911 0x17d4 TsUsbGD - ok
23:31:50.0911 0x17d4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:31:50.0926 0x17d4 tunnel - ok
23:31:50.0926 0x17d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:31:50.0926 0x17d4 uagp35 - ok
23:31:50.0942 0x17d4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:31:50.0942 0x17d4 udfs - ok
23:31:50.0958 0x17d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:31:50.0958 0x17d4 UI0Detect - ok
23:31:50.0958 0x17d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:31:50.0958 0x17d4 uliagpkx - ok
23:31:50.0973 0x17d4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:31:50.0973 0x17d4 umbus - ok
23:31:50.0973 0x17d4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
23:31:50.0973 0x17d4 UmPass - ok
23:31:50.0989 0x17d4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
23:31:51.0004 0x17d4 upnphost - ok
23:31:51.0004 0x17d4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:31:51.0004 0x1414 Object send P2P result: true
23:31:51.0004 0x17d4 usbaudio - ok
23:31:51.0020 0x17d4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:31:51.0020 0x17d4 usbccgp - ok
23:31:51.0020 0x17d4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:31:51.0020 0x17d4 usbcir - ok
23:31:51.0036 0x17d4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:31:51.0036 0x17d4 usbehci - ok
23:31:51.0051 0x17d4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:31:51.0051 0x17d4 usbhub - ok
23:31:51.0051 0x17d4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:31:51.0067 0x17d4 usbohci - ok
23:31:51.0067 0x17d4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
23:31:51.0067 0x17d4 usbprint - ok
23:31:51.0067 0x17d4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:31:51.0067 0x17d4 USBSTOR - ok
23:31:51.0082 0x17d4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
23:31:51.0082 0x17d4 usbuhci - ok
23:31:51.0082 0x17d4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
23:31:51.0082 0x17d4 UxSms - ok
23:31:51.0098 0x17d4 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
23:31:51.0098 0x17d4 VaultSvc - ok
23:31:51.0098 0x17d4 [ C41B43417F77FCB2D2D81C9C2B9A85FE, 88EE5D47BFB2A6FE0B5C56479FA3C4B829E8ABCE0FB001C45C42E2E8B4A4EF62 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys
23:31:51.0098 0x17d4 VBoxNetAdp - ok
23:31:51.0114 0x17d4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:31:51.0114 0x17d4 vdrvroot - ok
23:31:51.0129 0x17d4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
23:31:51.0145 0x17d4 vds - ok
23:31:51.0145 0x17d4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:31:51.0145 0x17d4 vga - ok
23:31:51.0160 0x17d4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:31:51.0160 0x17d4 VgaSave - ok
23:31:51.0160 0x17d4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:31:51.0176 0x17d4 vhdmp - ok
23:31:51.0176 0x17d4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
23:31:51.0176 0x17d4 viaide - ok
23:31:51.0176 0x17d4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:31:51.0176 0x17d4 volmgr - ok
23:31:51.0192 0x17d4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:31:51.0207 0x17d4 volmgrx - ok
23:31:51.0207 0x17d4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:31:51.0223 0x17d4 volsnap - ok
23:31:51.0223 0x17d4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:31:51.0238 0x17d4 vsmraid - ok
23:31:51.0270 0x17d4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
23:31:51.0316 0x17d4 VSS - ok
23:31:51.0316 0x17d4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
23:31:51.0316 0x17d4 vwifibus - ok
23:31:51.0332 0x17d4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
23:31:51.0348 0x17d4 W32Time - ok
23:31:51.0348 0x17d4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:31:51.0348 0x17d4 WacomPen - ok
23:31:51.0363 0x17d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:31:51.0363 0x17d4 WANARP - ok
23:31:51.0363 0x17d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:31:51.0363 0x17d4 Wanarpv6 - ok
23:31:51.0410 0x17d4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
23:31:51.0441 0x17d4 wbengine - ok
23:31:51.0457 0x17d4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:31:51.0457 0x17d4 WbioSrvc - ok
23:31:51.0472 0x17d4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:31:51.0488 0x17d4 wcncsvc - ok
23:31:51.0488 0x17d4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:31:51.0488 0x17d4 WcsPlugInService - ok
23:31:51.0504 0x17d4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
23:31:51.0504 0x17d4 Wd - ok
23:31:51.0519 0x17d4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:31:51.0535 0x17d4 Wdf01000 - ok
23:31:51.0550 0x17d4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:31:51.0550 0x17d4 WdiServiceHost - ok
23:31:51.0566 0x17d4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:31:51.0566 0x17d4 WdiSystemHost - ok
23:31:51.0566 0x17d4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
23:31:51.0582 0x17d4 WebClient - ok
23:31:51.0597 0x17d4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:31:51.0597 0x17d4 Wecsvc - ok
23:31:51.0597 0x17d4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:31:51.0613 0x17d4 wercplsupport - ok
23:31:51.0613 0x17d4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
23:31:51.0613 0x17d4 WerSvc - ok
23:31:51.0628 0x17d4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:31:51.0628 0x17d4 WfpLwf - ok
23:31:51.0628 0x17d4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:31:51.0628 0x17d4 WIMMount - ok
23:31:51.0628 0x17d4 WinDefend - ok
23:31:51.0644 0x17d4 WinHttpAutoProxySvc - ok
23:31:51.0660 0x17d4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:31:51.0660 0x17d4 Winmgmt - ok
23:31:51.0706 0x17d4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
23:31:51.0753 0x17d4 WinRM - ok
23:31:51.0784 0x17d4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:31:51.0816 0x17d4 Wlansvc - ok
23:31:51.0816 0x17d4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:31:51.0816 0x17d4 WmiAcpi - ok
23:31:51.0831 0x17d4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:31:51.0831 0x17d4 wmiApSrv - ok
23:31:51.0847 0x17d4 WMPNetworkSvc - ok
23:31:51.0847 0x17d4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:31:51.0847 0x17d4 WPCSvc - ok
23:31:51.0862 0x17d4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:31:51.0862 0x17d4 WPDBusEnum - ok
23:31:51.0862 0x17d4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:31:51.0862 0x17d4 ws2ifsl - ok
23:31:51.0878 0x17d4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
23:31:51.0878 0x17d4 wscsvc - ok
23:31:51.0878 0x17d4 WSearch - ok
23:31:51.0940 0x17d4 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
23:31:52.0003 0x17d4 wuauserv - ok
23:31:52.0018 0x17d4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:31:52.0018 0x17d4 WudfPf - ok
23:31:52.0034 0x17d4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:31:52.0034 0x17d4 WUDFRd - ok
23:31:52.0050 0x17d4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:31:52.0050 0x17d4 wudfsvc - ok
23:31:52.0050 0x17d4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
23:31:52.0065 0x17d4 WwanSvc - ok
|
|
02.12.2015, 00:25
| #14 |
| | PC reagiert kaum nochCode:
ATTFilter 23:31:52.0065 0x17d4 ================ Scan global =============================== 23:31:52.0065 0x17d4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 23:31:52.0081 0x17d4 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 23:31:52.0096 0x17d4 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 23:31:52.0096 0x17d4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 23:31:52.0112 0x17d4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 23:31:52.0128 0x17d4 [ Global ] - ok 23:31:52.0128 0x17d4 ================ Scan MBR ================================== 23:31:52.0128 0x17d4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 23:31:52.0190 0x17d4 \Device\Harddisk0\DR0 - ok 23:31:52.0190 0x17d4 ================ Scan VBR ================================== 23:31:52.0190 0x17d4 [ 1CD9262CC1979B417EE02E027F64EA31 ] \Device\Harddisk0\DR0\Partition1 23:31:52.0190 0x17d4 \Device\Harddisk0\DR0\Partition1 - ok 23:31:52.0206 0x17d4 [ 2B4978EB15155FDCCB5E98C06304ED09 ] \Device\Harddisk0\DR0\Partition2 23:31:52.0206 0x17d4 \Device\Harddisk0\DR0\Partition2 - ok 23:31:52.0206 0x17d4 ================ Scan generic autorun ====================== 23:31:52.0564 0x17d4 [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe 23:31:52.0830 0x17d4 Launch LCore - ok 23:31:52.0892 0x17d4 [ 73BB7AC752D393494565A56A91B986CA, 5286A7B1719F2735C84212B5C8BC2BC57B03E9E7C4DF779EF582629DCBD01785 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe 23:31:52.0923 0x17d4 COMODO Internet Security - ok 23:31:52.0970 0x17d4 [ 80F72159E0EB98A9B32FF61132C2E60D, 7F9AD5AE0C23EC5AB7DD63020897646A57CD275D325D399C35001C3DAC0B147F ] C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe 23:31:53.0001 0x17d4 Turbo Key - ok 23:31:53.0048 0x17d4 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 23:31:53.0064 0x17d4 avgnt - ok 23:31:53.0064 0x17d4 [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 23:31:53.0064 0x17d4 Avira SystrayStartTrigger - ok 23:31:53.0095 0x17d4 [ B89A82FB10E98F2FDF51FA82C7366DD3, 154A791E737A878965EB50EA879BC96857EF88602D94E169A75B1A6607E6018E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 23:31:53.0110 0x17d4 Adobe ARM - ok 23:31:53.0126 0x17d4 [ 8F1099B14A83AC8980A64F08F88CE7EC, CA597149D37BE18F3F856F6DFF51720B73F32D2B9C2516D8C430749221C86C50 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 23:31:53.0142 0x17d4 SunJavaUpdateSched - ok 23:31:53.0142 0x17d4 DivXMediaServer - ok 23:31:53.0173 0x17d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 23:31:53.0188 0x17d4 Sidebar - ok 23:31:53.0204 0x17d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 23:31:53.0204 0x17d4 mctadmin - ok 23:31:53.0204 0x15b0 Object send P2P result: true 23:31:53.0204 0x15b0 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 23:31:53.0235 0x17d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 23:31:53.0251 0x17d4 Sidebar - ok 23:31:53.0251 0x17d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 23:31:53.0266 0x17d4 mctadmin - ok 23:31:53.0313 0x17d4 [ 4EB962689D7314183AA360B29FCB4DF1, 93F36D25FC8F3AD0FA5EF82955D6B1E1FE6967E00E692D2183F9AFD4FB4ED9ED ] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe 23:31:53.0344 0x17d4 Advanced SystemCare 9 - ok 23:31:53.0344 0x17d4 Skype - ok 23:31:53.0360 0x17d4 [ 5183B13D9D227ADD0036CEF80931607D, 0C6685F8F7F0035153A4511D985EC37F99488AED5DB32F535002EA03A603C415 ] D:\Program Files (x86)\Glary Utilities 5\StartupManager.exe 23:31:53.0360 0x17d4 GUDelayStartup - ok 23:31:53.0360 0x17d4 Waiting for KSN requests completion. In queue: 210 23:31:54.0374 0x17d4 Waiting for KSN requests completion. In queue: 210 23:31:55.0388 0x17d4 Waiting for KSN requests completion. In queue: 210 23:31:56.0059 0x15b0 Object send P2P result: true 23:31:56.0059 0x15b0 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 23:31:56.0402 0x17d4 Waiting for KSN requests completion. In queue: 209 23:31:56.0886 0x141c Object required for P2P: [ 5A3DE85307FB54C09C0D1D52B97916FE ] nvsvc 23:31:57.0416 0x17d4 Waiting for KSN requests completion. In queue: 184 23:31:58.0430 0x17d4 Waiting for KSN requests completion. In queue: 184 23:31:58.0929 0x15b0 Object send P2P result: true 23:31:59.0444 0x17d4 Waiting for KSN requests completion. In queue: 180 23:31:59.0756 0x141c Object send P2P result: true 23:31:59.0787 0x141c Object required for P2P: [ B89A82FB10E98F2FDF51FA82C7366DD3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 23:32:00.0458 0x17d4 Waiting for KSN requests completion. In queue: 8 23:32:01.0472 0x17d4 Waiting for KSN requests completion. In queue: 8 23:32:02.0486 0x17d4 Waiting for KSN requests completion. In queue: 8 23:32:02.0626 0x141c Object send P2P result: true 23:32:02.0626 0x141c Object required for P2P: [ 8F1099B14A83AC8980A64F08F88CE7EC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 23:32:03.0500 0x17d4 Waiting for KSN requests completion. In queue: 7 23:32:04.0514 0x17d4 Waiting for KSN requests completion. In queue: 7 23:32:05.0481 0x141c Object send P2P result: true 23:32:05.0606 0x17d4 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 23:32:05.0622 0x17d4 Win FW state via NFP2: disabled ( trusted ) 23:32:08.0398 0x17d4 ============================================================ 23:32:08.0398 0x17d4 Scan finished 23:32:08.0398 0x17d4 ============================================================ 23:32:08.0398 0x1790 Detected object count: 0 23:32:08.0398 0x1790 Actual detected object count: 0 23:33:44.0901 0x1478 ============================================================ 23:33:44.0901 0x1478 Scan started 23:33:44.0901 0x1478 Mode: Manual; SigCheck; TDLFS; 23:33:44.0901 0x1478 ============================================================ 23:33:44.0901 0x1478 KSN ping started 23:33:47.0646 0x1478 KSN ping finished: true 23:33:48.0395 0x1478 ================ Scan system memory ======================== 23:33:48.0395 0x1478 System memory - ok 23:33:48.0395 0x1478 ================ Scan services ============================= 23:33:48.0426 0x1478 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 23:33:48.0551 0x1478 1394ohci - ok 23:33:48.0567 0x1478 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 23:33:48.0582 0x1478 ACPI - ok 23:33:48.0582 0x1478 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 23:33:48.0614 0x1478 AcpiPmi - ok 23:33:48.0614 0x1478 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 23:33:48.0629 0x1478 AdobeARMservice - ok 23:33:48.0660 0x1478 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 23:33:48.0676 0x1478 AdobeFlashPlayerUpdateSvc - ok 23:33:48.0692 0x1478 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 23:33:48.0707 0x1478 adp94xx - ok 23:33:48.0723 0x1478 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 23:33:48.0738 0x1478 adpahci - ok 23:33:48.0754 0x1478 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 23:33:48.0770 0x1478 adpu320 - ok 23:33:48.0785 0x1478 [ A1936493AC94D7C4350327049ED5B953, 1D7DAD68E7DA6BC975405C47C2B1D1334C83614997559375A464BC398B6B3B51 ] AdvancedSystemCareService9 C:\Program Files (x86)\IObit\Advanced SystemCare\ASCService.exe 23:33:48.0816 0x1478 AdvancedSystemCareService9 - ok 23:33:48.0816 0x1478 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 23:33:48.0832 0x1478 AeLookupSvc - ok 23:33:48.0848 0x1478 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys 23:33:48.0879 0x1478 AFD - ok 23:33:48.0879 0x1478 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 23:33:48.0894 0x1478 agp440 - ok 23:33:48.0910 0x1478 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 23:33:48.0926 0x1478 ALG - ok 23:33:48.0926 0x1478 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 23:33:48.0941 0x1478 aliide - ok 23:33:48.0941 0x1478 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 23:33:48.0957 0x1478 amdide - ok 23:33:48.0957 0x1478 [ 35D34AD337A1AC46F74C3377B4CCA88E, 046695BDF540EDCA87C36EDC725615ACA99DA57558A54CAC1B49F245D702B406 ] amdide64 C:\Windows\system32\DRIVERS\amdide64.sys 23:33:48.0988 0x1478 amdide64 - ok 23:33:49.0004 0x1478 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 23:33:49.0019 0x1478 AmdK8 - ok 23:33:49.0019 0x1478 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys 23:33:49.0035 0x1478 AmdPPM - ok 23:33:49.0035 0x1478 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 23:33:49.0050 0x1478 amdsata - ok 23:33:49.0066 0x1478 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 23:33:49.0082 0x1478 amdsbs - ok 23:33:49.0082 0x1478 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 23:33:49.0097 0x1478 amdxata - ok 23:33:49.0128 0x1478 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe 23:33:49.0160 0x1478 AntiVirMailService - ok 23:33:49.0160 0x1478 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService 23:33:51.0999 0x1478 Object send P2P result: true 23:33:52.0030 0x1478 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe 23:33:52.0092 0x1478 AntiVirSchedulerService - ok 23:33:52.0092 0x1478 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService 23:33:54.0947 0x1478 Object send P2P result: true 23:33:54.0978 0x1478 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe 23:33:55.0010 0x1478 AntiVirService - ok 23:33:55.0010 0x1478 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService 23:33:57.0864 0x1478 Object send P2P result: true 23:33:57.0927 0x1478 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe 23:33:57.0974 0x1478 AntiVirWebService - ok 23:33:57.0974 0x1478 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService 23:34:00.0828 0x1478 Object send P2P result: true 23:34:00.0844 0x1478 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys 23:34:00.0875 0x1478 AppID - ok 23:34:00.0875 0x1478 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll 23:34:00.0906 0x1478 AppIDSvc - ok 23:34:00.0906 0x1478 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll 23:34:00.0922 0x1478 Appinfo - ok 23:34:00.0922 0x1478 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 23:34:00.0938 0x1478 arc - ok 23:34:00.0953 0x1478 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 23:34:00.0953 0x1478 arcsas - ok 23:34:00.0969 0x1478 [ A82C01606DC27D05D9D3BFB6BB807E32, CE231637422709D927FB6FA0C4F2215B9C0E3EBBD951FB2FA97B8E64DA479B96 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys 23:34:00.0969 0x1478 AsIO - ok 23:34:00.0984 0x1478 [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys 23:34:01.0000 0x1478 asmthub3 - ok 23:34:01.0016 0x1478 [ C5DF54A0DF339BBA59A8FCAC67796DC9, A29584B43721AD02A8BBD51E9308805AA424486502AFD5C862F52D9237502D4F ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys 23:34:01.0031 0x1478 asmtxhci - ok 23:34:01.0047 0x1478 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 23:34:01.0062 0x1478 aspnet_state - ok 23:34:01.0062 0x1478 [ 798A87B2D7AD73B16B7CD968C5D1F18F, A2C1567D7BCF1280FDD827D25D4996FB55B3F2983C300BB91F3A96A3A8603446 ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe 23:34:01.0078 0x1478 AsSysCtrlService - detected UnsignedFile.Multi.Generic ( 1 ) 23:34:01.0078 0x1478 Detect skipped due to KSN trusted 23:34:01.0078 0x1478 AsSysCtrlService - ok 23:34:01.0078 0x1478 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 23:34:01.0125 0x1478 AsyncMac - ok 23:34:01.0140 0x1478 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 23:34:01.0140 0x1478 atapi - ok 23:34:01.0265 0x1478 [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys 23:34:01.0390 0x1478 atikmdag - ok 23:34:01.0421 0x1478 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 23:34:01.0452 0x1478 AudioEndpointBuilder - ok 23:34:01.0484 0x1478 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll 23:34:01.0499 0x1478 AudioSrv - ok 23:34:01.0515 0x1478 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys 23:34:01.0530 0x1478 avgntflt - ok 23:34:01.0530 0x1478 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys 23:34:01.0546 0x1478 avipbb - ok 23:34:01.0562 0x1478 [ 6C4B9A2FF6924405E9ABFB558049D4DD, 9AB314B9ECF41832589726556A93CEAAE2AE774B1738A46A027E833B73A72118 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe 23:34:01.0577 0x1478 Avira.ServiceHost - ok 23:34:01.0577 0x1478 Object required for P2P: [ 6C4B9A2FF6924405E9ABFB558049D4DD ] Avira.ServiceHost 23:34:04.0432 0x1478 Object send P2P result: true 23:34:04.0448 0x1478 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys 23:34:04.0479 0x1478 avkmgr - ok 23:34:04.0479 0x1478 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys 23:34:04.0510 0x1478 avnetflt - ok 23:34:04.0510 0x1478 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 23:34:04.0541 0x1478 AxInstSV - ok 23:34:04.0557 0x1478 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 23:34:04.0572 0x1478 b06bdrv - ok 23:34:04.0588 0x1478 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 23:34:04.0604 0x1478 b57nd60a - ok 23:34:04.0619 0x1478 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 23:34:04.0635 0x1478 BDESVC - ok 23:34:04.0635 0x1478 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 23:34:04.0666 0x1478 Beep - ok 23:34:04.0682 0x1478 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 23:34:04.0713 0x1478 BFE - ok 23:34:04.0713 0x1478 [ 07132255ADCB05CD7078B6C7B7215058, 85BE5A3E055FA61B53C70D2967C47E2A9F761B717FD94489D49A68FCDEEDFF6A ] BfEdge7x64 C:\Windows\system32\DRIVERS\Edge7x64.sys 23:34:04.0728 0x1478 BfEdge7x64 - ok 23:34:04.0744 0x1478 [ 33B114FC0394358DB521828B6F6ACC54, 3EF2AB62A23BDB2C5976B5C470E48FCD11154C1CCFC5633CA90C08D32E97D330 ] BFN7x64 C:\Windows\system32\DRIVERS\Xeno7x64.sys 23:34:04.0760 0x1478 BFN7x64 - ok 23:34:04.0775 0x1478 [ 16FF3A2135B87D448ED197A1D6C2FDCE, 36DE3AB5315DAB683E26405775E2AB3BBBBDC4C9703E126E53E608128044D4FE ] Bigfoot Networks Killer Service D:\Program Files\Bigfoot Networks\Killer Network Manager\BFNService.exe 23:34:04.0791 0x1478 Bigfoot Networks Killer Service - detected UnsignedFile.Multi.Generic ( 1 ) 23:34:04.0853 0x1478 Bigfoot Networks Killer Service ( UnsignedFile.Multi.Generic ) - warning 23:34:07.0692 0x1478 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 23:34:07.0786 0x1478 BITS - ok 23:34:07.0802 0x1478 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 23:34:07.0817 0x1478 blbdrive - ok 23:34:07.0817 0x1478 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 23:34:07.0833 0x1478 bowser - ok 23:34:07.0833 0x1478 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 23:34:07.0848 0x1478 BrFiltLo - ok 23:34:07.0864 0x1478 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 23:34:07.0880 0x1478 BrFiltUp - ok 23:34:07.0880 0x1478 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 23:34:07.0895 0x1478 Browser - ok 23:34:07.0911 0x1478 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 23:34:07.0926 0x1478 Brserid - ok 23:34:07.0942 0x1478 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 23:34:07.0958 0x1478 BrSerWdm - ok 23:34:07.0958 0x1478 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 23:34:07.0973 0x1478 BrUsbMdm - ok 23:34:07.0973 0x1478 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 23:34:07.0989 0x1478 BrUsbSer - ok 23:34:07.0989 0x1478 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 23:34:08.0004 0x1478 BTHMODEM - ok 23:34:08.0020 0x1478 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 23:34:08.0051 0x1478 bthserv - ok 23:34:08.0051 0x1478 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 23:34:08.0082 0x1478 cdfs - ok 23:34:08.0098 0x1478 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 23:34:08.0114 0x1478 cdrom - ok 23:34:08.0114 0x1478 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 23:34:08.0145 0x1478 CertPropSvc - ok 23:34:08.0160 0x1478 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 23:34:08.0176 0x1478 circlass - ok 23:34:08.0176 0x1478 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys 23:34:08.0207 0x1478 CLFS - ok 23:34:08.0207 0x1478 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 23:34:08.0223 0x1478 clr_optimization_v2.0.50727_32 - ok 23:34:08.0238 0x1478 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 23:34:08.0238 0x1478 clr_optimization_v2.0.50727_64 - ok 23:34:08.0254 0x1478 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 23:34:08.0270 0x1478 clr_optimization_v4.0.30319_32 - ok 23:34:08.0270 0x1478 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 23:34:08.0301 0x1478 clr_optimization_v4.0.30319_64 - ok 23:34:08.0301 0x1478 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 23:34:08.0316 0x1478 CmBatt - ok 23:34:08.0441 0x1478 [ 3BE967B88EFD7F1AE2E60A7AAA941E50, C3751F9E1A463D6EE8B5A5DA71FA07F103BE116147E65986B7A14F60FFA2492B ] CmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe 23:34:08.0597 0x1478 CmdAgent - ok 23:34:08.0613 0x1478 [ E647139EA5C54D2245074DBD551DF637, 53F1F98E1CF6234FDB3890A78C8D0343EE6E4CF538A7D504726A63D6A139AED8 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys 23:34:08.0628 0x1478 cmderd - ok 23:34:08.0644 0x1478 [ 5BDC0D839189FC02412291885FC00DEB, 405E7DADCD1132C0CF4DFA4E41A700313A76E97E59331E284D7087A54D786E13 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys 23:34:08.0675 0x1478 cmdGuard - ok 23:34:08.0675 0x1478 [ D68EAB573AC627A87DC89528A81465FB, 232BA61F0F9889C280E7B66EFAE5F6EB2B29B28FC2CCA8867AE4A1EEB99108BA ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys 23:34:08.0691 0x1478 cmdHlp - ok 23:34:08.0691 0x1478 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 23:34:08.0706 0x1478 cmdide - ok 23:34:08.0769 0x1478 [ 5D97D2938DD414D5F76B521AE4F91F3A, C2B7C533DE0D88360E18964C0EC68FA9D244149406A259F84C0489C61C83FA48 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe 23:34:08.0831 0x1478 cmdvirth - ok 23:34:08.0847 0x1478 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys 23:34:08.0878 0x1478 CNG - ok 23:34:08.0878 0x1478 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 23:34:08.0894 0x1478 Compbatt - ok 23:34:08.0894 0x1478 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 23:34:08.0909 0x1478 CompositeBus - ok 23:34:08.0909 0x1478 COMSysApp - ok 23:34:08.0909 0x1478 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 23:34:08.0925 0x1478 crcdisk - ok 23:34:08.0940 0x1478 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll 23:34:08.0956 0x1478 CryptSvc - ok 23:34:08.0972 0x1478 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 23:34:09.0018 0x1478 DcomLaunch - ok 23:34:09.0034 0x1478 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 23:34:09.0065 0x1478 defragsvc - ok 23:34:09.0065 0x1478 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 23:34:09.0112 0x1478 DfsC - ok 23:34:09.0112 0x1478 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 23:34:09.0143 0x1478 Dhcp - ok 23:34:09.0174 0x1478 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll 23:34:09.0221 0x1478 DiagTrack - ok 23:34:09.0221 0x1478 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 23:34:09.0268 0x1478 discache - ok 23:34:09.0268 0x1478 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 23:34:09.0284 0x1478 Disk - ok 23:34:09.0284 0x1478 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 23:34:09.0315 0x1478 Dnscache - ok 23:34:09.0315 0x1478 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 23:34:09.0346 0x1478 dot3svc - ok 23:34:09.0362 0x1478 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 23:34:09.0393 0x1478 DPS - ok 23:34:09.0393 0x1478 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 23:34:09.0408 0x1478 drmkaud - ok 23:34:09.0424 0x1478 [ FE71C99A5830F94D77A8792741D6E6C7, 4DB1E0FDC9E6CEFEB1D588668EA6161A977C372D841E7B87098CF90AA679ABFB ] DrvAgent64 C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS 23:34:09.0440 0x1478 DrvAgent64 - detected UnsignedFile.Multi.Generic ( 1 ) 23:34:09.0440 0x1478 Detect skipped due to KSN trusted 23:34:09.0440 0x1478 DrvAgent64 - ok 23:34:09.0471 0x1478 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 23:34:09.0502 0x1478 DXGKrnl - ok 23:34:09.0502 0x1478 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 23:34:09.0533 0x1478 EapHost - ok 23:34:09.0627 0x1478 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 23:34:09.0705 0x1478 ebdrv - ok 23:34:09.0720 0x1478 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe 23:34:09.0736 0x1478 EFS - ok 23:34:09.0752 0x1478 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 23:34:09.0783 0x1478 ehRecvr - ok 23:34:09.0798 0x1478 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 23:34:09.0814 0x1478 ehSched - ok 23:34:09.0830 0x1478 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 23:34:09.0845 0x1478 elxstor - ok 23:34:09.0845 0x1478 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 23:34:09.0861 0x1478 ErrDev - ok 23:34:09.0876 0x1478 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 23:34:09.0923 0x1478 EventSystem - ok 23:34:09.0939 0x1478 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 23:34:09.0970 0x1478 exfat - ok 23:34:09.0970 0x1478 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 23:34:10.0017 0x1478 fastfat - ok 23:34:10.0032 0x1478 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 23:34:10.0064 0x1478 Fax - ok 23:34:10.0064 0x1478 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 23:34:10.0079 0x1478 fdc - ok 23:34:10.0079 0x1478 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 23:34:10.0110 0x1478 fdPHost - ok 23:34:10.0126 0x1478 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 23:34:10.0157 0x1478 FDResPub - ok 23:34:10.0157 0x1478 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 23:34:10.0173 0x1478 FileInfo - ok 23:34:10.0173 0x1478 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 23:34:10.0204 0x1478 Filetrace - ok 23:34:10.0220 0x1478 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 23:34:10.0220 0x1478 flpydisk - ok 23:34:10.0235 0x1478 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 23:34:10.0251 0x1478 FltMgr - ok 23:34:10.0282 0x1478 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll 23:34:10.0329 0x1478 FontCache - ok 23:34:10.0329 0x1478 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 23:34:10.0344 0x1478 FontCache3.0.0.0 - ok 23:34:10.0344 0x1478 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 23:34:10.0360 0x1478 FsDepends - ok 23:34:10.0376 0x1478 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 23:34:10.0391 0x1478 Fs_Rec - ok 23:34:10.0391 0x1478 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 23:34:10.0407 0x1478 fvevol - ok 23:34:10.0422 0x1478 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 23:34:10.0438 0x1478 gagp30kx - ok 23:34:10.0454 0x1478 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 23:34:10.0500 0x1478 gpsvc - ok 23:34:10.0516 0x1478 [ 0636745A40DEA06283D45885C228AF01, 514EF6F912CB9BF552AE109739BC02A2BC46B4784C65BC3C0B03DB6F60BBF380 ] GUBootStartup C:\Windows\System32\drivers\GUBootStartup.sys 23:34:10.0516 0x1478 GUBootStartup - ok 23:34:10.0532 0x1478 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 23:34:10.0547 0x1478 hcw85cir - ok 23:34:10.0563 0x1478 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 23:34:10.0594 0x1478 HdAudAddService - ok 23:34:10.0594 0x1478 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 23:34:10.0625 0x1478 HDAudBus - ok 23:34:10.0625 0x1478 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 23:34:10.0641 0x1478 HidBatt - ok 23:34:10.0641 0x1478 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 23:34:10.0656 0x1478 HidBth - ok 23:34:10.0656 0x1478 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 23:34:10.0688 0x1478 HidIr - ok 23:34:10.0688 0x1478 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 23:34:10.0719 0x1478 hidserv - ok 23:34:10.0734 0x1478 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 23:34:10.0734 0x1478 HidUsb - ok 23:34:10.0750 0x1478 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 23:34:10.0781 0x1478 hkmsvc - ok 23:34:10.0797 0x1478 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 23:34:10.0812 0x1478 HomeGroupListener - ok 23:34:10.0812 0x1478 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 23:34:10.0844 0x1478 HomeGroupProvider - ok 23:34:10.0844 0x1478 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 23:34:10.0859 0x1478 HpSAMD - ok 23:34:10.0875 0x1478 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys 23:34:10.0906 0x1478 HTTP - ok 23:34:10.0906 0x1478 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 23:34:10.0922 0x1478 hwpolicy - ok 23:34:10.0922 0x1478 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 23:34:10.0937 0x1478 i8042prt - ok 23:34:10.0953 0x1478 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 23:34:10.0984 0x1478 iaStorV - ok 23:34:11.0000 0x1478 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 23:34:11.0031 0x1478 idsvc - ok 23:34:11.0031 0x1478 IEEtwCollectorService - ok 23:34:11.0046 0x1478 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 23:34:11.0046 0x1478 iirsp - ok 23:34:11.0078 0x1478 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 23:34:11.0109 0x1478 IKEEXT - ok 23:34:11.0124 0x1478 [ E973F9A8734ABAB33BE777CE940F9562, FA9E44AF737BC42467E734A50A48A0D4176A79DB54DBBA3504674F1E3568AC73 ] inspect C:\Windows\system32\DRIVERS\inspect.sys 23:34:11.0140 0x1478 inspect - ok 23:34:11.0140 0x1478 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 23:34:11.0156 0x1478 intelide - ok 23:34:11.0156 0x1478 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys 23:34:11.0171 0x1478 intelppm - ok 23:34:11.0171 0x1478 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 23:34:11.0202 0x1478 IPBusEnum - ok 23:34:11.0218 0x1478 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 23:34:11.0249 0x1478 IpFilterDriver - ok 23:34:11.0265 0x1478 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 23:34:11.0296 0x1478 iphlpsvc - ok 23:34:11.0296 0x1478 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 23:34:11.0312 0x1478 IPMIDRV - ok 23:34:11.0312 0x1478 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 23:34:11.0358 0x1478 IPNAT - ok 23:34:11.0358 0x1478 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 23:34:11.0374 0x1478 IRENUM - ok 23:34:11.0374 0x1478 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 23:34:11.0390 0x1478 isapnp - ok 23:34:11.0405 0x1478 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 23:34:11.0421 0x1478 iScsiPrt - ok 23:34:11.0421 0x1478 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 23:34:11.0436 0x1478 kbdclass - ok 23:34:11.0436 0x1478 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 23:34:11.0452 0x1478 kbdhid - ok 23:34:11.0452 0x1478 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe 23:34:11.0468 0x1478 KeyIso - ok 23:34:11.0483 0x1478 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 23:34:11.0499 0x1478 KSecDD - ok 23:34:11.0499 0x1478 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 23:34:11.0514 0x1478 KSecPkg - ok 23:34:11.0514 0x1478 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 23:34:11.0546 0x1478 ksthunk - ok 23:34:11.0561 0x1478 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 23:34:11.0608 0x1478 KtmRm - ok 23:34:11.0608 0x1478 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 23:34:11.0655 0x1478 LanmanServer - ok 23:34:11.0655 0x1478 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 23:34:11.0702 0x1478 LanmanWorkstation - ok 23:34:11.0702 0x1478 [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys 23:34:11.0717 0x1478 LGBusEnum - ok 23:34:11.0717 0x1478 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys 23:34:11.0733 0x1478 LGCoreTemp - ok 23:34:11.0733 0x1478 [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys 23:34:11.0764 0x1478 LGJoyXlCore - ok 23:34:11.0764 0x1478 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys 23:34:11.0780 0x1478 LGSHidFilt - ok 23:34:11.0780 0x1478 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys 23:34:11.0795 0x1478 LGSUsbFilt - ok 23:34:11.0795 0x1478 [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys 23:34:11.0811 0x1478 LGVirHid - ok 23:34:11.0889 0x1478 [ C2BDC7EA68CAE9E9A088F77BAC88FB92, EBD7B98C00DD320DAAD39C15A8D9D49CB9F3691BF41F1553039F4060BAB29A24 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 23:34:11.0967 0x1478 LiveUpdateSvc - ok 23:34:11.0967 0x1478 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 23:34:12.0014 0x1478 lltdio - ok 23:34:12.0014 0x1478 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 23:34:12.0060 0x1478 lltdsvc - ok 23:34:12.0076 0x1478 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 23:34:12.0107 0x1478 lmhosts - ok 23:34:12.0107 0x1478 [ F22EC985B9BE0788B5DB4F0162131CCF, 015A5E0396240373ED9EC5026C53CD5E03AE31688A984C47E071704B0FE8D552 ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe 23:34:12.0123 0x1478 LogiRegistryService - ok 23:34:12.0138 0x1478 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 23:34:12.0154 0x1478 LSI_FC - ok 23:34:12.0154 0x1478 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 23:34:12.0170 0x1478 LSI_SAS - ok 23:34:12.0170 0x1478 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 23:34:12.0185 0x1478 LSI_SAS2 - ok 23:34:12.0185 0x1478 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 23:34:12.0201 0x1478 LSI_SCSI - ok 23:34:12.0216 0x1478 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 23:34:12.0248 0x1478 luafv - ok 23:34:12.0248 0x1478 [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector C:\Windows\system32\drivers\mbam.sys 23:34:12.0263 0x1478 MBAMProtector - ok 23:34:12.0294 0x1478 [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService D:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe 23:34:12.0326 0x1478 MBAMService - ok 23:34:12.0341 0x1478 [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys 23:34:12.0341 0x1478 MBAMWebAccessControl - ok 23:34:12.0357 0x1478 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 23:34:12.0372 0x1478 Mcx2Svc - ok 23:34:12.0372 0x1478 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 23:34:12.0388 0x1478 megasas - ok 23:34:12.0404 0x1478 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 23:34:12.0419 0x1478 MegaSR - ok 23:34:12.0419 0x1478 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 23:34:12.0466 0x1478 MMCSS - ok 23:34:12.0466 0x1478 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 23:34:12.0497 0x1478 Modem - ok 23:34:12.0497 0x1478 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 23:34:12.0513 0x1478 monitor - ok 23:34:12.0513 0x1478 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 23:34:12.0528 0x1478 mouclass - ok 23:34:12.0544 0x1478 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 23:34:12.0544 0x1478 mouhid - ok 23:34:12.0560 0x1478 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 23:34:12.0575 0x1478 mountmgr - ok 23:34:12.0575 0x1478 [ D917B49A7EEA56FC7F4C11F3A2E11806, DA8887394162CA3BD6414362498C5A8B8145E5CB67E78C554AD65FE77181EF76 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 23:34:12.0591 0x1478 MozillaMaintenance - ok 23:34:12.0606 0x1478 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 23:34:12.0622 0x1478 mpio - ok 23:34:12.0622 0x1478 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 23:34:12.0653 0x1478 mpsdrv - ok 23:34:12.0669 0x1478 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 23:34:12.0731 0x1478 MpsSvc - ok 23:34:12.0731 0x1478 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 23:34:12.0747 0x1478 MRxDAV - ok 23:34:12.0762 0x1478 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 23:34:12.0778 0x1478 mrxsmb - ok 23:34:12.0794 0x1478 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 23:34:12.0809 0x1478 mrxsmb10 - ok 23:34:12.0809 0x1478 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 23:34:12.0825 0x1478 mrxsmb20 - ok 23:34:12.0840 0x1478 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 23:34:12.0840 0x1478 msahci - ok 23:34:12.0856 0x1478 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 23:34:12.0872 0x1478 msdsm - ok 23:34:12.0872 0x1478 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 23:34:12.0887 0x1478 MSDTC - ok 23:34:12.0903 0x1478 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 23:34:12.0934 0x1478 Msfs - ok 23:34:12.0934 0x1478 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 23:34:12.0965 0x1478 mshidkmdf - ok 23:34:12.0965 0x1478 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 23:34:12.0981 0x1478 msisadrv - ok 23:34:12.0981 0x1478 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 23:34:13.0028 0x1478 MSiSCSI - ok 23:34:13.0028 0x1478 msiserver - ok 23:34:13.0028 0x1478 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 23:34:13.0059 0x1478 MSKSSRV - ok 23:34:13.0059 0x1478 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 23:34:13.0090 0x1478 MSPCLOCK - ok 23:34:13.0106 0x1478 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 23:34:13.0137 0x1478 MSPQM - ok 23:34:13.0137 0x1478 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 23:34:13.0168 0x1478 MsRPC - ok 23:34:13.0168 0x1478 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 23:34:13.0184 0x1478 mssmbios - ok 23:34:13.0184 0x1478 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 23:34:13.0215 0x1478 MSTEE - ok 23:34:13.0215 0x1478 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 23:34:13.0230 0x1478 MTConfig - ok 23:34:13.0230 0x1478 [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys 23:34:13.0246 0x1478 MTsensor - ok 23:34:13.0246 0x1478 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 23:34:13.0262 0x1478 Mup - ok 23:34:13.0277 0x1478 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 23:34:13.0324 0x1478 napagent - ok 23:34:13.0340 0x1478 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 23:34:13.0371 0x1478 NativeWifiP - ok 23:34:13.0386 0x1478 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys 23:34:13.0418 0x1478 NDIS - ok 23:34:13.0433 0x1478 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 23:34:13.0464 0x1478 NdisCap - ok 23:34:13.0464 0x1478 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 23:34:13.0496 0x1478 NdisTapi - ok 23:34:13.0496 0x1478 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 23:34:13.0542 0x1478 Ndisuio - ok 23:34:13.0542 0x1478 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 23:34:13.0574 0x1478 NdisWan - ok 23:34:13.0589 0x1478 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 23:34:13.0620 0x1478 NDProxy - ok 23:34:13.0620 0x1478 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 23:34:13.0652 0x1478 NetBIOS - ok 23:34:13.0667 0x1478 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 23:34:13.0698 0x1478 NetBT - ok 23:34:13.0714 0x1478 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe 23:34:13.0714 0x1478 Netlogon - ok 23:34:13.0730 0x1478 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 23:34:13.0776 0x1478 Netman - ok 23:34:13.0792 0x1478 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:34:13.0808 0x1478 NetMsmqActivator - ok 23:34:13.0808 0x1478 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:34:13.0823 0x1478 NetPipeActivator - ok 23:34:13.0839 0x1478 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 23:34:13.0886 0x1478 netprofm - ok 23:34:13.0886 0x1478 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:34:13.0901 0x1478 NetTcpActivator - ok 23:34:13.0917 0x1478 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 23:34:13.0932 0x1478 NetTcpPortSharing - ok 23:34:13.0932 0x1478 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 23:34:13.0948 0x1478 nfrd960 - ok 23:34:13.0948 0x1478 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 23:34:13.0979 0x1478 NlaSvc - ok 23:34:13.0979 0x1478 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 23:34:14.0010 0x1478 Npfs - ok 23:34:14.0010 0x1478 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 23:34:14.0042 0x1478 nsi - ok 23:34:14.0057 0x1478 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 23:34:14.0088 0x1478 nsiproxy - ok 23:34:14.0135 0x1478 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 23:34:14.0182 0x1478 Ntfs - ok 23:34:14.0182 0x1478 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 23:34:14.0213 0x1478 Null - ok 23:34:14.0229 0x1478 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 23:34:14.0244 0x1478 NVHDA - ok 23:34:14.0510 0x1478 [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 23:34:14.0759 0x1478 nvlddmkm - ok 23:34:14.0790 0x1478 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 23:34:14.0806 0x1478 nvraid - ok 23:34:14.0806 0x1478 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 23:34:14.0822 0x1478 nvstor - ok 23:34:14.0853 0x1478 [ 5A3DE85307FB54C09C0D1D52B97916FE, EAE8FF99337557F60078F94F952BAC48880CA279A763FD14E098E34B4EE8534F ] nvsvc C:\Windows\system32\nvvsvc.exe 23:34:14.0884 0x1478 nvsvc - ok 23:34:14.0884 0x1478 Object required for P2P: [ 5A3DE85307FB54C09C0D1D52B97916FE ] nvsvc 23:34:17.0723 0x1478 Object send P2P result: true 23:34:17.0739 0x1478 nvvad_WaveExtensible - ok 23:34:17.0755 0x1478 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 23:34:17.0770 0x1478 nv_agp - ok 23:34:17.0770 0x1478 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 23:34:17.0786 0x1478 ohci1394 - ok 23:34:17.0801 0x1478 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 23:34:17.0833 0x1478 p2pimsvc - ok 23:34:17.0848 0x1478 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 23:34:17.0864 0x1478 p2psvc - ok 23:34:17.0864 0x1478 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 23:34:17.0895 0x1478 Parport - ok 23:34:17.0895 0x1478 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 23:34:17.0911 0x1478 partmgr - ok 23:34:17.0911 0x1478 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll 23:34:17.0926 0x1478 PcaSvc - ok 23:34:17.0942 0x1478 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 23:34:17.0957 0x1478 pci - ok 23:34:17.0957 0x1478 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 23:34:17.0973 0x1478 pciide - ok 23:34:17.0973 0x1478 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 23:34:18.0004 0x1478 pcmcia - ok 23:34:18.0004 0x1478 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 23:34:18.0020 0x1478 pcw - ok 23:34:18.0035 0x1478 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 23:34:18.0067 0x1478 PEAUTH - ok 23:34:18.0082 0x1478 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 23:34:18.0098 0x1478 PerfHost - ok 23:34:18.0145 0x1478 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 23:34:18.0207 0x1478 pla - ok 23:34:18.0223 0x1478 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 23:34:18.0238 0x1478 PlugPlay - ok 23:34:18.0254 0x1478 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 23:34:18.0269 0x1478 PNRPAutoReg - ok 23:34:18.0269 0x1478 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 23:34:18.0301 0x1478 PNRPsvc - ok 23:34:18.0316 0x1478 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 23:34:18.0363 0x1478 PolicyAgent - ok 23:34:18.0363 0x1478 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 23:34:18.0410 0x1478 Power - ok 23:34:18.0410 0x1478 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 23:34:18.0441 0x1478 PptpMiniport - ok 23:34:18.0457 0x1478 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 23:34:18.0472 0x1478 Processor - ok 23:34:18.0472 0x1478 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 23:34:18.0488 0x1478 ProfSvc - ok 23:34:18.0503 0x1478 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe 23:34:18.0519 0x1478 ProtectedStorage - ok 23:34:18.0519 0x1478 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 23:34:18.0550 0x1478 Psched - ok 23:34:18.0597 0x1478 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 23:34:18.0644 0x1478 ql2300 - ok 23:34:18.0644 0x1478 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 23:34:18.0659 0x1478 ql40xx - ok 23:34:18.0675 0x1478 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 23:34:18.0691 0x1478 QWAVE - ok 23:34:18.0706 0x1478 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 23:34:18.0722 0x1478 QWAVEdrv - ok 23:34:18.0722 0x1478 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 23:34:18.0753 0x1478 RasAcd - ok 23:34:18.0753 0x1478 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 23:34:18.0784 0x1478 RasAgileVpn - ok 23:34:18.0800 0x1478 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 23:34:18.0831 0x1478 RasAuto - ok 23:34:18.0831 0x1478 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 23:34:18.0878 0x1478 Rasl2tp - ok 23:34:18.0878 0x1478 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 23:34:18.0925 0x1478 RasMan - ok 23:34:18.0925 0x1478 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 23:34:18.0971 0x1478 RasPppoe - ok 23:34:18.0971 0x1478 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 23:34:19.0003 0x1478 RasSstp - ok 23:34:19.0018 0x1478 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 23:34:19.0049 0x1478 rdbss - ok 23:34:19.0049 0x1478 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 23:34:19.0065 0x1478 rdpbus - ok 23:34:19.0081 0x1478 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 23:34:19.0112 0x1478 RDPCDD - ok 23:34:19.0112 0x1478 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 23:34:19.0143 0x1478 RDPENCDD - ok 23:34:19.0143 0x1478 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 23:34:19.0174 0x1478 RDPREFMP - ok 23:34:19.0190 0x1478 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 23:34:19.0205 0x1478 RdpVideoMiniport - ok 23:34:19.0205 0x1478 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 23:34:19.0237 0x1478 RDPWD - ok 23:34:19.0237 0x1478 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 23:34:19.0252 0x1478 rdyboost - ok 23:34:19.0268 0x1478 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 23:34:19.0299 0x1478 RemoteAccess - ok 23:34:19.0299 0x1478 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 23:34:19.0346 0x1478 RemoteRegistry - ok 23:34:19.0346 0x1478 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 23:34:19.0377 0x1478 RpcEptMapper - ok 23:34:19.0377 0x1478 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 23:34:19.0393 0x1478 RpcLocator - ok 23:34:19.0408 0x1478 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 23:34:19.0455 0x1478 RpcSs - ok 23:34:19.0471 0x1478 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 23:34:19.0502 0x1478 rspndr - ok 23:34:19.0502 0x1478 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe 23:34:19.0517 0x1478 SamSs - ok 23:34:19.0533 0x1478 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 23:34:19.0549 0x1478 sbp2port - ok 23:34:19.0549 0x1478 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 23:34:19.0580 0x1478 SCardSvr - ok 23:34:19.0595 0x1478 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 23:34:19.0627 0x1478 scfilter - ok 23:34:19.0658 0x1478 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll 23:34:19.0689 0x1478 Schedule - ok 23:34:19.0705 0x1478 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 23:34:19.0736 0x1478 SCPolicySvc - ok 23:34:19.0736 0x1478 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 23:34:19.0767 0x1478 SDRSVC - ok 23:34:19.0767 0x1478 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 23:34:19.0783 0x1478 secdrv - ok 23:34:19.0783 0x1478 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 23:34:19.0814 0x1478 seclogon - ok 23:34:19.0829 0x1478 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 23:34:19.0861 0x1478 SENS - ok 23:34:19.0861 0x1478 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 23:34:19.0876 0x1478 SensrSvc - ok 23:34:19.0876 0x1478 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 23:34:19.0892 0x1478 Serenum - ok 23:34:19.0907 0x1478 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 23:34:19.0923 0x1478 Serial - ok 23:34:19.0923 0x1478 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 23:34:19.0939 0x1478 sermouse - ok 23:34:19.0939 0x1478 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 23:34:19.0985 0x1478 SessionEnv - ok 23:34:19.0985 0x1478 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 23:34:20.0001 0x1478 sffdisk - ok 23:34:20.0001 0x1478 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 23:34:20.0017 0x1478 sffp_mmc - ok 23:34:20.0032 0x1478 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 23:34:20.0048 0x1478 sffp_sd - ok 23:34:20.0048 0x1478 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 23:34:20.0063 0x1478 sfloppy - ok 23:34:20.0063 0x1478 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 23:34:20.0110 0x1478 SharedAccess - ok 23:34:20.0126 0x1478 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 23:34:20.0157 0x1478 ShellHWDetection - ok 23:34:20.0173 0x1478 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 23:34:20.0188 0x1478 SiSRaid2 - ok 23:34:20.0188 0x1478 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 23:34:20.0204 0x1478 SiSRaid4 - ok 23:34:20.0204 0x1478 [ E77CB3736A702D46A6FB15FB4A9894E3, A341AD51825D4DB8A68ADDABE0FD17693DE387B0DA11800D427B8EA31577626C ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys 23:34:20.0219 0x1478 SmartDefragDriver - ok 23:34:20.0219 0x1478 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 23:34:20.0266 0x1478 Smb - ok 23:34:20.0266 0x1478 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 23:34:20.0282 0x1478 SNMPTRAP - ok 23:34:20.0282 0x1478 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 23:34:20.0297 0x1478 spldr - ok 23:34:20.0313 0x1478 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 23:34:20.0344 0x1478 Spooler - ok 23:34:20.0422 0x1478 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 23:34:20.0547 0x1478 sppsvc - ok 23:34:20.0563 0x1478 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 23:34:20.0594 0x1478 sppuinotify - ok 23:34:20.0609 0x1478 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 23:34:20.0625 0x1478 srv - ok 23:34:20.0641 0x1478 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 23:34:20.0672 0x1478 srv2 - ok 23:34:20.0672 0x1478 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 23:34:20.0687 0x1478 srvnet - ok 23:34:20.0703 0x1478 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 23:34:20.0734 0x1478 SSDPSRV - ok 23:34:20.0750 0x1478 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 23:34:20.0781 0x1478 SstpSvc - ok 23:34:20.0781 0x1478 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 23:34:20.0859 0x1478 stexstor - ok 23:34:20.0890 0x1478 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 23:34:20.0937 0x1478 stisvc - ok 23:34:20.0937 0x1478 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 23:34:20.0953 0x1478 swenum - ok 23:34:20.0968 0x1478 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 23:34:21.0015 0x1478 swprv - ok 23:34:21.0046 0x1478 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 23:34:21.0109 0x1478 SysMain - ok 23:34:21.0124 0x1478 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 23:34:21.0140 0x1478 TabletInputService - ok 23:34:21.0155 0x1478 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 23:34:21.0187 0x1478 TapiSrv - ok 23:34:21.0202 0x1478 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 23:34:21.0233 0x1478 TBS - ok 23:34:21.0280 0x1478 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 23:34:21.0343 0x1478 Tcpip - ok 23:34:21.0389 0x1478 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 23:34:21.0436 0x1478 TCPIP6 - ok 23:34:21.0452 0x1478 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 23:34:21.0467 0x1478 tcpipreg - ok 23:34:21.0467 0x1478 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 23:34:21.0483 0x1478 TDPIPE - ok 23:34:21.0483 0x1478 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 23:34:21.0499 0x1478 TDTCP - ok 23:34:21.0514 0x1478 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 23:34:21.0530 0x1478 tdx - ok 23:34:21.0530 0x1478 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 23:34:21.0545 0x1478 TermDD - ok 23:34:21.0561 0x1478 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 23:34:21.0592 0x1478 TermService - ok 23:34:21.0608 0x1478 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys 23:34:21.0608 0x1478 TFsExDisk - ok 23:34:21.0623 0x1478 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 23:34:21.0639 0x1478 Themes - ok 23:34:21.0639 0x1478 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 23:34:21.0670 0x1478 THREADORDER - ok 23:34:21.0686 0x1478 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 23:34:21.0717 0x1478 TrkWks - ok 23:34:21.0733 0x1478 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 23:34:21.0764 0x1478 TrustedInstaller - ok 23:34:21.0764 0x1478 [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 23:34:21.0795 0x1478 tssecsrv - ok 23:34:21.0795 0x1478 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 23:34:21.0811 0x1478 TsUsbFlt - ok 23:34:21.0811 0x1478 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 23:34:21.0826 0x1478 TsUsbGD - ok 23:34:21.0842 0x1478 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 23:34:21.0873 0x1478 tunnel - ok 23:34:21.0873 0x1478 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 23:34:21.0889 0x1478 uagp35 - ok 23:34:21.0904 0x1478 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 23:34:21.0935 0x1478 udfs - ok 23:34:21.0951 0x1478 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 23:34:21.0967 0x1478 UI0Detect - ok 23:34:21.0967 0x1478 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 23:34:21.0982 0x1478 uliagpkx - ok 23:34:21.0982 0x1478 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 23:34:21.0998 0x1478 umbus - ok 23:34:22.0013 0x1478 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 23:34:22.0029 0x1478 UmPass - ok 23:34:22.0029 0x1478 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 23:34:22.0076 0x1478 upnphost - ok 23:34:22.0076 0x1478 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 23:34:22.0091 0x1478 usbaudio - ok 23:34:22.0107 0x1478 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 23:34:22.0123 0x1478 usbccgp - ok 23:34:22.0123 0x1478 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 23:34:22.0154 0x1478 usbcir - ok 23:34:22.0154 0x1478 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 23:34:22.0169 0x1478 usbehci - ok 23:34:22.0185 0x1478 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 23:34:22.0201 0x1478 usbhub - ok 23:34:22.0201 0x1478 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys 23:34:22.0216 0x1478 usbohci - ok 23:34:22.0232 0x1478 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 23:34:22.0247 0x1478 usbprint - ok 23:34:22.0247 0x1478 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 23:34:22.0263 0x1478 USBSTOR - ok 23:34:22.0263 0x1478 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 23:34:22.0279 0x1478 usbuhci - ok 23:34:22.0294 0x1478 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 23:34:22.0325 0x1478 UxSms - ok 23:34:22.0325 0x1478 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe 23:34:22.0341 0x1478 VaultSvc - ok 23:34:22.0341 0x1478 [ C41B43417F77FCB2D2D81C9C2B9A85FE, 88EE5D47BFB2A6FE0B5C56479FA3C4B829E8ABCE0FB001C45C42E2E8B4A4EF62 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys 23:34:22.0357 0x1478 VBoxNetAdp - ok 23:34:22.0372 0x1478 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 23:34:22.0372 0x1478 vdrvroot - ok 23:34:22.0403 0x1478 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 23:34:22.0435 0x1478 vds - ok 23:34:22.0450 0x1478 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 23:34:22.0466 0x1478 vga - ok 23:34:22.0466 0x1478 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 23:34:22.0497 0x1478 VgaSave - ok 23:34:22.0513 0x1478 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 23:34:22.0528 0x1478 vhdmp - ok 23:34:22.0528 0x1478 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 23:34:22.0544 0x1478 viaide - ok 23:34:22.0544 0x1478 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 23:34:22.0559 0x1478 volmgr - ok 23:34:22.0575 0x1478 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 23:34:22.0591 0x1478 volmgrx - ok 23:34:22.0606 0x1478 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 23:34:22.0622 0x1478 volsnap - ok 23:34:22.0637 0x1478 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 23:34:22.0653 0x1478 vsmraid - ok 23:34:22.0684 0x1478 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 23:34:22.0762 0x1478 VSS - ok 23:34:22.0762 0x1478 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 23:34:22.0778 0x1478 vwifibus - ok 23:34:22.0793 0x1478 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 23:34:22.0840 0x1478 W32Time - ok 23:34:22.0840 0x1478 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 23:34:22.0856 0x1478 WacomPen - ok 23:34:22.0871 0x1478 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 23:34:22.0903 0x1478 WANARP - ok 23:34:22.0903 0x1478 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 23:34:22.0934 0x1478 Wanarpv6 - ok 23:34:22.0981 0x1478 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 23:34:23.0027 0x1478 wbengine - ok 23:34:23.0043 0x1478 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 23:34:23.0059 0x1478 WbioSrvc - ok 23:34:23.0074 0x1478 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 23:34:23.0105 0x1478 wcncsvc - ok 23:34:23.0105 0x1478 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 23:34:23.0121 0x1478 WcsPlugInService - ok 23:34:23.0121 0x1478 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 23:34:23.0137 0x1478 Wd - ok 23:34:23.0152 0x1478 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 23:34:23.0183 0x1478 Wdf01000 - ok 23:34:23.0199 0x1478 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 23:34:23.0215 0x1478 WdiServiceHost - ok 23:34:23.0215 0x1478 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 23:34:23.0230 0x1478 WdiSystemHost - ok 23:34:23.0246 0x1478 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 23:34:23.0261 0x1478 WebClient - ok 23:34:23.0277 0x1478 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 23:34:23.0324 0x1478 Wecsvc - ok 23:34:23.0324 0x1478 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 23:34:23.0355 0x1478 wercplsupport - ok 23:34:23.0371 0x1478 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 23:34:23.0402 0x1478 WerSvc - ok 23:34:23.0402 0x1478 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 23:34:23.0433 0x1478 WfpLwf - ok 23:34:23.0449 0x1478 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 23:34:23.0449 0x1478 WIMMount - ok 23:34:23.0464 0x1478 WinDefend - ok 23:34:23.0464 0x1478 WinHttpAutoProxySvc - ok 23:34:23.0480 0x1478 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 23:34:23.0511 0x1478 Winmgmt - ok 23:34:23.0573 0x1478 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 23:34:23.0636 0x1478 WinRM - ok 23:34:23.0667 0x1478 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 23:34:23.0698 0x1478 Wlansvc - ok 23:34:23.0714 0x1478 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys 23:34:23.0729 0x1478 WmiAcpi - ok 23:34:23.0729 0x1478 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 23:34:23.0745 0x1478 wmiApSrv - ok 23:34:23.0761 0x1478 WMPNetworkSvc - ok 23:34:23.0761 0x1478 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 23:34:23.0776 0x1478 WPCSvc - ok 23:34:23.0776 0x1478 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 23:34:23.0807 0x1478 WPDBusEnum - ok 23:34:23.0807 0x1478 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 23:34:23.0839 0x1478 ws2ifsl - ok 23:34:23.0854 0x1478 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 23:34:23.0870 0x1478 wscsvc - ok 23:34:23.0870 0x1478 WSearch - ok 23:34:23.0948 0x1478 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll 23:34:24.0010 0x1478 wuauserv - ok 23:34:24.0026 0x1478 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 23:34:24.0041 0x1478 WudfPf - ok 23:34:24.0057 0x1478 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 23:34:24.0073 0x1478 WUDFRd - ok 23:34:24.0073 0x1478 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 23:34:24.0088 0x1478 wudfsvc - ok 23:34:24.0104 0x1478 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 23:34:24.0119 0x1478 WwanSvc - ok 23:34:24.0119 0x1478 ================ Scan global =============================== 23:34:24.0135 0x1478 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 23:34:24.0135 0x1478 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 23:34:24.0151 0x1478 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll 23:34:24.0166 0x1478 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 23:34:24.0166 0x1478 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe 23:34:24.0182 0x1478 [ Global ] - ok 23:34:24.0182 0x1478 ================ Scan MBR ================================== 23:34:24.0182 0x1478 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 23:34:24.0244 0x1478 \Device\Harddisk0\DR0 - ok 23:34:24.0244 0x1478 ================ Scan VBR ================================== 23:34:24.0260 0x1478 [ 1CD9262CC1979B417EE02E027F64EA31 ] \Device\Harddisk0\DR0\Partition1 23:34:24.0260 0x1478 \Device\Harddisk0\DR0\Partition1 - ok 23:34:24.0260 0x1478 [ 2B4978EB15155FDCCB5E98C06304ED09 ] \Device\Harddisk0\DR0\Partition2 23:34:24.0260 0x1478 \Device\Harddisk0\DR0\Partition2 - ok 23:34:24.0260 0x1478 ================ Scan generic autorun ====================== 23:34:24.0634 0x1478 [ 9CFD0AFEA08FFEA16F3EFFC94D5B3DEF, AB7879DDA9D516C2B124640B1D34557A8BAD244423867E8390D29FFF6858A865 ] C:\Program Files\Logitech Gaming Software\LCore.exe 23:34:24.0977 0x1478 Launch LCore - ok 23:34:25.0040 0x1478 [ 73BB7AC752D393494565A56A91B986CA, 5286A7B1719F2735C84212B5C8BC2BC57B03E9E7C4DF779EF582629DCBD01785 ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe 23:34:25.0071 0x1478 COMODO Internet Security - ok 23:34:25.0118 0x1478 [ 80F72159E0EB98A9B32FF61132C2E60D, 7F9AD5AE0C23EC5AB7DD63020897646A57CD275D325D399C35001C3DAC0B147F ] C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe 23:34:25.0165 0x1478 Turbo Key - detected UnsignedFile.Multi.Generic ( 1 ) 23:34:25.0165 0x1478 Detect skipped due to KSN trusted 23:34:25.0165 0x1478 Turbo Key - ok 23:34:25.0196 0x1478 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe 23:34:25.0227 0x1478 avgnt - ok 23:34:25.0227 0x1478 [ A8E69DA21AEEB9DAA55D90E87AC1A549, 175AF750A1DF53555D0CB6C61312CEE37E2CB182873041A8AE38C57EA01DC2F5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe 23:34:25.0243 0x1478 Avira SystrayStartTrigger - ok 23:34:25.0274 0x1478 [ B89A82FB10E98F2FDF51FA82C7366DD3, 154A791E737A878965EB50EA879BC96857EF88602D94E169A75B1A6607E6018E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 23:34:25.0305 0x1478 Adobe ARM - ok 23:34:25.0305 0x1478 Object required for P2P: [ B89A82FB10E98F2FDF51FA82C7366DD3 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 23:34:28.0160 0x1478 Object send P2P result: true 23:34:28.0207 0x1478 [ 8F1099B14A83AC8980A64F08F88CE7EC, CA597149D37BE18F3F856F6DFF51720B73F32D2B9C2516D8C430749221C86C50 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 23:34:28.0238 0x1478 SunJavaUpdateSched - ok 23:34:28.0238 0x1478 Object required for P2P: [ 8F1099B14A83AC8980A64F08F88CE7EC ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 23:34:31.0139 0x1478 Object send P2P result: true 23:34:31.0139 0x1478 DivXMediaServer - ok 23:34:31.0186 0x1478 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 23:34:31.0233 0x1478 Sidebar - ok 23:34:31.0249 0x1478 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 23:34:31.0264 0x1478 mctadmin - ok 23:34:31.0295 0x1478 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 23:34:31.0342 0x1478 Sidebar - ok 23:34:31.0342 0x1478 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 23:34:31.0358 0x1478 mctadmin - ok 23:34:31.0420 0x1478 [ 4EB962689D7314183AA360B29FCB4DF1, 93F36D25FC8F3AD0FA5EF82955D6B1E1FE6967E00E692D2183F9AFD4FB4ED9ED ] C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe 23:34:31.0467 0x1478 Advanced SystemCare 9 - ok 23:34:31.0467 0x1478 Skype - ok 23:34:31.0467 0x1478 [ 5183B13D9D227ADD0036CEF80931607D, 0C6685F8F7F0035153A4511D985EC37F99488AED5DB32F535002EA03A603C415 ] D:\Program Files (x86)\Glary Utilities 5\StartupManager.exe 23:34:31.0483 0x1478 GUDelayStartup - ok 23:34:31.0483 0x1478 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated ) 23:34:31.0498 0x1478 Win FW state via NFP2: disabled ( trusted ) 23:34:34.0291 0x1478 ============================================================ 23:34:34.0291 0x1478 Scan finished 23:34:34.0291 0x1478 ============================================================ 23:34:34.0291 0x1380 Detected object count: 1 23:34:34.0291 0x1380 Actual detected object count: 1 23:35:02.0199 0x1380 Bigfoot Networks Killer Service ( UnsignedFile.Multi.Generic ) - skipped by user 23:35:02.0199 0x1380 Bigfoot Networks Killer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 23:35:18.0189 0x1788 Deinitialize success hoffe hab alles richtig gemacht gefunden wurde wohl nichts. Gruß Heinz |
|
02.12.2015, 16:57
| #15 |
| /// the machine /// TB-Ausbilder | PC reagiert kaum noch hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu PC reagiert kaum noch |
| 100 % auslastung, auslastung, cpu, dateien, englisch, gen, heute, hochfahren, i-net, laufen, mozilla, namen, neuer, pc reagiert nicht mehr, problem, problem mit dem pc, programme, programmen, reagiert, recover, screen, seite, seiten, speicherplatz, taskmanager, verschiedene, volume, zusätzlich, öffnen |
WARNUNG an die MITLESER: 
Linear-Darstellung
