Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 14.06.2016, 17:51   #1
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Moin Moin,

ich habe ein System, dass sehr träge reagierte und von mir als erste Maßnahme mit Malwarebytes und Adwcleaner bereinigt wurde - das hat die Performance auch schon etwas gesteigert, ich bitte daher um Auswertung der Logs, ob noch Auffälligkeiten zu finden sind.

Die Addition.txt passt nicht mehr in die Zeichengrenze jeh Post ...

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 12.06.2016
Suchlaufzeit: 19:55
Protokolldatei: mbam.txt
Administrator: Nein

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.12.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sany

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 260863
Abgelaufene Zeit: 28 Min., 22 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 8
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}, Löschen bei Neustart, [f2217b815e3b3ef8b29b6d1c3bc7d030], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, Löschen bei Neustart, [8093a6565148d6601cc87b427c86f709], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, Löschen bei Neustart, [d53e7e7e59400135c0e9842714efb54b], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, Löschen bei Neustart, [c44f5ba14a4f89ad406b367545beee12], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v5.119 - Logfile created 12/06/2016 at 20:42:13
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Sandra Nicola - SCHNUBBI
# Running from : C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
# Option : Scan
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

Folder Found : C:\ProgramData\TweakBit
Folder Found : C:\ProgramData\Application Data\TweakBit
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Found : C:\Program Files (x86)\myfree codec
Folder Found : C:\Users\Sandra Nicola\AppData\Local\Mobogenie
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\DesktopIconForAmazon
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\dvdvideosoftiehelpers
Folder Found : C:\Users\Sandra Nicola\AppData\Roaming\OCS
Folder Found : C:\Users\Sandra Nicola\Documents\Mobogenie
Folder Found : C:\Users\Sany\AppData\Local\Winamp Toolbar
Folder Found : \extensions

***** [ Files ] *****

File Found : C:\Users\Sandra Nicola\daemonprocess.txt
File Found : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
File Found : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
File Found : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage
File Found : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage-journal
File Found : \user.js

***** [ DLL ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
Key Found : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Found : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
Key Found : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Myfree Codec
Key Found : HKCU\Software\OCS
Key Found : HKLM\SOFTWARE\Myfree Codec
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Conduit
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Myfree Codec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\OCS
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Myfree Codec
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1043\Software\Myfree Codec
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
Data Found : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {721061fb-eb79-4568-a03c-3ce26d68dae9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com

***** [ Web browsers ] *****

[C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Found : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Found : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.firetab.org/?type=ds3hp
[C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Found : hxxp://www.firetab.org/?type=ds3hp

*************************

\AdwCleaner\AdwCleaner[S1].txt - [5680 bytes] - [12/06/2016 20:42:13]

########## EOF - \AdwCleaner\AdwCleaner[S1].txt - [5751 bytes] ##########
         
Code:
ATTFilter
# AdwCleaner v5.119 - Logfile created 12/06/2016 at 20:51:04
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (X64)
# Username : Sandra Nicola - SCHNUBBI
# Running from : C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
# Option : Clean
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\TweakBit
[#] Folder Deleted : C:\ProgramData\Application Data\TweakBit
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\myfree codec
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Local\Mobogenie
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\DesktopIconForAmazon
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\dvdvideosoftiehelpers
[-] Folder Deleted : C:\Users\Sandra Nicola\AppData\Roaming\OCS
[-] Folder Deleted : C:\Users\Sandra Nicola\Documents\Mobogenie
[-] Folder Deleted : C:\Users\Sany\AppData\Local\Winamp Toolbar
[-] Folder Deleted : \extensions

***** [ Files ] *****

[-] File Deleted : C:\Users\Sandra Nicola\daemonprocess.txt
[-] File Deleted : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
[-] File Deleted : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml
[-] File Deleted : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage
[-] File Deleted : C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.watch4.com_0.localstorage-journal
[-] File Deleted : \user.js

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\fcfenmboojpjinhpgggodefccipikbpd
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{562B9316-C08A-444A-9482-62080DD851AE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C379EAD1-CB34-4B09-AF6B-7E587F8BCD80}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\OCS
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Key Deleted : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit
[-] Key Deleted : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{721061fb-eb79-4568-a03c-3ce26d68dae9}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Data Restored : HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\euask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.euask.com

***** [ Web browsers ] *****

[-] [C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
[-] [C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\prefs.js] Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");
[-] [C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.firetab.org/?type=ds3hp
[-] [C:\Users\Sany\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Deleted : hxxp://www.firetab.org/?type=ds3hp

*************************

:: "Tracing" keys deleted
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted

*************************

\AdwCleaner\AdwCleaner[C1].txt - [5411 bytes] - [12/06/2016 20:51:04]
\AdwCleaner\AdwCleaner[S1].txt - [5828 bytes] - [12/06/2016 20:42:13]

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [5553 bytes] ##########
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:12-06-2016 01
Ran by Sandra Nicola (administrator) on SCHNUBBI (12-06-2016 21:32:34)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
Startup: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk [2015-04-22]
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579904 2015-04-30] (WiseCleaner.com)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 楗敳潂瑯獁楳瑳湡t; 㩃停潲牧浡䘠汩獥⠠㡸⤶坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數 [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S3 WiseHDInfo; C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [11304 2014-06-04] (wisecleaner.com) [File not signed]
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 21:25 - 2016-06-12 21:26 - 00037335 _____ C:\Users\Sany\Desktop\Addition.txt
2016-06-12 21:23 - 2016-06-12 21:32 - 00024661 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-12 21:23 - 2016-06-12 21:32 - 00000000 ____D C:\FRST
2016-06-12 21:23 - 2016-06-12 21:23 - 02385408 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-12 20:38 - 2016-06-12 20:51 - 00000000 ____D C:\AdwCleaner
2016-06-12 20:38 - 2016-06-12 20:38 - 03677248 _____ C:\Users\Sany\Desktop\AdwCleaner_5.119.exe
2016-06-12 20:00 - 2016-06-12 20:01 - 12893312 _____ (Lenovo Group Limited ) C:\Users\Sany\Desktop\g3ad03ww.exe
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:42 - 2016-06-12 15:42 - 03652640 _____ C:\Users\Sany\Desktop\SDI_R454.zip
2016-06-12 15:42 - 2016-06-12 15:42 - 00000000 ____D C:\Users\Sany\Desktop\SDI_R454
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00001041 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 22:26 - 2016-06-07 22:27 - 858866918 _____ C:\Users\Sany\Desktop\Monsieur_Claude_und_seine_Toechter_16.06.04_20-15_sat1_120_TVOON_DE.mpg.avi
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut
2016-05-13 16:36 - 2016-06-10 23:03 - 00000000 ____D C:\Users\Sany\Desktop\Shopping Queen

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-12 21:24 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-12 21:24 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-12 21:20 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-12 21:18 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:15 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-12 21:14 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-12 21:14 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-12 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 21:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-12 20:48 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-12 20:48 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-12 20:48 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 20:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-12 19:49 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-12 19:40 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 19:30 - 2012-08-29 22:57 - 00000000 ____D C:\Dolby PCEE4
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-12 17:44 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:37 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-12 09:17 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 12:31 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-06 11:57 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-05 18:02 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle
2016-05-14 02:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-05-14 01:27 - 2014-12-15 22:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-05-13 23:15 - 2015-09-23 22:59 - 00000078 _____ C:\Users\Sany\Desktop\Schulden.txt
2016-05-13 10:14 - 2015-11-04 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-13 10:14 - 2012-08-30 22:13 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-13 10:14 - 2012-08-30 22:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:20 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Sany\biing2.exe


Some files in TEMP:
====================
C:\Users\Sandra Nicola\AppData\Local\Temp\libeay32.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\msvcr120.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\sqlite3.dll
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-10 14:17

==================== End of FRST.txt ============================
         

Alt 14.06.2016, 22:06   #2
burningice
/// Malwareteam
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes




Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's

Schritt: 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.
__________________

__________________

Alt 15.06.2016, 21:19   #3
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Code:
ATTFilter
22:02:33.0892 0x1cf8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:02:38.0044 0x1cf8  ============================================================
22:02:38.0044 0x1cf8  Current date / time: 2016/06/15 22:02:38.0044
22:02:38.0044 0x1cf8  SystemInfo:
22:02:38.0044 0x1cf8  
22:02:38.0044 0x1cf8  OS Version: 6.1.7601 ServicePack: 1.0
22:02:38.0044 0x1cf8  Product type: Workstation
22:02:38.0045 0x1cf8  ComputerName: SCHNUBBI
22:02:38.0045 0x1cf8  UserName: Sandra Nicola
22:02:38.0045 0x1cf8  Windows directory: C:\Windows
22:02:38.0045 0x1cf8  System windows directory: C:\Windows
22:02:38.0045 0x1cf8  Running under WOW64
22:02:38.0045 0x1cf8  Processor architecture: Intel x64
22:02:38.0045 0x1cf8  Number of processors: 4
22:02:38.0045 0x1cf8  Page size: 0x1000
22:02:38.0045 0x1cf8  Boot type: Normal boot
22:02:38.0045 0x1cf8  ============================================================
22:02:41.0712 0x1cf8  KLMD registered as C:\Windows\system32\drivers\16813129.sys
22:02:42.0234 0x1cf8  System UUID: {7EF02DFB-89BF-74FC-055D-0DC866F0D1FD}
22:02:43.0584 0x1cf8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:02:43.0592 0x1cf8  ============================================================
22:02:43.0592 0x1cf8  \Device\Harddisk0\DR0:
22:02:43.0592 0x1cf8  MBR partitions:
22:02:43.0592 0x1cf8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:02:43.0592 0x1cf8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000
22:02:43.0592 0x1cf8  ============================================================
22:02:43.0615 0x1cf8  C: <-> \Device\Harddisk0\DR0\Partition2
22:02:43.0720 0x1cf8  ============================================================
22:02:43.0720 0x1cf8  Initialize success
22:02:43.0720 0x1cf8  ============================================================
22:02:57.0453 0x1bb0  ============================================================
22:02:57.0453 0x1bb0  Scan started
22:02:57.0453 0x1bb0  Mode: Manual; SigCheck; TDLFS; 
22:02:57.0453 0x1bb0  ============================================================
22:02:57.0454 0x1bb0  KSN ping started
22:03:11.0269 0x1bb0  KSN ping finished: true
22:03:15.0679 0x1bb0  ================ Scan system memory ========================
22:03:15.0680 0x1bb0  System memory - ok
22:03:15.0681 0x1bb0  ================ Scan services =============================
22:03:15.0876 0x1bb0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:03:16.0550 0x1bb0  1394ohci - ok
22:03:16.0690 0x1bb0  [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
22:03:16.0713 0x1bb0  AAV UpdateService - ok
22:03:16.0771 0x1bb0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:03:16.0866 0x1bb0  ACPI - ok
22:03:16.0930 0x1bb0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:03:17.0117 0x1bb0  AcpiPmi - ok
22:03:17.0232 0x1bb0  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:03:17.0256 0x1bb0  AdobeARMservice - ok
22:03:17.0396 0x1bb0  [ 6A050671F2C76FB48131F12786802807, 71B37A9CEAE5AB1B069FB010BC547E14445461885B74FA879E63F9F2DAF644A5 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:03:17.0445 0x1bb0  AdobeFlashPlayerUpdateSvc - ok
22:03:17.0516 0x1bb0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:03:17.0648 0x1bb0  adp94xx - ok
22:03:17.0695 0x1bb0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:03:17.0791 0x1bb0  adpahci - ok
22:03:17.0846 0x1bb0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:03:17.0937 0x1bb0  adpu320 - ok
22:03:17.0978 0x1bb0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:03:18.0079 0x1bb0  AeLookupSvc - ok
22:03:18.0151 0x1bb0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
22:03:18.0334 0x1bb0  AFD - ok
22:03:18.0381 0x1bb0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:03:18.0457 0x1bb0  agp440 - ok
22:03:18.0506 0x1bb0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:03:18.0616 0x1bb0  ALG - ok
22:03:18.0661 0x1bb0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:03:18.0728 0x1bb0  aliide - ok
22:03:18.0752 0x1bb0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:03:18.0842 0x1bb0  amdide - ok
22:03:18.0886 0x1bb0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:03:18.0994 0x1bb0  AmdK8 - ok
22:03:19.0021 0x1bb0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:03:19.0150 0x1bb0  AmdPPM - ok
22:03:19.0196 0x1bb0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:03:19.0419 0x1bb0  amdsata - ok
22:03:19.0464 0x1bb0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:03:19.0558 0x1bb0  amdsbs - ok
22:03:19.0601 0x1bb0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:03:19.0646 0x1bb0  amdxata - ok
22:03:19.0689 0x1bb0  [ 6474F8823C7188D2DA579F01FB6CED6B, 81D4E9D026CA60FB8840D520D151B8C2F4745A75DF90A4D6C80641F1A23AB605 ] AppID           C:\Windows\system32\drivers\appid.sys
22:03:19.0886 0x1bb0  AppID - ok
22:03:19.0923 0x1bb0  [ 8F58BA1F7772D6D7CE45F03309608001, CDB109E0DD241042C058F7D81A1BDEBC34435CB2DC4A7A7A3692193DD5806097 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:03:19.0978 0x1bb0  AppIDSvc - ok
22:03:20.0032 0x1bb0  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
22:03:20.0126 0x1bb0  Appinfo - ok
22:03:20.0182 0x1bb0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:03:20.0282 0x1bb0  AppMgmt - ok
22:03:20.0337 0x1bb0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:03:20.0439 0x1bb0  arc - ok
22:03:20.0474 0x1bb0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:03:20.0548 0x1bb0  arcsas - ok
22:03:20.0684 0x1bb0  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:03:20.0789 0x1bb0  aspnet_state - ok
22:03:20.0858 0x1bb0  [ 1694434F5B9AB16772C7A8E2EF9134CA, B84FA624EB6D438BB01AB886AE85FA42BEA46F2E33454C6C4D9078015813CDB5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
22:03:20.0910 0x1bb0  aswHwid - ok
22:03:20.0947 0x1bb0  [ 786E8BCDFF674068F3C950615FC2E71C, B5803960297F9622F594EC113FF6C89221606FC6B26B02EA6F021BE38AA66794 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
22:03:20.0999 0x1bb0  aswKbd - ok
22:03:21.0052 0x1bb0  [ 33D0DD0471FDF449C81338863FC63978, D5898B51B3BCE43E62D459CE808888085D82A4B9B284F90E3301CEF7C33C03E4 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
22:03:21.0111 0x1bb0  aswMonFlt - ok
22:03:21.0146 0x1bb0  [ DF190688D993A3DB227BFB0BB40BD7D4, C7EDA64AE84001089AE2085B8336B7572DEDDCC80EAAA05D73C9C675CAD8C511 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
22:03:21.0257 0x1bb0  aswRdr - ok
22:03:21.0335 0x1bb0  [ D873455DFA27680585AE238503917DF5, CAD9CBCD24F33FF8E49C77C795F8FE0540243E455A6FC9E3035B8C15C9EEBD6C ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
22:03:21.0400 0x1bb0  aswRvrt - ok
22:03:21.0499 0x1bb0  [ A371A06EC8F4830C263D3F5CA5A11B65, 62E55DD439C106184F3AF73198D5CEAB5828A0EE1E30A13C35103B1B57966AB6 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
22:03:21.0844 0x1bb0  aswSnx - ok
22:03:22.0023 0x1bb0  [ 6B7F6CE19A16240EE9DE2C528897ED9C, 3B7C24F5B152B408D87DA70B01AD2E744DCB877D46602C0620931FCADB275E17 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
22:03:22.0186 0x1bb0  aswSP - ok
22:03:22.0240 0x1bb0  [ 3575F9226251DE48E065ED5C384A21EF, 032F53FEEB0BB43F1AD673EE13F507D3A8AC10F78543EA1294C40BAA918ED323 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
22:03:22.0278 0x1bb0  aswStm - ok
22:03:22.0350 0x1bb0  [ BA4CDCD8C0395E91C38CD2C5CE3E7FA2, EF037C9C62F67C3D4432C86E3F568F62AABF468C792EA75477FCBC8EC8151C29 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
22:03:22.0470 0x1bb0  aswVmm - ok
22:03:22.0512 0x1bb0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:03:22.0752 0x1bb0  AsyncMac - ok
22:03:22.0778 0x1bb0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:03:22.0830 0x1bb0  atapi - ok
22:03:23.0115 0x1bb0  [ D9CDF35CEC701536606ECCD66868210A, C0999048AA7E8E5E26F39B82A41AAA44DD9482724012755AB259209AED214673 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
22:03:23.0602 0x1bb0  athr - ok
22:03:23.0685 0x1bb0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:03:23.0871 0x1bb0  AudioEndpointBuilder - ok
22:03:23.0913 0x1bb0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:03:23.0998 0x1bb0  AudioSrv - ok
22:03:24.0140 0x1bb0  [ A24AF1F8186B4B69D54DCC4B059CA695, 882338FEF206231B9FD83787A8685A7B69D76A414923B511A8D6A7619CB86F87 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:03:24.0190 0x1bb0  avast! Antivirus - ok
22:03:24.0223 0x1bb0  AvastVBoxSvc - ok
22:03:24.0287 0x1bb0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:03:24.0429 0x1bb0  AxInstSV - ok
22:03:24.0536 0x1bb0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:03:24.0718 0x1bb0  b06bdrv - ok
22:03:24.0772 0x1bb0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:03:24.0981 0x1bb0  b57nd60a - ok
22:03:25.0040 0x1bb0  [ 0630C8915B747E88E825CE7F73B66A5D, E9B465EE23487B59B1C906B04F9235B0BFBF254C1760E2462A7D1D7FE1655088 ] b57xdbd         C:\Windows\system32\DRIVERS\b57xdbd.sys
22:03:25.0091 0x1bb0  b57xdbd - ok
22:03:25.0217 0x1bb0  [ CA8457E528E13B38F8DC3B86B6BA4C6B, 532E48BBBA806608EBEFE10A94DCE2BFE8918D8DD6DEF6871F44FEEDA51238B8 ] b57xdmp         C:\Windows\system32\DRIVERS\b57xdmp.sys
22:03:25.0276 0x1bb0  b57xdmp - ok
22:03:25.0335 0x1bb0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:03:25.0441 0x1bb0  BDESVC - ok
22:03:25.0471 0x1bb0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:03:25.0596 0x1bb0  Beep - ok
22:03:25.0698 0x1bb0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:03:25.0818 0x1bb0  BFE - ok
22:03:25.0907 0x1bb0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:03:26.0219 0x1bb0  BITS - ok
22:03:26.0257 0x1bb0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:03:26.0385 0x1bb0  blbdrive - ok
22:03:26.0421 0x1bb0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:03:26.0600 0x1bb0  bowser - ok
22:03:26.0627 0x1bb0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:03:26.0765 0x1bb0  BrFiltLo - ok
22:03:26.0787 0x1bb0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:03:26.0881 0x1bb0  BrFiltUp - ok
22:03:26.0940 0x1bb0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:03:27.0035 0x1bb0  Browser - ok
22:03:27.0074 0x1bb0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:03:27.0261 0x1bb0  Brserid - ok
22:03:27.0285 0x1bb0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:03:27.0407 0x1bb0  BrSerWdm - ok
22:03:27.0446 0x1bb0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:03:27.0529 0x1bb0  BrUsbMdm - ok
22:03:27.0566 0x1bb0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:03:27.0684 0x1bb0  BrUsbSer - ok
22:03:27.0735 0x1bb0  [ F4598EF1BE59937A578F3F68724552A7, 67F2B580462A925583F272BBF664BF2042D2E2B18B1CB21B994B12A9B6288779 ] bScsiMSa        C:\Windows\system32\DRIVERS\bScsiMSa.sys
22:03:27.0793 0x1bb0  bScsiMSa - ok
22:03:27.0842 0x1bb0  [ D4F7DB4F009E9CFB06678307199282C3, 87FA4BFA624E1C623B52B8EE4661275275932F1E8C102A90841D2F7249B0DE41 ] bScsiSDa        C:\Windows\system32\DRIVERS\bScsiSDa.sys
22:03:28.0077 0x1bb0  bScsiSDa - ok
22:03:28.0114 0x1bb0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:03:28.0243 0x1bb0  BTHMODEM - ok
22:03:28.0297 0x1bb0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:03:28.0376 0x1bb0  bthserv - ok
22:03:28.0417 0x1bb0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:03:28.0617 0x1bb0  cdfs - ok
22:03:28.0675 0x1bb0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:03:28.0810 0x1bb0  cdrom - ok
22:03:28.0854 0x1bb0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:03:28.0959 0x1bb0  CertPropSvc - ok
22:03:29.0007 0x1bb0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:03:29.0079 0x1bb0  circlass - ok
22:03:29.0128 0x1bb0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:03:29.0217 0x1bb0  CLFS - ok
22:03:29.0290 0x1bb0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:03:29.0315 0x1bb0  clr_optimization_v2.0.50727_32 - ok
22:03:29.0354 0x1bb0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:03:29.0383 0x1bb0  clr_optimization_v2.0.50727_64 - ok
22:03:29.0474 0x1bb0  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:03:29.0646 0x1bb0  clr_optimization_v4.0.30319_32 - ok
22:03:29.0674 0x1bb0  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:03:29.0796 0x1bb0  clr_optimization_v4.0.30319_64 - ok
22:03:29.0933 0x1bb0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:03:30.0146 0x1bb0  CmBatt - ok
22:03:30.0179 0x1bb0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:03:30.0407 0x1bb0  cmdide - ok
22:03:30.0472 0x1bb0  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:03:30.0612 0x1bb0  CNG - ok
22:03:30.0655 0x1bb0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:03:30.0697 0x1bb0  Compbatt - ok
22:03:30.0724 0x1bb0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:03:30.0847 0x1bb0  CompositeBus - ok
22:03:30.0868 0x1bb0  COMSysApp - ok
22:03:30.0980 0x1bb0  [ 79D9B8D55C088D909B1A0F46797F852E, 0D233A40BF2459ADF32FF6A4D4E1706B9BE02E9EB38B8A712C7E762F10110B31 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
22:03:31.0024 0x1bb0  cphs - ok
22:03:31.0059 0x1bb0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:03:31.0124 0x1bb0  crcdisk - ok
22:03:31.0180 0x1bb0  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:03:31.0278 0x1bb0  CryptSvc - ok
22:03:31.0345 0x1bb0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
22:03:31.0513 0x1bb0  CSC - ok
22:03:31.0575 0x1bb0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
22:03:31.0680 0x1bb0  CscService - ok
22:03:31.0766 0x1bb0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:03:31.0882 0x1bb0  DcomLaunch - ok
22:03:31.0926 0x1bb0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:03:32.0043 0x1bb0  defragsvc - ok
22:03:32.0088 0x1bb0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:03:32.0479 0x1bb0  DfsC - ok
22:03:32.0606 0x1bb0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:03:32.0717 0x1bb0  Dhcp - ok
22:03:32.0868 0x1bb0  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:03:33.0045 0x1bb0  DiagTrack - ok
22:03:33.0158 0x1bb0  [ 045135BAA14040385E1EEA31669E47F4, 7B3B6A420D2CD96B557824C743CE574C5691726D40B5B50588CCEDF9C26025BF ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
22:03:33.0208 0x1bb0  DigitalWave.Update.Service - ok
22:03:33.0232 0x1bb0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:03:33.0366 0x1bb0  discache - ok
22:03:33.0414 0x1bb0  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
22:03:33.0489 0x1bb0  Disk - ok
22:03:33.0526 0x1bb0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
22:03:33.0643 0x1bb0  dmvsc - ok
22:03:33.0690 0x1bb0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:03:33.0798 0x1bb0  Dnscache - ok
22:03:33.0850 0x1bb0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:03:33.0974 0x1bb0  dot3svc - ok
22:03:34.0045 0x1bb0  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
22:03:34.0191 0x1bb0  dot4 - ok
22:03:34.0313 0x1bb0  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
22:03:34.0392 0x1bb0  Dot4Print - ok
22:03:34.0470 0x1bb0  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
22:03:34.0563 0x1bb0  dot4usb - ok
22:03:34.0637 0x1bb0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:03:34.0758 0x1bb0  DPS - ok
22:03:34.0854 0x1bb0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:03:34.0993 0x1bb0  drmkaud - ok
22:03:35.0108 0x1bb0  [ 3A9D7D464BDB3B70D7ECF689ADABBD4D, B4F5B23705EA1BA453FE30791CA245E1A5F7FBEABAD026E4A8A15A9FC44E8C9C ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:03:35.0311 0x1bb0  DXGKrnl - ok
22:03:35.0366 0x1bb0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:03:35.0486 0x1bb0  EapHost - ok
22:03:35.0732 0x1bb0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:03:35.0975 0x1bb0  ebdrv - ok
22:03:36.0025 0x1bb0  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] EFS             C:\Windows\System32\lsass.exe
22:03:36.0075 0x1bb0  EFS - ok
22:03:36.0173 0x1bb0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:03:36.0302 0x1bb0  ehRecvr - ok
22:03:36.0337 0x1bb0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:03:36.0428 0x1bb0  ehSched - ok
22:03:36.0497 0x1bb0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:03:36.0601 0x1bb0  elxstor - ok
22:03:36.0741 0x1bb0  [ 8E12D885D17EC5FA4F52D2C6E953E285, A39F9FF88A6401030FCDE47E4504A297FB590751C74627181EC42F1E298CED8E ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
22:03:36.0814 0x1bb0  ePowerSvc - ok
22:03:36.0911 0x1bb0  [ ABDD5AD016AFFD34AD40E944CE94BF59, 61089124CD8FEA31142CD4D3C47224A6310B9BE7B7FA974956D9EDDAD4381503 ] EpsonBidirectionalService C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
22:03:36.0954 0x1bb0  EpsonBidirectionalService - detected UnsignedFile.Multi.Generic ( 1 )
22:03:39.0777 0x1bb0  Detect skipped due to KSN trusted
22:03:39.0777 0x1bb0  EpsonBidirectionalService - ok
22:03:39.0903 0x1bb0  [ 194E8100D57FC13BEF88129BAAD07E46, 745D24ADD99ED182FCCA30C6B85167484B74D3EFD631AF92AA57AAD73F474631 ] EPSON_PM_RPCV4_04 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
22:03:39.0932 0x1bb0  EPSON_PM_RPCV4_04 - ok
22:03:39.0951 0x1bb0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:03:40.0080 0x1bb0  ErrDev - ok
22:03:40.0205 0x1bb0  [ DDCCBE95C557EC0123C3B076C8780048, E9EAD059B307F90EF61FB1B3EFCFBD8AA3DDCBC624B1AE7FCE4D72FFD111E48B ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
22:03:40.0381 0x1bb0  ETD - ok
22:03:40.0513 0x1bb0  [ A7A5318DA5F9FEA3AE82DFD0970DD509, 69F08F2F8EFA411AFF8C34A70EDB2B0168E9263EDA3072E2AE47011F2E6770B4 ] ETDService      C:\Program Files\Elantech\ETDService.exe
22:03:40.0547 0x1bb0  ETDService - ok
22:03:40.0618 0x1bb0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:03:40.0757 0x1bb0  EventSystem - ok
22:03:40.0816 0x1bb0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:03:40.0983 0x1bb0  exfat - ok
22:03:41.0009 0x1bb0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:03:41.0155 0x1bb0  fastfat - ok
22:03:41.0260 0x1bb0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:03:41.0394 0x1bb0  Fax - ok
22:03:41.0425 0x1bb0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:03:41.0548 0x1bb0  fdc - ok
22:03:41.0592 0x1bb0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:03:41.0680 0x1bb0  fdPHost - ok
22:03:41.0702 0x1bb0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:03:41.0809 0x1bb0  FDResPub - ok
22:03:41.0877 0x1bb0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:03:41.0966 0x1bb0  FileInfo - ok
22:03:41.0991 0x1bb0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:03:42.0127 0x1bb0  Filetrace - ok
22:03:42.0155 0x1bb0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:03:42.0259 0x1bb0  flpydisk - ok
22:03:42.0296 0x1bb0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:03:42.0384 0x1bb0  FltMgr - ok
22:03:42.0482 0x1bb0  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
22:03:42.0632 0x1bb0  FontCache - ok
22:03:42.0704 0x1bb0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:03:42.0733 0x1bb0  FontCache3.0.0.0 - ok
22:03:42.0764 0x1bb0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:03:42.0842 0x1bb0  FsDepends - ok
22:03:42.0908 0x1bb0  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
22:03:43.0061 0x1bb0  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
22:03:45.0867 0x1bb0  Detect skipped due to KSN trusted
22:03:45.0867 0x1bb0  FsUsbExDisk - ok
22:03:45.0909 0x1bb0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:03:45.0947 0x1bb0  Fs_Rec - ok
22:03:46.0005 0x1bb0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:03:46.0088 0x1bb0  fvevol - ok
22:03:46.0114 0x1bb0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:03:46.0205 0x1bb0  gagp30kx - ok
22:03:46.0286 0x1bb0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:03:46.0448 0x1bb0  gpsvc - ok
22:03:46.0560 0x1bb0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:46.0586 0x1bb0  gupdate - ok
22:03:46.0596 0x1bb0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:03:46.0616 0x1bb0  gupdatem - ok
22:03:46.0643 0x1bb0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:03:46.0764 0x1bb0  hcw85cir - ok
22:03:46.0829 0x1bb0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:03:46.0938 0x1bb0  HdAudAddService - ok
22:03:47.0025 0x1bb0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:03:47.0092 0x1bb0  HDAudBus - ok
22:03:47.0117 0x1bb0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:03:47.0214 0x1bb0  HidBatt - ok
22:03:47.0245 0x1bb0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:03:47.0363 0x1bb0  HidBth - ok
22:03:47.0407 0x1bb0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:03:47.0520 0x1bb0  HidIr - ok
22:03:47.0559 0x1bb0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:03:47.0666 0x1bb0  hidserv - ok
22:03:47.0746 0x1bb0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:03:47.0860 0x1bb0  HidUsb - ok
22:03:47.0897 0x1bb0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:03:48.0016 0x1bb0  hkmsvc - ok
22:03:48.0062 0x1bb0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:03:48.0155 0x1bb0  HomeGroupListener - ok
22:03:48.0201 0x1bb0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:03:48.0273 0x1bb0  HomeGroupProvider - ok
22:03:48.0341 0x1bb0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:03:48.0383 0x1bb0  HpSAMD - ok
22:03:48.0464 0x1bb0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:03:48.0700 0x1bb0  HTTP - ok
22:03:48.0739 0x1bb0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:03:48.0786 0x1bb0  hwpolicy - ok
22:03:48.0810 0x1bb0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:03:48.0883 0x1bb0  i8042prt - ok
22:03:48.0960 0x1bb0  [ 53CC5BF8B5A219119953C7ABB19A7705, F342A9732978D893729EA2591CB72E5F5BD1B3E6C9E4DBFFE54EC866E534A8C0 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:03:49.0055 0x1bb0  iaStor - ok
22:03:49.0123 0x1bb0  [ D639EB19578CD425A2F0C068F9E4EBAF, 3359383B784EA41E1CA5A1617F6B60B4AAEF5B4972E5CF42743DFB9385694E10 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
22:03:49.0237 0x1bb0  iaStorA - ok
22:03:49.0302 0x1bb0  [ F56B762E4E00B6365EE8E971EB442FA6, 93C3E451EDA7AA3E54CA6E58CDEDED8D2E724118859FBE49BC7AEF4A689E60CE ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
22:03:49.0349 0x1bb0  iaStorF - ok
22:03:49.0416 0x1bb0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:03:49.0506 0x1bb0  iaStorV - ok
22:03:49.0563 0x1bb0  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
22:03:49.0630 0x1bb0  ICCWDT - ok
22:03:49.0742 0x1bb0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:03:49.0824 0x1bb0  idsvc - ok
22:03:49.0890 0x1bb0  IEEtwCollectorService - ok
22:03:50.0273 0x1bb0  [ 536B77DB736D848C41616E861940807B, B1C46BB55AC7EDC0CFE1179A9FCC21FD199CB4BD6A786C58965A1CE9C43BCF51 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
22:03:50.0873 0x1bb0  igfx - ok
22:03:50.0915 0x1bb0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:03:50.0966 0x1bb0  iirsp - ok
22:03:51.0080 0x1bb0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:03:51.0191 0x1bb0  IKEEXT - ok
22:03:51.0885 0x1bb0  [ 048A8274D23D1C1586BEF1CFE84CFA8E, ECD0D1DB9CF190189F721DD2536E0E84BD7372B8DC0C11972752AF776EE70A1C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:03:52.0558 0x1bb0  IntcAzAudAddService - ok
22:03:52.0648 0x1bb0  [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:03:52.0706 0x1bb0  IntcDAud - ok
22:03:52.0744 0x1bb0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:03:52.0798 0x1bb0  intelide - ok
22:03:52.0893 0x1bb0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:03:53.0003 0x1bb0  intelppm - ok
22:03:53.0041 0x1bb0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:03:53.0133 0x1bb0  IPBusEnum - ok
22:03:53.0197 0x1bb0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:03:53.0280 0x1bb0  IpFilterDriver - ok
22:03:53.0362 0x1bb0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:03:53.0686 0x1bb0  iphlpsvc - ok
22:03:53.0706 0x1bb0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:03:53.0821 0x1bb0  IPMIDRV - ok
22:03:53.0847 0x1bb0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:03:54.0032 0x1bb0  IPNAT - ok
22:03:54.0069 0x1bb0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:03:54.0162 0x1bb0  IRENUM - ok
22:03:54.0223 0x1bb0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:03:54.0263 0x1bb0  isapnp - ok
22:03:54.0308 0x1bb0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:03:54.0371 0x1bb0  iScsiPrt - ok
22:03:54.0463 0x1bb0  [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
22:03:54.0535 0x1bb0  k57nd60a - ok
22:03:54.0550 0x1bb0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:03:54.0598 0x1bb0  kbdclass - ok
22:03:54.0644 0x1bb0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:03:54.0718 0x1bb0  kbdhid - ok
22:03:54.0749 0x1bb0  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] KeyIso          C:\Windows\system32\lsass.exe
22:03:54.0776 0x1bb0  KeyIso - ok
22:03:54.0823 0x1bb0  [ 0878723427BA190E5ABA5AA0112FA4D4, E332C83D3F4DF71761AA3DAC2C721FC2029F71ECC88A66E175BA56510855C4D4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:03:54.0891 0x1bb0  KSecDD - ok
22:03:54.0927 0x1bb0  [ C08CCCE2BE68D04E6C142614736959DA, AEC0AFC5C28DDC14DD6918BB6E236FA1C85CC30D69DA9AE40F9962D88248040F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:03:54.0981 0x1bb0  KSecPkg - ok
22:03:55.0021 0x1bb0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:03:55.0126 0x1bb0  ksthunk - ok
22:03:55.0194 0x1bb0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:03:55.0297 0x1bb0  KtmRm - ok
22:03:55.0366 0x1bb0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:03:55.0479 0x1bb0  LanmanServer - ok
22:03:55.0543 0x1bb0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:03:55.0654 0x1bb0  LanmanWorkstation - ok
22:03:55.0723 0x1bb0  [ C7D21310EA0A644AA6394DE1E46E3D31, 597F27A2696F945FD6388CA62D5EE98E44694F477F57EF8A68C2151B2276E838 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
22:03:55.0771 0x1bb0  libusb0 - ok
22:03:55.0834 0x1bb0  [ 93B73DED2BC688F140C6AE2FBAD45789, B6859BC5D309B99BCCDC3717108B714497AAE9C5B26CE5B201344A41FC4CFF9D ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:03:55.0870 0x1bb0  Live Updater Service - ok
22:03:55.0908 0x1bb0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:03:56.0042 0x1bb0  lltdio - ok
22:03:56.0101 0x1bb0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:03:56.0237 0x1bb0  lltdsvc - ok
22:03:56.0264 0x1bb0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:03:56.0369 0x1bb0  lmhosts - ok
22:03:56.0464 0x1bb0  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:03:56.0506 0x1bb0  LMS - ok
22:03:56.0553 0x1bb0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:03:56.0610 0x1bb0  LSI_FC - ok
22:03:56.0639 0x1bb0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:03:56.0692 0x1bb0  LSI_SAS - ok
22:03:56.0712 0x1bb0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:03:56.0764 0x1bb0  LSI_SAS2 - ok
22:03:56.0799 0x1bb0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:03:56.0862 0x1bb0  LSI_SCSI - ok
22:03:56.0890 0x1bb0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:03:57.0022 0x1bb0  luafv - ok
22:03:57.0081 0x1bb0  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
22:03:57.0151 0x1bb0  MBAMSwissArmy - ok
22:03:57.0197 0x1bb0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:03:57.0295 0x1bb0  Mcx2Svc - ok
22:03:57.0340 0x1bb0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:03:57.0384 0x1bb0  megasas - ok
22:03:57.0420 0x1bb0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:03:57.0506 0x1bb0  MegaSR - ok
22:03:57.0573 0x1bb0  [ 009B44AA87EBFB87B3D3BB22097DFE73, 267298E3B1FBB9587E8691DC6EAB61AB5F6D2CE7F43B0797EA4E198E704FB7A6 ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
22:03:57.0619 0x1bb0  MEIx64 - ok
22:03:57.0646 0x1bb0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:03:57.0740 0x1bb0  MMCSS - ok
22:03:57.0775 0x1bb0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:03:57.0896 0x1bb0  Modem - ok
22:03:57.0941 0x1bb0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:03:58.0000 0x1bb0  monitor - ok
22:03:58.0034 0x1bb0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:03:58.0143 0x1bb0  mouclass - ok
22:03:58.0170 0x1bb0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:03:58.0371 0x1bb0  mouhid - ok
22:03:58.0416 0x1bb0  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:03:58.0478 0x1bb0  mountmgr - ok
22:03:58.0558 0x1bb0  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:03:58.0594 0x1bb0  MozillaMaintenance - ok
22:03:58.0635 0x1bb0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:03:58.0689 0x1bb0  mpio - ok
22:03:58.0708 0x1bb0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:03:58.0848 0x1bb0  mpsdrv - ok
22:03:58.0940 0x1bb0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:03:59.0133 0x1bb0  MpsSvc - ok
22:03:59.0192 0x1bb0  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:03:59.0302 0x1bb0  MRxDAV - ok
22:03:59.0346 0x1bb0  [ 035C0A9A63DF3F3A52B90D8F6BF0F166, F409C8A31156E31A6D16D2B34EEE3098CE0D76A4DB7B49810EDDA2E2E19B2E26 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:03:59.0421 0x1bb0  mrxsmb - ok
22:03:59.0471 0x1bb0  [ 8308FC2E9147D7632221E3279BB14660, 3051FF91493FD03B7EDD4EDB23B2DE8DD7E03D46E231BC5925502BE98E78B1CB ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:03:59.0555 0x1bb0  mrxsmb10 - ok
22:03:59.0578 0x1bb0  [ 1F8DA4ECAEA7E2BCD97E738795817431, FBEF64C7067F5AFF864EF7E220C8A47AC43EB0BFD9A4E4C908F9D9D159AC5139 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:03:59.0635 0x1bb0  mrxsmb20 - ok
22:03:59.0664 0x1bb0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:03:59.0708 0x1bb0  msahci - ok
22:03:59.0742 0x1bb0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:03:59.0798 0x1bb0  msdsm - ok
22:03:59.0819 0x1bb0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:03:59.0887 0x1bb0  MSDTC - ok
22:03:59.0941 0x1bb0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:04:00.0127 0x1bb0  Msfs - ok
22:04:00.0160 0x1bb0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:04:00.0304 0x1bb0  mshidkmdf - ok
22:04:00.0334 0x1bb0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:04:00.0387 0x1bb0  msisadrv - ok
22:04:00.0445 0x1bb0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:04:00.0563 0x1bb0  MSiSCSI - ok
22:04:00.0571 0x1bb0  msiserver - ok
22:04:00.0625 0x1bb0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:04:00.0719 0x1bb0  MSKSSRV - ok
22:04:00.0734 0x1bb0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:04:00.0863 0x1bb0  MSPCLOCK - ok
22:04:00.0898 0x1bb0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:04:01.0048 0x1bb0  MSPQM - ok
22:04:01.0089 0x1bb0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:04:01.0179 0x1bb0  MsRPC - ok
22:04:01.0233 0x1bb0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:04:01.0281 0x1bb0  mssmbios - ok
22:04:01.0311 0x1bb0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:04:01.0490 0x1bb0  MSTEE - ok
22:04:01.0510 0x1bb0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:04:01.0564 0x1bb0  MTConfig - ok
22:04:01.0597 0x1bb0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:04:01.0645 0x1bb0  Mup - ok
22:04:01.0697 0x1bb0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:04:01.0793 0x1bb0  napagent - ok
22:04:01.0862 0x1bb0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:04:01.0970 0x1bb0  NativeWifiP - ok
22:04:02.0081 0x1bb0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:04:02.0214 0x1bb0  NDIS - ok
22:04:02.0256 0x1bb0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:04:02.0385 0x1bb0  NdisCap - ok
22:04:02.0443 0x1bb0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:04:02.0555 0x1bb0  NdisTapi - ok
22:04:02.0579 0x1bb0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:04:02.0707 0x1bb0  Ndisuio - ok
22:04:02.0757 0x1bb0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:04:02.0863 0x1bb0  NdisWan - ok
22:04:02.0880 0x1bb0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:04:03.0042 0x1bb0  NDProxy - ok
22:04:03.0061 0x1bb0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:04:03.0169 0x1bb0  NetBIOS - ok
22:04:03.0225 0x1bb0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:04:03.0375 0x1bb0  NetBT - ok
22:04:03.0406 0x1bb0  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] Netlogon        C:\Windows\system32\lsass.exe
22:04:03.0437 0x1bb0  Netlogon - ok
22:04:03.0491 0x1bb0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:04:03.0629 0x1bb0  Netman - ok
22:04:03.0728 0x1bb0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:03.0779 0x1bb0  NetMsmqActivator - ok
22:04:03.0793 0x1bb0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:03.0835 0x1bb0  NetPipeActivator - ok
22:04:03.0891 0x1bb0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:04:04.0038 0x1bb0  netprofm - ok
22:04:04.0053 0x1bb0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:04.0092 0x1bb0  NetTcpActivator - ok
22:04:04.0106 0x1bb0  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:04:04.0144 0x1bb0  NetTcpPortSharing - ok
22:04:04.0186 0x1bb0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:04:04.0250 0x1bb0  nfrd960 - ok
22:04:04.0310 0x1bb0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:04:04.0377 0x1bb0  NlaSvc - ok
22:04:04.0417 0x1bb0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:04:04.0552 0x1bb0  Npfs - ok
22:04:04.0586 0x1bb0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:04:04.0719 0x1bb0  nsi - ok
22:04:04.0770 0x1bb0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:04:04.0957 0x1bb0  nsiproxy - ok
22:04:05.0112 0x1bb0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:04:05.0317 0x1bb0  Ntfs - ok
22:04:05.0355 0x1bb0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:04:05.0487 0x1bb0  Null - ok
22:04:06.0350 0x1bb0  [ F554291C0A11F5B713B54C5886D4AA31, 65B7DF4BB3DFF616DC2C863988E30F901E14221C00E2A99A2079E19D91D93BAE ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:04:07.0397 0x1bb0  nvlddmkm - ok
22:04:07.0479 0x1bb0  [ 3F403A74349FCE04DF8D7BE24E6A02BD, 0167E289725DB55BEE2792CF8366B62FB6B209C9B815F687C4DAC388125223C3 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
22:04:07.0544 0x1bb0  nvpciflt - ok
22:04:07.0592 0x1bb0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:04:07.0652 0x1bb0  nvraid - ok
22:04:07.0702 0x1bb0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:04:07.0765 0x1bb0  nvstor - ok
22:04:07.0869 0x1bb0  [ 8E99BF264C1F20934A67E91BC9F4FB20, 89AA8823B751F4CEF4E862F1270E7EFDA81A6E5D9C5F72625CBF83C70B312353 ] nvsvc           C:\Windows\system32\nvvsvc.exe
22:04:07.0986 0x1bb0  nvsvc - ok
22:04:08.0225 0x1bb0  [ 815290E27B7B7D12AF013638819BE1B6, 83078B422954BBF9FFEF606EB1788EC78A1F69E7FF99F0588B72A07873797C98 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:04:08.0391 0x1bb0  nvUpdatusService - ok
22:04:08.0444 0x1bb0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:04:08.0533 0x1bb0  nv_agp - ok
22:04:08.0639 0x1bb0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:04:08.0690 0x1bb0  odserv - ok
22:04:08.0719 0x1bb0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:04:08.0775 0x1bb0  ohci1394 - ok
22:04:08.0872 0x1bb0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:04:08.0905 0x1bb0  ose - ok
22:04:08.0974 0x1bb0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:04:09.0097 0x1bb0  p2pimsvc - ok
22:04:09.0178 0x1bb0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:04:09.0265 0x1bb0  p2psvc - ok
22:04:09.0314 0x1bb0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:04:09.0396 0x1bb0  Parport - ok
22:04:09.0436 0x1bb0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:04:09.0481 0x1bb0  partmgr - ok
22:04:09.0545 0x1bb0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:04:09.0649 0x1bb0  PcaSvc - ok
22:04:09.0696 0x1bb0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:04:09.0752 0x1bb0  pci - ok
22:04:09.0793 0x1bb0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:04:09.0852 0x1bb0  pciide - ok
22:04:09.0886 0x1bb0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:04:09.0944 0x1bb0  pcmcia - ok
22:04:09.0968 0x1bb0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:04:10.0021 0x1bb0  pcw - ok
22:04:10.0083 0x1bb0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:04:10.0181 0x1bb0  PEAUTH - ok
22:04:10.0319 0x1bb0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:04:10.0439 0x1bb0  PeerDistSvc - ok
22:04:10.0516 0x1bb0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:04:10.0582 0x1bb0  PerfHost - ok
22:04:10.0704 0x1bb0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:04:10.0884 0x1bb0  pla - ok
22:04:10.0974 0x1bb0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:04:11.0070 0x1bb0  PlugPlay - ok
22:04:11.0107 0x1bb0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:04:11.0144 0x1bb0  PNRPAutoReg - ok
22:04:11.0171 0x1bb0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:04:11.0217 0x1bb0  PNRPsvc - ok
22:04:11.0277 0x1bb0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:04:11.0407 0x1bb0  PolicyAgent - ok
22:04:11.0484 0x1bb0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:04:11.0595 0x1bb0  Power - ok
22:04:11.0659 0x1bb0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:04:11.0813 0x1bb0  PptpMiniport - ok
22:04:11.0833 0x1bb0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:04:11.0912 0x1bb0  Processor - ok
22:04:11.0967 0x1bb0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:04:12.0063 0x1bb0  ProfSvc - ok
22:04:12.0084 0x1bb0  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:04:12.0110 0x1bb0  ProtectedStorage - ok
22:04:12.0143 0x1bb0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:04:12.0277 0x1bb0  Psched - ok
22:04:12.0386 0x1bb0  [ 595A22C4CCE855E72D475835F3DF2D53, E931AED5294B1FF36082C111331A38DCF867FCC8C3B392C31061777EEDA3A896 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
22:04:12.0459 0x1bb0  pwdrvio - ok
22:04:12.0537 0x1bb0  [ 70EB529F6FEDAC79D0A8E3BB79999277, 69A42429E7B3E0AACD2897B9E9B74D17534D2BE6C8A39D96413295D9223457CA ] pwdspio         C:\Windows\system32\pwdspio.sys
22:04:12.0603 0x1bb0  pwdspio - ok
22:04:12.0731 0x1bb0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:04:12.0911 0x1bb0  ql2300 - ok
22:04:12.0950 0x1bb0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:04:13.0001 0x1bb0  ql40xx - ok
22:04:13.0037 0x1bb0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:04:13.0102 0x1bb0  QWAVE - ok
22:04:13.0147 0x1bb0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:04:13.0212 0x1bb0  QWAVEdrv - ok
22:04:13.0239 0x1bb0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:04:13.0345 0x1bb0  RasAcd - ok
22:04:13.0420 0x1bb0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:04:13.0552 0x1bb0  RasAgileVpn - ok
22:04:13.0605 0x1bb0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:04:13.0694 0x1bb0  RasAuto - ok
22:04:13.0731 0x1bb0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:04:13.0852 0x1bb0  Rasl2tp - ok
22:04:13.0901 0x1bb0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:04:14.0003 0x1bb0  RasMan - ok
22:04:14.0036 0x1bb0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:04:14.0161 0x1bb0  RasPppoe - ok
22:04:14.0224 0x1bb0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:04:14.0377 0x1bb0  RasSstp - ok
22:04:14.0435 0x1bb0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:04:14.0588 0x1bb0  rdbss - ok
22:04:14.0610 0x1bb0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:04:14.0696 0x1bb0  rdpbus - ok
22:04:14.0734 0x1bb0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:04:14.0823 0x1bb0  RDPCDD - ok
22:04:14.0875 0x1bb0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:04:14.0948 0x1bb0  RDPDR - ok
22:04:14.0964 0x1bb0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:04:15.0090 0x1bb0  RDPENCDD - ok
22:04:15.0162 0x1bb0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:04:15.0291 0x1bb0  RDPREFMP - ok
22:04:15.0322 0x1bb0  [ 065F79543D7999EC28B687F87E96B803, 6B235C422DCA79ABF0D051C066B2866643333F7ADB7AF914F6EEAC448AA59AAF ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
22:04:15.0419 0x1bb0  RdpVideoMiniport - ok
22:04:15.0464 0x1bb0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:04:15.0584 0x1bb0  RDPWD - ok
22:04:15.0619 0x1bb0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:04:15.0675 0x1bb0  rdyboost - ok
22:04:15.0706 0x1bb0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:04:15.0815 0x1bb0  RemoteAccess - ok
22:04:15.0867 0x1bb0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:04:15.0966 0x1bb0  RemoteRegistry - ok
22:04:15.0991 0x1bb0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:04:16.0077 0x1bb0  RpcEptMapper - ok
22:04:16.0105 0x1bb0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:04:16.0167 0x1bb0  RpcLocator - ok
22:04:16.0250 0x1bb0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
22:04:16.0310 0x1bb0  RpcSs - ok
22:04:16.0363 0x1bb0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:04:16.0533 0x1bb0  rspndr - ok
22:04:16.0570 0x1bb0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:04:16.0645 0x1bb0  s3cap - ok
22:04:16.0686 0x1bb0  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] SamSs           C:\Windows\system32\lsass.exe
22:04:16.0719 0x1bb0  SamSs - ok
22:04:16.0749 0x1bb0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:04:16.0793 0x1bb0  sbp2port - ok
22:04:16.0839 0x1bb0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:04:16.0935 0x1bb0  SCardSvr - ok
22:04:16.0954 0x1bb0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:04:17.0072 0x1bb0  scfilter - ok
22:04:17.0175 0x1bb0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
22:04:17.0328 0x1bb0  Schedule - ok
22:04:17.0370 0x1bb0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:04:17.0469 0x1bb0  SCPolicySvc - ok
22:04:17.0511 0x1bb0  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
22:04:17.0604 0x1bb0  sdbus - ok
22:04:17.0657 0x1bb0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:04:17.0754 0x1bb0  SDRSVC - ok
22:04:17.0799 0x1bb0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] Secdrv          C:\Windows\system32\drivers\SECDRV.SYS
22:04:17.0898 0x1bb0  Secdrv - ok
22:04:17.0940 0x1bb0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
22:04:17.0980 0x1bb0  seclogon - ok
22:04:18.0008 0x1bb0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:04:18.0100 0x1bb0  SENS - ok
22:04:18.0123 0x1bb0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:04:18.0204 0x1bb0  SensrSvc - ok
22:04:18.0285 0x1bb0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:04:18.0358 0x1bb0  Serenum - ok
22:04:18.0428 0x1bb0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:04:18.0514 0x1bb0  Serial - ok
22:04:18.0553 0x1bb0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:04:18.0624 0x1bb0  sermouse - ok
22:04:18.0698 0x1bb0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:04:18.0807 0x1bb0  SessionEnv - ok
22:04:18.0847 0x1bb0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:04:18.0903 0x1bb0  sffdisk - ok
22:04:18.0932 0x1bb0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:04:19.0012 0x1bb0  sffp_mmc - ok
22:04:19.0043 0x1bb0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:04:19.0118 0x1bb0  sffp_sd - ok
22:04:19.0154 0x1bb0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:04:19.0236 0x1bb0  sfloppy - ok
22:04:19.0298 0x1bb0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:04:19.0424 0x1bb0  SharedAccess - ok
22:04:19.0490 0x1bb0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:04:19.0624 0x1bb0  ShellHWDetection - ok
22:04:19.0667 0x1bb0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:04:19.0706 0x1bb0  SiSRaid2 - ok
22:04:19.0735 0x1bb0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:04:19.0789 0x1bb0  SiSRaid4 - ok
22:04:19.0855 0x1bb0  [ 9A66A87BBC0EC4463042959B7C0D4AC1, 2E61DC50AD4A4D4782F3271BAD010137DA9A6AFC46C7568C709F68C7621DCD40 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:04:19.0899 0x1bb0  SkypeUpdate - ok
22:04:19.0953 0x1bb0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:04:20.0065 0x1bb0  Smb - ok
22:04:20.0089 0x1bb0  [ BE07CEC32D00032A7F6BC463BF057333, E529664382A1FD6D1040DCE6E4BD69456106978BD553A4E7D0FFAB01E9E8E14A ] SmbDrvI         C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
22:04:20.0110 0x1bb0  SmbDrvI - ok
22:04:20.0162 0x1bb0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:04:20.0223 0x1bb0  SNMPTRAP - ok
22:04:20.0294 0x1bb0  [ 12583AF6CBE0050651EAF2723B3AD7B3, 965D4F981B54669A96C5AB02D09BF0A9850D13862425B8981F1A9271350F28BB ] speedfan        C:\Windows\syswow64\speedfan.sys
22:04:20.0339 0x1bb0  speedfan - ok
22:04:20.0367 0x1bb0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:04:20.0413 0x1bb0  spldr - ok
22:04:20.0479 0x1bb0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:04:20.0556 0x1bb0  Spooler - ok
22:04:20.0791 0x1bb0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:04:21.0103 0x1bb0  sppsvc - ok
22:04:21.0162 0x1bb0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:04:21.0245 0x1bb0  sppuinotify - ok
22:04:21.0462 0x1bb0  [ 51796577C8178BA752D474EB9F752FB0, 5AD6696794DAC666A3F4C9A0A0460F5061080724A5DFA6CAC3FA494F256CEFAD ] SPUVCbv         C:\Windows\system32\Drivers\SPUVCbv_x64.sys
22:04:21.0734 0x1bb0  SPUVCbv - ok
22:04:21.0800 0x1bb0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:04:21.0951 0x1bb0  srv - ok
22:04:21.0989 0x1bb0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:04:22.0077 0x1bb0  srv2 - ok
22:04:22.0101 0x1bb0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:04:22.0244 0x1bb0  srvnet - ok
22:04:22.0292 0x1bb0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:04:22.0386 0x1bb0  SSDPSRV - ok
22:04:22.0406 0x1bb0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:04:22.0524 0x1bb0  SstpSvc - ok
22:04:22.0567 0x1bb0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:04:22.0615 0x1bb0  stexstor - ok
22:04:22.0681 0x1bb0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:04:22.0781 0x1bb0  stisvc - ok
22:04:22.0827 0x1bb0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:04:22.0872 0x1bb0  storflt - ok
22:04:22.0924 0x1bb0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:04:22.0963 0x1bb0  storvsc - ok
22:04:22.0986 0x1bb0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:04:23.0032 0x1bb0  swenum - ok
22:04:23.0094 0x1bb0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:04:23.0206 0x1bb0  swprv - ok
22:04:23.0263 0x1bb0  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
22:04:23.0317 0x1bb0  Synth3dVsc - ok
22:04:23.0417 0x1bb0  [ EF51B22706DB03F0857FADE127C804EC, F3A97B8D94E96ACF93448CDF33DED97B076C3D8FFE42E9EAD088EE662306277B ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
22:04:23.0515 0x1bb0  SynTP - ok
22:04:23.0663 0x1bb0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
22:04:23.0850 0x1bb0  SysMain - ok
22:04:23.0879 0x1bb0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:04:23.0922 0x1bb0  TabletInputService - ok
22:04:23.0959 0x1bb0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:04:24.0090 0x1bb0  TapiSrv - ok
22:04:24.0249 0x1bb0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:04:24.0464 0x1bb0  Tcpip - ok
22:04:24.0605 0x1bb0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:04:24.0799 0x1bb0  TCPIP6 - ok
22:04:24.0859 0x1bb0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:04:24.0912 0x1bb0  tcpipreg - ok
22:04:24.0949 0x1bb0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:04:25.0013 0x1bb0  TDPIPE - ok
22:04:25.0040 0x1bb0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:04:25.0116 0x1bb0  TDTCP - ok
22:04:25.0150 0x1bb0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:04:25.0205 0x1bb0  tdx - ok
22:04:25.0888 0x1bb0  [ D6DDCFFF145CB7D334EECC2F9A8E304F, DC2E19A799F336DF299460C8DB4EE0B2597ADC6C4728F2BB3BBCFA1192BE809C ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
22:04:26.0536 0x1bb0  TeamViewer - ok
22:04:26.0624 0x1bb0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:04:26.0674 0x1bb0  TermDD - ok
22:04:26.0698 0x1bb0  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
22:04:26.0763 0x1bb0  terminpt - ok
22:04:26.0843 0x1bb0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:04:26.0938 0x1bb0  TermService - ok
22:04:26.0971 0x1bb0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:04:27.0055 0x1bb0  Themes - ok
22:04:27.0093 0x1bb0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:04:27.0178 0x1bb0  THREADORDER - ok
22:04:27.0273 0x1bb0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:04:27.0396 0x1bb0  TrkWks - ok
22:04:27.0486 0x1bb0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:04:27.0576 0x1bb0  TrustedInstaller - ok
22:04:27.0618 0x1bb0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:04:27.0727 0x1bb0  tssecsrv - ok
22:04:27.0771 0x1bb0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:04:27.0884 0x1bb0  TsUsbFlt - ok
22:04:27.0914 0x1bb0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:04:27.0991 0x1bb0  TsUsbGD - ok
22:04:28.0046 0x1bb0  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
22:04:28.0112 0x1bb0  tsusbhub - ok
22:04:28.0168 0x1bb0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:04:28.0321 0x1bb0  tunnel - ok
22:04:28.0356 0x1bb0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:04:28.0405 0x1bb0  uagp35 - ok
22:04:28.0444 0x1bb0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:04:28.0710 0x1bb0  udfs - ok
22:04:28.0771 0x1bb0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:04:28.0935 0x1bb0  UI0Detect - ok
22:04:29.0005 0x1bb0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:04:29.0078 0x1bb0  uliagpkx - ok
22:04:29.0129 0x1bb0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:04:29.0227 0x1bb0  umbus - ok
22:04:29.0252 0x1bb0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:04:29.0346 0x1bb0  UmPass - ok
22:04:29.0379 0x1bb0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:04:29.0442 0x1bb0  UmRdpService - ok
22:04:29.0724 0x1bb0  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:04:29.0920 0x1bb0  UNS - ok
22:04:29.0997 0x1bb0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:04:30.0095 0x1bb0  upnphost - ok
22:04:30.0147 0x1bb0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:04:30.0221 0x1bb0  usbccgp - ok
22:04:30.0274 0x1bb0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:04:30.0334 0x1bb0  usbcir - ok
22:04:30.0371 0x1bb0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:04:30.0424 0x1bb0  usbehci - ok
22:04:30.0468 0x1bb0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:04:30.0559 0x1bb0  usbhub - ok
22:04:30.0602 0x1bb0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:04:30.0671 0x1bb0  usbohci - ok
22:04:30.0722 0x1bb0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:04:30.0788 0x1bb0  usbprint - ok
22:04:30.0829 0x1bb0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:04:30.0922 0x1bb0  usbscan - ok
22:04:30.0952 0x1bb0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:04:31.0063 0x1bb0  USBSTOR - ok
22:04:31.0108 0x1bb0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:04:31.0158 0x1bb0  usbuhci - ok
22:04:31.0226 0x1bb0  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
22:04:31.0357 0x1bb0  usbvideo - ok
22:04:31.0391 0x1bb0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:04:31.0482 0x1bb0  UxSms - ok
22:04:31.0498 0x1bb0  [ 54C0E3156872881F6AB017210278E27E, 8C3C71535FAC3897E1AE5505302387D7EC7C93D9DB6CA8AD6C1E1B26FE33D367 ] VaultSvc        C:\Windows\system32\lsass.exe
22:04:31.0532 0x1bb0  VaultSvc - ok
22:04:31.0611 0x1bb0  VBoxAswDrv - ok
22:04:31.0656 0x1bb0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:04:31.0705 0x1bb0  vdrvroot - ok
22:04:31.0763 0x1bb0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:04:31.0927 0x1bb0  vds - ok
22:04:31.0965 0x1bb0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:04:32.0051 0x1bb0  vga - ok
22:04:32.0091 0x1bb0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:04:32.0192 0x1bb0  VgaSave - ok
22:04:32.0199 0x1bb0  VGPU - ok
22:04:32.0241 0x1bb0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:04:32.0305 0x1bb0  vhdmp - ok
22:04:32.0339 0x1bb0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:04:32.0397 0x1bb0  viaide - ok
22:04:32.0436 0x1bb0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:04:32.0496 0x1bb0  vmbus - ok
22:04:32.0521 0x1bb0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:04:32.0564 0x1bb0  VMBusHID - ok
22:04:32.0593 0x1bb0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:04:32.0652 0x1bb0  volmgr - ok
22:04:32.0688 0x1bb0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:04:32.0760 0x1bb0  volmgrx - ok
22:04:32.0809 0x1bb0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:04:32.0881 0x1bb0  volsnap - ok
22:04:32.0907 0x1bb0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:04:32.0962 0x1bb0  vsmraid - ok
22:04:33.0093 0x1bb0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:04:33.0323 0x1bb0  VSS - ok
22:04:33.0361 0x1bb0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:04:33.0467 0x1bb0  vwifibus - ok
22:04:33.0501 0x1bb0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:04:33.0558 0x1bb0  vwififlt - ok
22:04:33.0615 0x1bb0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:04:33.0720 0x1bb0  W32Time - ok
22:04:33.0748 0x1bb0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:04:33.0798 0x1bb0  WacomPen - ok
22:04:33.0833 0x1bb0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:04:33.0983 0x1bb0  WANARP - ok
22:04:33.0994 0x1bb0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:04:34.0096 0x1bb0  Wanarpv6 - ok
22:04:34.0231 0x1bb0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:04:34.0326 0x1bb0  WatAdminSvc - ok
22:04:34.0458 0x1bb0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:04:34.0666 0x1bb0  wbengine - ok
22:04:34.0715 0x1bb0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:04:34.0808 0x1bb0  WbioSrvc - ok
22:04:34.0855 0x1bb0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:04:34.0922 0x1bb0  wcncsvc - ok
22:04:34.0943 0x1bb0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:04:35.0027 0x1bb0  WcsPlugInService - ok
22:04:35.0065 0x1bb0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:04:35.0102 0x1bb0  Wd - ok
22:04:35.0178 0x1bb0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:04:35.0299 0x1bb0  Wdf01000 - ok
22:04:35.0333 0x1bb0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:04:35.0429 0x1bb0  WdiServiceHost - ok
22:04:35.0437 0x1bb0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:04:35.0465 0x1bb0  WdiSystemHost - ok
22:04:35.0502 0x1bb0  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
22:04:35.0567 0x1bb0  WebClient - ok
22:04:35.0616 0x1bb0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:04:35.0755 0x1bb0  Wecsvc - ok
22:04:35.0792 0x1bb0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:04:35.0938 0x1bb0  wercplsupport - ok
22:04:35.0980 0x1bb0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:04:36.0124 0x1bb0  WerSvc - ok
22:04:36.0212 0x1bb0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:04:36.0345 0x1bb0  WfpLwf - ok
22:04:36.0400 0x1bb0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:04:36.0445 0x1bb0  WIMMount - ok
22:04:36.0493 0x1bb0  WinDefend - ok
22:04:36.0534 0x1bb0  WinHttpAutoProxySvc - ok
22:04:36.0650 0x1bb0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:04:36.0790 0x1bb0  Winmgmt - ok
22:04:36.0988 0x1bb0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:04:37.0468 0x1bb0  WinRM - ok
22:04:37.0556 0x1bb0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:04:37.0613 0x1bb0  WinUsb - ok
22:04:37.0655 0x1bb0  WiseBootAssistant - ok
22:04:37.0665 0x1bb0  WiseHDInfo - ok
22:04:37.0752 0x1bb0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:04:37.0851 0x1bb0  Wlansvc - ok
22:04:37.0883 0x1bb0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:04:37.0937 0x1bb0  WmiAcpi - ok
22:04:37.0989 0x1bb0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:04:38.0033 0x1bb0  wmiApSrv - ok
22:04:38.0084 0x1bb0  WMPNetworkSvc - ok
22:04:38.0112 0x1bb0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:04:38.0207 0x1bb0  WPCSvc - ok
22:04:38.0230 0x1bb0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:04:38.0286 0x1bb0  WPDBusEnum - ok
22:04:38.0320 0x1bb0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:04:38.0437 0x1bb0  ws2ifsl - ok
22:04:38.0492 0x1bb0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:04:38.0564 0x1bb0  wscsvc - ok
22:04:38.0571 0x1bb0  WSearch - ok
22:04:38.0779 0x1bb0  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:04:39.0248 0x1bb0  wuauserv - ok
22:04:39.0316 0x1bb0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:04:39.0407 0x1bb0  WudfPf - ok
22:04:39.0630 0x1bb0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:04:39.0748 0x1bb0  WUDFRd - ok
22:04:39.0785 0x1bb0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:04:39.0820 0x1bb0  wudfsvc - ok
22:04:39.0858 0x1bb0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:04:39.0973 0x1bb0  WwanSvc - ok
22:04:40.0008 0x1bb0  ================ Scan global ===============================
22:04:40.0043 0x1bb0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
22:04:40.0079 0x1bb0  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
22:04:40.0109 0x1bb0  [ E0E4D286839FC27F56A85B4710E16B6B, 6BBBADB8904D6159E6171A339E0BF30A41D14E885D560BFB8BB73B1FF7239E1A ] C:\Windows\system32\winsrv.dll
22:04:40.0163 0x1bb0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:04:40.0223 0x1bb0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:04:40.0242 0x1bb0  [ Global ] - ok
22:04:40.0243 0x1bb0  ================ Scan MBR ==================================
22:04:40.0253 0x1bb0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:04:41.0142 0x1bb0  \Device\Harddisk0\DR0 - ok
22:04:41.0143 0x1bb0  ================ Scan VBR ==================================
22:04:41.0155 0x1bb0  [ CB42739463E3384D1EA2BA2D5ED1F706 ] \Device\Harddisk0\DR0\Partition1
22:04:41.0157 0x1bb0  \Device\Harddisk0\DR0\Partition1 - ok
22:04:41.0175 0x1bb0  [ 5311D0EDE184F2BCEB54E37F13990883 ] \Device\Harddisk0\DR0\Partition2
22:04:41.0177 0x1bb0  \Device\Harddisk0\DR0\Partition2 - ok
22:04:41.0178 0x1bb0  ================ Scan generic autorun ======================
22:04:42.0221 0x1bb0  [ 8626860A81DE4E1FE099D189E922EF65, E63911EA3127A21304187A2BE381F25C68236D89A7D666AC4E9D5C18A3EA4E34 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:04:43.0404 0x1bb0  RtHDVCpl - ok
22:04:43.0572 0x1bb0  [ 1056510ED7D1E9E32A64B302D8612E79, 8E6B251CAE361CC34268948D462D9913966EE8AB4D1845782736C631741E7C81 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:04:43.0684 0x1bb0  RtHDVBg - ok
22:04:43.0687 0x1bb0  SynTPEnh - ok
22:04:43.0793 0x1bb0  [ 5FDFB8E924219645DD26D0FC378F8182, F704AED82B60D1B38E523E46F9788A65EF50D58439784DA6BF90E1C299994652 ] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
22:04:43.0861 0x1bb0  Acer ePower Management - ok
22:04:43.0975 0x1bb0  [ 1056510ED7D1E9E32A64B302D8612E79, 8E6B251CAE361CC34268948D462D9913966EE8AB4D1845782736C631741E7C81 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:04:44.0077 0x1bb0  RtHDVBg_Dolby - ok
22:04:44.0080 0x1bb0  ETDCtrl - ok
22:04:44.0145 0x1bb0  [ C5D79C8D3C010A083C21A9612B4D906E, 141AB809E440F883258DEED979BEEE5B2C18E79BA9128F4C8BECE1FE79928937 ] C:\Windows\system32\igfxtray.exe
22:04:44.0180 0x1bb0  IgfxTray - ok
22:04:44.0230 0x1bb0  [ A0B03897D4A8DA274467C4B9FC292ACE, 077D3E4E7373D6165B0A7B0E168384BD397ED60A63D85341CEC6CCE72DF41507 ] C:\Windows\system32\hkcmd.exe
22:04:44.0283 0x1bb0  HotKeysCmds - ok
22:04:44.0332 0x1bb0  [ 1F963E569AD9764CACB397452F72608C, F97560022D07D433BA38CB4E9260346D6106493172CA994D864D0F63159F70BB ] C:\Windows\system32\igfxpers.exe
22:04:44.0386 0x1bb0  Persistence - ok
22:04:44.0434 0x1bb0  [ E4D27AA5E03A5A0A5CD598CFA07E5DFE, 482572511AAA38246A3EE61D900E8C3601A2B9F0F28DDAD973C2ECEBFE0DDED7 ] C:\Windows\System32\rstrui.exe
22:04:44.0525 0x1bb0  *Restore - ok
22:04:44.0575 0x1bb0  [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\SYSTEM32\WerFault.exe
22:04:44.0684 0x1bb0  *WerKernelReporting - ok
22:04:44.0688 0x1bb0  MSPCLOCK - ok
22:04:44.0692 0x1bb0  MSPQM - ok
22:04:44.0696 0x1bb0  MSKSSRV - ok
22:04:44.0700 0x1bb0  MSTEE.CxTransform - ok
22:04:44.0704 0x1bb0  MSTEE.Splitter - ok
22:04:44.0708 0x1bb0  WDM_DRMKAUD - ok
22:04:44.0787 0x1bb0  [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
22:04:44.0843 0x1bb0  FreePDF Assistant - detected UnsignedFile.Multi.Generic ( 1 )
22:04:47.0643 0x1bb0  Detect skipped due to KSN trusted
22:04:47.0643 0x1bb0  FreePDF Assistant - ok
22:04:47.0803 0x1bb0  [ D3AC38E80E928CC61A22650E04423BB8, 8DB324E5BCC2A721EB0C48F0F3ECC21E49D6172A3BF8ACC55244C08FAEB3101C ] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
22:04:47.0885 0x1bb0  EEventManager - ok
22:04:48.0399 0x1bb0  [ 2D6800E17FEBB51E3C75CD935E2BA8F5, 0831307B35FB346116B6DB67B8EF87384A1BF08A8EEEB6343560AA5C4EED2B23 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:04:49.0059 0x1bb0  AvastUI.exe - ok
22:04:49.0144 0x1bb0  [ 6513807FEE68E6C32E67437EE3FFB6C8, 2AB388BD68E984C38EAAF2D42DE918A64B42DA229627FC0B1A896A8AD60B5F91 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:04:49.0302 0x1bb0  SunJavaUpdateSched - ok
22:04:49.0425 0x1bb0  [ F825F2FC7E76DB86A9C5B0984221B5DB, BF526CCB010DB0CA9BA21E4615D17289D5A2F721884B181AE2316B8232DC4977 ] C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe
22:04:49.0459 0x1bb0  20150107 - ok
22:04:49.0587 0x1bb0  [ A9D047B4AB48D5A70CFBF3816ABCC5E4, E2DB14DB8CCA1145C6F738AF60BACA44B9E836B09C1D1279E0A0F33C63BF2EE7 ] C:\Windows\is-SAIVE.exe
22:04:49.0680 0x1bb0  InnoSetupRegFile.0000000001 - detected UnsignedFile.Multi.Generic ( 1 )
22:04:53.0317 0x1bb0  InnoSetupRegFile.0000000001 ( UnsignedFile.Multi.Generic ) - warning
22:04:56.0229 0x1bb0  [ A9D047B4AB48D5A70CFBF3816ABCC5E4, E2DB14DB8CCA1145C6F738AF60BACA44B9E836B09C1D1279E0A0F33C63BF2EE7 ] C:\Windows\is-F60Q9.exe
22:04:56.0327 0x1bb0  InnoSetupRegFile.0000000002 - detected UnsignedFile.Multi.Generic ( 1 )
22:04:56.0328 0x1bb0  InnoSetupRegFile.0000000002 ( UnsignedFile.Multi.Generic ) - warning
22:04:56.0328 0x1bb0  Force sending object to P2P due to detect: C:\Windows\is-F60Q9.exe
22:04:59.0202 0x1bb0  Object send P2P result: true
22:05:02.0056 0x1bb0  [ A9D047B4AB48D5A70CFBF3816ABCC5E4, E2DB14DB8CCA1145C6F738AF60BACA44B9E836B09C1D1279E0A0F33C63BF2EE7 ] C:\Windows\is-AEUAP.exe
22:05:02.0157 0x1bb0  InnoSetupRegFile.0000000003 - detected UnsignedFile.Multi.Generic ( 1 )
22:05:02.0157 0x1bb0  InnoSetupRegFile.0000000003 ( UnsignedFile.Multi.Generic ) - warning
22:05:04.0960 0x1bb0  [ 9CEE13DDCF207923A1849A8371E714E9, F1265E1065AEC5CC1397617F6EB9D6321A1B6B14447D4BA0FE23AC7532675403 ] C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe
22:05:04.0981 0x1bb0   Malwarebytes Anti-Malware  (cleanup) - ok
22:05:05.0102 0x1bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:05.0267 0x1bb0  Sidebar - ok
22:05:05.0304 0x1bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:05.0348 0x1bb0  mctadmin - ok
22:05:05.0447 0x1bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:05.0571 0x1bb0  Sidebar - ok
22:05:05.0583 0x1bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:05.0628 0x1bb0  mctadmin - ok
22:05:05.0768 0x1bb0  [ 6CF0ACD321C93EB978C4908DEB79B7FB, 2B18A6C9A5418C4EA4289D896D1ECB17F66C9E7910AFB1F33B12712D15BE751A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
22:05:05.0839 0x1bb0  GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971 - ok
22:05:05.0885 0x1bb0  Skype - ok
22:05:06.0036 0x1bb0  [ 77C01F1850E55373280A1B865D824F58, EE1535A11A49BF578FC4D00096508FFD0C4E20EC164B3ABB92ED6E2800F831C8 ] C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe
22:05:06.0072 0x1bb0  BingSvc - ok
22:05:06.0318 0x1bb0  [ 10B531B9D0CBCCDD9B2C7C62036F8BE4, DA9C942C9446A219BB3B341E6F3D5EB8E18051FC09403CA2FCBCB814DFF20842 ] C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe
22:05:06.0432 0x1bb0  Miranda Fusion - detected UnsignedFile.Multi.Generic ( 1 )
22:05:09.0266 0x1bb0  Detect skipped due to KSN trusted
22:05:09.0266 0x1bb0  Miranda Fusion - ok
22:05:09.0314 0x1bb0  [ 598FF7C5F90CA2E6689DFBAC88C8E343, 83DF16B66B3FCB9706BA127A99EC073C76E1E04A524CF05D527FC8D0D292BF60 ] C:\AdwCleaner\AdwCleaner[C1].txt
22:05:09.0471 0x1bb0  Report - detected UnsignedFile.Multi.Generic ( 1 )
22:05:12.0277 0x1bb0  Report ( UnsignedFile.Multi.Generic ) - warning
22:05:15.0060 0x1bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:15.0154 0x1bb0  Sidebar - ok
22:05:15.0194 0x1bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:15.0251 0x1bb0  mctadmin - ok
22:05:15.0478 0x1bb0  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:05:15.0632 0x1bb0  Sidebar - ok
22:05:15.0639 0x1bb0  Skype - ok
22:05:15.0724 0x1bb0  [ 10B531B9D0CBCCDD9B2C7C62036F8BE4, DA9C942C9446A219BB3B341E6F3D5EB8E18051FC09403CA2FCBCB814DFF20842 ] C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe
22:05:15.0789 0x1bb0  Miranda Fusion - detected UnsignedFile.Multi.Generic ( 1 )
22:05:15.0789 0x1bb0  Detect skipped due to KSN trusted
22:05:15.0789 0x1bb0  Miranda Fusion - ok
22:05:16.0003 0x1bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:16.0101 0x1bb0  Sidebar - ok
22:05:16.0127 0x1bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:16.0174 0x1bb0  mctadmin - ok
22:05:16.0240 0x1bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:16.0332 0x1bb0  Sidebar - ok
22:05:16.0347 0x1bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:16.0395 0x1bb0  mctadmin - ok
22:05:16.0455 0x1bb0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:05:16.0558 0x1bb0  Sidebar - ok
22:05:16.0583 0x1bb0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:05:16.0632 0x1bb0  mctadmin - ok
22:05:16.0633 0x1bb0  Waiting for KSN requests completion. In queue: 1
22:05:17.0633 0x1bb0  Waiting for KSN requests completion. In queue: 1
22:05:18.0633 0x1bb0  Waiting for KSN requests completion. In queue: 1
22:05:19.0704 0x1bb0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.2.2738.0 ), 0x41000 ( enabled : updated )
22:05:19.0727 0x1bb0  Win FW state via NFP2: enabled ( trusted )
22:05:26.0369 0x1bb0  ============================================================
22:05:26.0369 0x1bb0  Scan finished
22:05:26.0369 0x1bb0  ============================================================
22:05:26.0389 0x270c  Detected object count: 4
22:05:26.0390 0x270c  Actual detected object count: 4
22:06:40.0823 0x270c  InnoSetupRegFile.0000000001 ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0824 0x270c  InnoSetupRegFile.0000000001 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:06:40.0827 0x270c  InnoSetupRegFile.0000000002 ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0828 0x270c  InnoSetupRegFile.0000000002 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:06:40.0833 0x270c  InnoSetupRegFile.0000000003 ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0833 0x270c  InnoSetupRegFile.0000000003 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:06:40.0835 0x270c  Report ( UnsignedFile.Multi.Generic ) - skipped by user
22:06:40.0835 0x270c  Report ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
__________________

Alt 15.06.2016, 21:20   #4
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-06-2016
Ran by Sandra Nicola (administrator) on SCHNUBBI (15-06-2016 22:10:58)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIHLE.EXE
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C1].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE [283232 2012-02-29] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-06-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM\...\Firefox\Extensions: [dnshelp@dnshelp.com] - C:\Users\Sany\AppData\Roaming\Helper
FF Extension: Helper - C:\Users\Sany\AppData\Roaming\Helper [2013-12-10] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WiseHDInfo; \??\C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-15 22:10 - 2016-06-15 22:11 - 00024354 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-15 22:09 - 2016-06-15 22:09 - 02385920 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-15 22:02 - 2016-06-15 22:08 - 00227102 _____ C:\TDSSKiller.3.1.0.9_15.06.2016_22.02.33_log.txt
2016-06-15 21:58 - 2016-06-15 21:58 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Sany\Desktop\tdsskiller.exe
2016-06-15 21:15 - 2016-06-15 21:15 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-06-14 23:16 - 2016-06-14 23:16 - 00006254 _____ C:\Users\Sany\Desktop\Firefox Favs.txt
2016-06-12 21:23 - 2016-06-15 22:10 - 00000000 ____D C:\FRST
2016-06-12 20:38 - 2016-06-12 22:13 - 00000000 ____D C:\AdwCleaner
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:42 - 2016-06-12 15:42 - 00000000 ____D C:\Users\Sany\Desktop\SDI_R454
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-15 22:06 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-15 22:02 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-15 21:58 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-15 21:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-15 21:21 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-15 21:21 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-15 21:20 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-15 21:15 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-15 21:09 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-15 09:46 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-14 23:18 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-14 23:08 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-13 21:01 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 22:56 - 2016-05-10 12:12 - 00000000 ____D C:\Users\Sany\Desktop\Grey's Anatomy
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieBrowserModeList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieSiteList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieBrowserModeList
2016-06-12 21:58 - 2015-02-26 00:26 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieSiteList
2016-06-12 21:43 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 21:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-12 20:48 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-12 20:48 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-12 20:48 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-12 19:30 - 2012-08-29 22:57 - 00000000 ____D C:\Dolby PCEE4
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:37 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-06 12:31 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle

==================== Files in the root of some directories =======

2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:43 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Sany\biing2.exe


Some files in TEMP:
====================
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-10 14:17

==================== End of FRST.txt ============================
         
--- --- ---



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:15-06-2016
Ran by Sandra Nicola (2016-06-15 22:12:30)
Running from C:\Users\Sany\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 19:46:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3682184643-4074992415-2154467960-500 - Administrator - Disabled)
Guest (S-1-5-21-3682184643-4074992415-2154467960-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3682184643-4074992415-2154467960-1004 - Limited - Enabled)
Sandra Nicola (S-1-5-21-3682184643-4074992415-2154467960-1000 - Administrator - Enabled) => C:\Users\Sandra Nicola
Sany (S-1-5-21-3682184643-4074992415-2154467960-1002 - Limited - Enabled) => C:\Users\Sany
UpdatusUser (S-1-5-21-3682184643-4074992415-2154467960-1043 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.3M HD WebCam (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.6.04 - SunplusIT)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Amazon Amazon Music) (Version: 3.11.5.1140 - Amazon Services LLC)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
Biing! 2 Version 1.8 (HKLM-x32\...\{D31EEA07-5033-4A7B-BC48-B57F69C8FA15}_is1) (Version: 1.8 - Reline)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version:  - )
Dropbox (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
ELAN Touchpad 15.6.3.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.6.3.3 - ELAN Microelectronic Corp.)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.6.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.3.1019 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.0 (HKLM-x32\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version:  - MiniTool Solution Ltd.)
Miranda Fusion 3.2.35.0 (HKLM-x32\...\MirandaFusion) (Version: 3.2.35.0 - Miranda Fusion Team)
mIRC (HKLM-x32\...\mIRC) (Version: 7.1 - mIRC Co. Ltd.)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steuer-Software 2013 (HKLM-x32\...\{3193DDB1-8F15-43DA-85D5-4796BF645914}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Steuer-Software 2014 (HKLM-x32\...\{77D53A25-9700-42C7-8305-8E469FEBEE30}) (Version: 19.10.89 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2015 (HKLM-x32\...\{8D59E108-081D-4F4F-84EF-0132479C25C6}) (Version: 20.38.173 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2016 (HKLM-x32\...\{700B1B66-851B-4DA2-9233-1F14602CFA6F}) (Version: 21.34.95 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.4.2 - Shark007)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Wuala (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Sany\AppData\Local\Microsoft\Windows Sidebar\Gadgets\sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04397A23-DFC7-480E-BD5A-4146F04E1641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {35D990BA-622F-4FBF-AF80-3B9F19812768} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
Task: {388D6C50-8D70-43FF-BFE8-7327D31F8A4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {404B6DC8-BA8F-4784-A1BD-B960A215CA4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4F7F859F-0DDB-4325-9E96-55559992F663} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {61FC3F73-1286-49B8-A6DF-1FBD23CB1F1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-04] (AVAST Software)
Task: {765D315B-55BA-4F63-967B-D6850AFCC108} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {CAB6E484-18DA-4A3D-99D3-B8526EE3D186} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {DD3C22FB-15E3-4277-B2A8-3B6C8721E333} - System32\Tasks\SafeZone scheduled Autoupdate 1458763563 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {DE68D6AA-9A2A-4DAC-855C-5AD0789FB1D8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FACA77E6-48B3-4C60-AADC-EFACFA3F5749} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2014-06-12 22:17 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-05 21:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2011-03-26 08:28 - 2011-03-26 08:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-04 19:41 - 2016-05-04 19:41 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-12 19:37 - 2016-06-12 19:37 - 02932736 _____ () C:\Program Files\AVAST Software\Avast\defs\16061201\algo.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-06-15 21:10 - 2016-06-15 21:10 - 02934272 _____ () C:\Program Files\AVAST Software\Avast\defs\16061501\algo.dll
2015-09-06 20:13 - 2015-12-11 03:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-05-19 22:30 - 2016-05-19 22:30 - 00060928 _____ () C:\Program Files (x86)\MirandaFusion\zlib.dll
2008-05-03 09:59 - 2008-05-03 09:59 - 00094208 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\svc_dbepp.dll
2009-08-04 09:46 - 2009-08-04 09:46 - 00162304 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\actman.dll
2009-05-08 23:42 - 2009-05-08 23:42 - 00067072 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\authstate.dll
2010-02-10 20:42 - 2010-02-10 20:42 - 00117760 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\extraicons.dll
2013-03-15 10:27 - 2013-03-15 10:27 - 00322048 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\facebook.dll
2010-09-28 17:59 - 2010-09-28 17:59 - 00498688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\fingerprint.dll
2012-05-24 20:20 - 2012-05-24 20:20 - 00110592 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\folders.dll
2016-05-19 22:42 - 2016-05-19 22:42 - 00326144 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\icq.dll
2016-05-19 22:32 - 2016-05-19 22:32 - 00318976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\irc.dll
2011-02-09 23:56 - 2011-02-09 23:56 - 00082021 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\keepstatus.dll
2010-08-26 18:27 - 2010-08-26 18:27 - 00062976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\menuex.dll
2012-07-18 20:39 - 2012-07-18 20:39 - 00106496 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\metacontacts.dll
2011-07-17 19:07 - 2011-07-17 19:07 - 00671232 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\mirotr.dll
2010-04-08 20:33 - 2010-04-08 20:33 - 00240128 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\sendss.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00094315 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\startupstatus.dll
2012-11-05 22:48 - 2012-11-05 22:48 - 00372736 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\twitter.dll
2010-10-10 11:12 - 2010-10-10 11:12 - 00374272 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\uinfoexw.dll
2009-10-09 09:04 - 2009-10-09 09:04 - 00036864 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\useactions.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00114688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\variables.dll
2010-07-17 10:16 - 2010-07-17 10:16 - 00283136 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\watrack.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-04 13:23 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-04 13:22 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-04 13:22 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 13:22 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-04 13:22 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-04 13:22 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00024904 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00546096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00357680 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-04 13:22 - 2016-05-05 12:13 - 00017864 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\libEGL.dll
2016-06-04 13:22 - 2016-05-05 12:13 - 01631184 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2016-06-04 13:22 - 2016-05-05 12:15 - 00697304 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-12-20 12:35 - 2015-12-20 12:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-11 05:41 - 2015-11-11 05:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2016-06-06 20:55 - 2016-06-04 03:56 - 17565848 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\PepperFlash\pepflashplayer.dll
2016-06-06 20:55 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-06 20:55 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9A0CF582-0842-415F-97A1-14A654C6F136}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FCED189B-2A51-4C48-81F4-9BA024D2FFF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{237545CD-8E8F-46C2-8ACB-A678244FC57A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{E5A34E10-5039-418C-AA4C-02B16C69857C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F6B11CC8-4FC3-4387-BE59-D571144FA32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7AC80160-79F7-44FF-80BC-DBF3DB9269F5}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{D0BF65DD-9224-4195-BEB8-48325C09653E}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{C7F6AE34-7668-4B93-9D6D-41985EF010EF}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [UDP Query User{72A764F2-9306-4FAA-9C47-5A96B0605D8B}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [TCP Query User{7F05617C-9138-4983-9389-2109B875F7FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{89B536E7-87FF-40AA-8251-2592CDC1D51D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{4123086B-6697-4B43-BD16-010618B721FB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0EBC3C2E-AB9C-4B23-A8FF-A70A01DD7080}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{84251E9D-B8A6-4300-B08E-92EE91156D48}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A963B6E5-838A-44FC-84DF-2B80331443A6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{71FC902B-09B2-4C10-983E-B41930E91B68}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{E2BD0630-B9D9-4B77-AEF5-C89EBFE82AAF}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{BD89FB5C-1A7E-4879-A06E-BC0D24FB6A1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BB312A91-45EC-4701-A552-671E652913C0}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{3E9183B8-DD4F-4779-8FB9-B07D116267C8}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9F2B7316-C788-491F-80B8-D4FA029717BF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{BC62D37A-7E3E-4C09-AE24-10D37C0E7885}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38005A59-206E-444D-826A-B3C973D53BC5}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C66CEDA0-34C3-4673-97C7-507520BE12CA}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{225EBDE7-F54A-4FE3-9E31-0EAAE9BA0A0E}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A9E135AD-9189-45CA-A4A6-52C2A33BA576}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{8659C8BA-C315-47E2-8D57-CCB279D35015}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{EDA315FD-4162-4F1D-AEBA-8031807924A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE8408C6-C881-460D-93CC-0B5F457F92CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D328A208-F129-4F7B-A4C4-15C4673B0E90}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{CAC0DB41-3206-4799-A826-144E7DC67A28}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{0554891A-4EA7-47A8-9F47-C75E1074C365}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFE2DA77-0714-494F-A849-173008D83F25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C50E5472-57FE-4D9C-8143-28A3C496AC79}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D6021033-8E01-4D45-B014-32D0215F6AC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5240FB5F-93E9-46EA-9023-75D1DA3B4B01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5371A095-407B-4645-915B-A6968D6C93C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B53C6CD7-C266-47FA-AAF5-431D86BBDFD2}] => (Allow) LPort=5556
FirewallRules: [{9B9EB6EB-B6CF-406D-85F1-6522EFEC3AC0}] => (Allow) LPort=5558
FirewallRules: [{64EC39E4-9F0C-475A-9C74-46EA0D3B5B6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{CE7348D5-3868-41D1-9870-FE8F0C9DB4FC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8D273D0A-9A26-435E-9BA3-282F9BA80BCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D894D6-149C-400C-88F3-5C66583CCCA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94AB55FB-7C15-4F5E-B436-6C7080EAF7DE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{B30C533C-C81C-4522-88C7-0E02EBAF0580}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{DA48D2EB-AF84-4B7A-941C-4BF138A942AB}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{FA836D36-3023-412A-83FC-B9FBC396FD87}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{67977728-DBCF-47F1-B5E2-525DF228E576}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{60C4E4DC-1CC6-4B41-96A3-9E09AC67BE9E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3BB1637D-9740-4A87-8CAB-D53727C00C35}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [UDP Query User{C15E4FCC-B746-4935-8E4E-0A0F3FFC75D7}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [{8954813C-A257-4146-BC74-0CB6C6E91114}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8B76A7AD-078F-41DD-9B36-90113B1DB1C7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{10422358-E789-4EE7-BE5C-F1E5906113BF}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{2F885933-905F-44A5-BE62-D0B438331F61}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{13D86C52-AE3D-49BA-AD7A-E1135B05BC88}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{CA9B7285-2895-4A8D-872E-DCDF071C628C}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{A93D1EC0-9BDB-4AB7-B060-6CCEB4823E4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8113944F-77DD-45B2-9FD8-250C08111E65}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{664D13CA-FD37-4B59-B5F9-BD3EA501F9EF}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [TCP Query User{1FEFA7E8-E89C-419A-8226-EAC38CF1F1E4}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{AEFFE97E-CF2C-43F3-8793-A8F4F995535C}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [{D5FD2EE5-8B49-4102-A4BD-0B5839FDB1CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4FCCF01D-5B90-470B-9496-BC2049F6FF53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{700A3990-5DE0-4218-919F-D5855ECDDE38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBA2A12F-A324-489C-8DDC-7239B2E493EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

10-06-2016 21:15:45 Windows Update
12-06-2016 16:20:06 Installed drivers
12-06-2016 19:19:43 Removed Windows 7 USB/DVD Download Tool
12-06-2016 19:29:38 Removed Dolby Advanced Audio v2
12-06-2016 19:31:42 Installed Dolby Advanced Audio v2
12-06-2016 21:02:23 Removed Dolby Advanced Audio v2
15-06-2016 09:12:14 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/12/2016 09:13:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 08:53:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 08:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 07:35:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 04:50:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 04:38:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 04:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Name des fehlerhaften Moduls: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002c359
ID des fehlerhaften Prozesses: 0x934
Startzeit der fehlerhaften Anwendung: 0xSDI_x64_R454.exe0
Pfad der fehlerhaften Anwendung: SDI_x64_R454.exe1
Pfad des fehlerhaften Moduls: SDI_x64_R454.exe2
Berichtskennung: SDI_x64_R454.exe3

Error: (06/12/2016 12:57:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm SDI_x64_R454.exe, Version 0.3.0.454 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ff4

Startzeit: 01d1c4924993560d

Endzeit: 6

Anwendungspfad: C:\Users\Public\Downloads\Snappy Driver Installer\SDI_R454\SDI_R454\SDI_x64_R454.exe

Berichts-ID: 701fc76f-308c-11e6-8558-9b432118ff9a

Error: (06/09/2016 10:03:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.19135, Zeitstempel: 0x56a1bbe2
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.23418, Zeitstempel: 0x5708a857
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000048d84
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (06/09/2016 10:01:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/15/2016 10:17:35 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/15/2016 09:10:32 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (06/15/2016 09:10:16 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung empfangen: 70.

Error: (06/14/2016 10:06:49 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/13/2016 09:40:47 AM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (06/12/2016 09:14:40 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TeamViewer erreicht.

Error: (06/12/2016 09:13:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (06/12/2016 09:13:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3 = Das System kann den angegebenen Pfad nicht finden.


Error: (06/12/2016 08:53:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (06/12/2016 08:53:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3 = Das System kann den angegebenen Pfad nicht finden.



CodeIntegrity:
===================================
  Date: 2013-02-26 21:36:26.227
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:26.187
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:24.056
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:24.022
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:21.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:21.938
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:19.880
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:19.856
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:17.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:17.764
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 56%
Total physical RAM: 8043.86 MB
Available physical RAM: 3488.78 MB
Total Virtual: 16085.9 MB
Available Virtual: 9699.72 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:193.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 444A0486)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
         
--- --- ---

--- --- ---

Alt 16.06.2016, 23:00   #5
burningice
/// Malwareteam
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von AdwCleaner
  • Logfile von Malwarebytes
  • Frst.txt
  • Addition.txt

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 17.06.2016, 19:29   #6
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Code:
ATTFilter
# AdwCleaner v5.200 - Bericht erstellt am 17/06/2016 um 19:37:09
# Aktualisiert am 14/06/2016 von ToolsLib
# Datenbank : 2016-06-17.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (X64)
# Benutzername : Sandra Nicola - SCHNUBBI
# Gestartet von : C:\Users\Sany\Desktop\AdwCleaner_5.200.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\foxydeal.sqlite
[-] Datei gelöscht : C:\Users\Sany\AppData\Roaming\Mozilla\Firefox\Profiles\zwlg2v6x.default\searchplugins\11-suche.xml

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Wert gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [dnshelp@dnshelp.com]
[-] Schlüssel gelöscht : HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Software\Conduit

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C1].txt - [5630 Bytes] - [12/06/2016 20:51:04]
\AdwCleaner\AdwCleaner[C2].txt - [1412 Bytes] - [17/06/2016 19:37:09]
\AdwCleaner\AdwCleaner[S1].txt - [5828 Bytes] - [12/06/2016 20:42:13]
\AdwCleaner\AdwCleaner[S2].txt - [1487 Bytes] - [17/06/2016 19:31:35]

########## EOF - \AdwCleaner\AdwCleaner[C2].txt - [1625 Bytes] ##########
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 17.06.2016
Suchlaufzeit: 19:50
Protokolldatei: mbam.txt
Administrator: Nein

Version: 2.2.1.1043
Malware-Datenbank: v2016.06.17.04
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Sany

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 260293
Abgelaufene Zeit: 15 Min., 25 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 6
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [897f6c92a2f78da97f3eeca1936f43bd], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [7f8911edb1e864d29e1f246920e2da26], 
Trojan.ProxyHijacker, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TweakBit PCRepairKit v1.6.10.DynamicNS, Löschen bei Neustart, [7f8911edb1e864d29e1f246920e2da26], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, Löschen bei Neustart, [e523e717f0a937ff4560a1218d75e719], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, Löschen bei Neustart, [7c8cc5391188b185b7a15c5429da659b], 
PUP.Optional.TweakBit, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, Löschen bei Neustart, [1aee8777f4a554e2c496545c847f857b], 

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:16-06-2016 01
Ran by Sandra Nicola (administrator) on SCHNUBBI (17-06-2016 20:17:13)
Running from C:\Users\Sany\Desktop
Loaded Profiles: Sandra Nicola & Sany & UpdatusUser (Available Profiles: Sandra Nicola & Sany & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Englisch (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSvc.exe
() C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
() C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(Miranda IM) C:\Program Files (x86)\MirandaFusion\miranda32.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2280232 2010-07-29] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [860040 2010-10-29] (Acer Incorporated)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-09] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7405752 2016-06-10] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
HKLM\...\RunOnce: [*WerKernelReporting] => C:\Windows\SYSTEM32\WerFault.exe [415232 2009-07-14] (Microsoft Corporation)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\2322d091-33a3-4322-9ee4-4df0d4ac8d82.exe [168336 2016-01-21] (AVAST Software)
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000001] => "C:\Windows\is-SAIVE.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000002] => "C:\Windows\is-F60Q9.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [InnoSetupRegFile.0000000003] => "C:\Windows\is-AEUAP.exe" /REG /REGSVRMODE
HKLM-x32\...\RunOnce: [ Malwarebytes Anti-Malware  (cleanup)] => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \mbamdor.exe [54072 2015-10-05] (Malwarebytes)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [GoogleChromeAutoLaunch_D8107CCCFBFF2A4366A2C687393EC971] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [BingSvc] => C:\Users\Sandra Nicola\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C2].txt
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53123712 2016-05-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Miranda Fusion] => C:\Program Files (x86)\MirandaFusion\fusiontools\mfstart.exe [1121824 2015-11-08] (Miranda Fusion Team)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [ABBYY Screenshot Reader Bonus] => "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Amazon Music] => C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe [5890368 2015-11-18] ()
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [Dropbox Update] => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Run: [GoogleChromeAutoLaunch_26CFC6DA14F856D58D6B043755960AA3] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [941720 2016-06-04] (Google Inc.)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-11-14] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-11-14] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-04] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
Startup: C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-06-04]
ShortcutTarget: Dropbox.lnk -> C:\Users\Sandra Nicola\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{CA6C2E5B-F789-438E-98CC-4F038A4F400C}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=de-de
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-10] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-05-04] (AVAST Software)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-10] (Oracle Corporation)
BHO: No Name -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-05-04] (AVAST Software)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2009-08-24] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

FireFox:
========
FF ProfilePath: C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-10] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-08-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nppl3260.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.448 -> C:\Program Files (x86)\Win7codecs\rm\browser\plugins\nprpjplug.dll [2010-02-04] (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-20] (Nullsoft, Inc.)
FF Extension: Classic Theme Restorer - C:\Users\Sandra Nicola\AppData\Roaming\Mozilla\Firefox\Profiles\5ls1riua.default-1442688592423\extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2016-06-12]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-04]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-04]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://de.ogame.gameforge.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Cast) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-09-19]
CHR Extension: (Adblock Plus) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-19]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2015-09-19]
CHR Extension: (Tampermonkey) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-09-19]
CHR Extension: (Bookmark Manager) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-09-19]
CHR Extension: (Avast Online Security) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-09-19]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-09-19]
CHR Extension: (AntiGameOrigin) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldbahlcmhmlpomdepooifmhnalokdhgm [2015-04-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Sandra Nicola\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-04] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-11] (Digital Wave Ltd.)
R2 EpsonBidirectionalService; C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed]
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-09] (ELAN Microelectronics Corp.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7032080 2016-05-12] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-04] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-05-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-04] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [30960 2015-05-29] (Intel Corporation)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2014-08-15] (hxxp://libusb-win32.sourceforge.net)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-06-12] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-03-29] (Intel Corporation)
R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19936 2011-09-02] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [13280 2011-09-02] ()
S3 Secdrv; C:\Windows\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-25] () [File not signed]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2014-12-11] (Synaptics Incorporated)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2610808 2011-04-06] (Sunplus Technology)
U5 TMUSB; C:\Windows\System32\DRIVERS\TMUSB64.SYS [63096 2015-05-25] (Seiko Epson Corporation)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 WiseHDInfo; \??\C:\Program Files (x86)\Wise\Wise Care 365\WiseHDInfo64.dll [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-17 20:17 - 2016-06-17 20:18 - 00023314 _____ C:\Users\Sany\Desktop\FRST.txt
2016-06-17 20:17 - 2016-06-17 20:17 - 00000000 ____D C:\Users\Sany\Desktop\FRST-OlderVersion
2016-06-17 20:14 - 2016-06-17 20:14 - 00002032 _____ C:\Users\Sany\Desktop\mbam.txt
2016-06-17 19:28 - 2016-06-17 19:28 - 03703360 _____ C:\Users\Sany\Desktop\AdwCleaner_5.200.exe
2016-06-16 22:53 - 2016-06-16 22:53 - 00000000 ____D C:\Users\Public\Downloads\Sicherheit
2016-06-16 21:42 - 2016-06-16 21:42 - 09717952 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-06-16 09:22 - 2016-06-06 18:58 - 00041704 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-16 09:22 - 2016-06-06 18:50 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-16 09:22 - 2016-06-03 15:05 - 01413120 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00569856 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00544256 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-16 09:22 - 2016-05-27 15:06 - 00265216 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2016-06-16 09:22 - 2016-05-22 15:06 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-16 09:22 - 2016-05-18 18:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-16 09:22 - 2016-05-18 18:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-16 09:22 - 2016-05-14 00:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-16 09:22 - 2016-05-14 00:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-16 09:22 - 2016-05-13 23:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-16 09:22 - 2016-05-13 23:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-16 09:22 - 2016-05-13 23:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-16 09:22 - 2016-05-13 23:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-16 09:22 - 2016-05-13 23:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-16 09:22 - 2016-05-12 19:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-16 09:22 - 2016-05-12 19:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-16 09:22 - 2016-05-12 19:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-16 09:22 - 2016-05-12 19:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-16 09:22 - 2016-05-12 19:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-16 09:22 - 2016-05-12 19:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-16 09:22 - 2016-05-12 17:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-16 09:22 - 2016-05-12 17:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-16 09:22 - 2016-05-12 17:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-16 09:22 - 2016-05-12 17:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-16 09:22 - 2016-05-12 16:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-16 09:22 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-16 09:22 - 2016-05-12 16:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-16 09:22 - 2016-05-12 16:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-16 09:22 - 2016-05-12 16:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-16 09:22 - 2016-05-12 16:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-16 09:22 - 2016-05-12 15:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-16 09:22 - 2016-05-12 15:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-16 09:22 - 2016-05-12 15:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-16 09:22 - 2016-05-11 19:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-16 09:22 - 2016-05-11 17:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-16 09:22 - 2016-05-11 17:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-16 09:22 - 2016-05-11 17:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-16 09:22 - 2016-05-11 16:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-16 09:21 - 2016-04-14 18:46 - 00114408 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-06-16 09:21 - 2016-04-14 18:42 - 03243520 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-06-16 09:21 - 2016-04-14 18:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 02365440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-06-16 09:21 - 2016-04-14 17:33 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-06-16 09:21 - 2016-04-14 17:19 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2016-06-16 09:21 - 2016-04-14 17:11 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2016-06-16 09:21 - 2016-04-09 08:58 - 14186496 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-16 09:21 - 2016-04-09 08:57 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-06-16 09:21 - 2016-04-09 08:54 - 12881408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-06-16 09:21 - 2016-04-09 08:54 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-06-16 09:21 - 2016-04-09 07:53 - 03231232 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-16 09:21 - 2016-04-09 07:44 - 02973184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-16 09:21 - 2016-03-09 21:00 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2016-06-16 09:21 - 2016-03-09 20:40 - 00316416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2016-06-16 09:20 - 2016-05-24 01:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-16 09:20 - 2016-05-24 00:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-16 09:20 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-16 09:20 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-16 09:20 - 2016-05-21 00:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-16 09:20 - 2016-05-21 00:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-16 09:20 - 2016-05-21 00:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-16 09:20 - 2016-05-21 00:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-16 09:20 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-16 09:20 - 2016-05-21 00:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-16 09:20 - 2016-05-21 00:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-16 09:20 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-16 09:20 - 2016-05-21 00:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-16 09:20 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-16 09:20 - 2016-05-21 00:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-16 09:20 - 2016-05-20 23:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-16 09:20 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-16 09:20 - 2016-05-20 23:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-16 09:20 - 2016-05-20 23:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-16 09:20 - 2016-05-20 23:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-16 09:20 - 2016-05-20 23:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-16 09:20 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-16 09:20 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-16 09:20 - 2016-05-20 23:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-16 09:20 - 2016-05-20 23:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-16 09:20 - 2016-05-20 23:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-16 09:20 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-16 09:20 - 2016-05-20 23:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-16 09:20 - 2016-05-20 23:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-16 09:20 - 2016-05-20 23:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-16 09:20 - 2016-05-20 23:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-16 09:20 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-16 09:20 - 2016-05-20 23:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-16 09:20 - 2016-05-20 23:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-16 09:20 - 2016-05-20 23:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-16 09:20 - 2016-05-20 23:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-16 09:20 - 2016-05-20 23:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-16 09:20 - 2016-05-20 23:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-16 09:20 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-16 09:20 - 2016-05-20 23:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-16 09:20 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-16 09:20 - 2016-05-20 23:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-16 09:20 - 2016-05-20 23:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-16 09:20 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-16 09:20 - 2016-05-20 23:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-16 09:20 - 2016-05-20 23:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-16 09:20 - 2016-05-20 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-16 09:20 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-16 09:20 - 2016-05-20 23:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-16 09:20 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-16 09:20 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-16 09:20 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-16 09:20 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-16 09:20 - 2016-05-20 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-16 09:20 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-16 09:20 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-16 09:20 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-16 09:20 - 2016-05-20 23:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-16 09:20 - 2016-05-20 23:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-16 09:20 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-16 09:20 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-16 09:20 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-16 09:20 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-16 09:20 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-16 09:20 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-16 09:20 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-15 22:09 - 2016-06-17 20:17 - 02386944 _____ (Farbar) C:\Users\Sany\Desktop\FRST64.exe
2016-06-15 21:15 - 2016-06-15 21:15 - 00000000 _____ C:\Windows\SysWOW64\last.dump
2016-06-14 23:16 - 2016-06-17 19:32 - 00006262 _____ C:\Users\Sany\Desktop\Firefox Favs.txt
2016-06-12 21:23 - 2016-06-17 20:17 - 00000000 ____D C:\FRST
2016-06-12 20:38 - 2016-06-17 19:37 - 00000000 ____D C:\AdwCleaner
2016-06-12 16:34 - 2016-06-12 16:34 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2016-06-12 16:34 - 2011-04-06 16:02 - 00002759 _____ C:\Windows\Remove.ini
2016-06-12 16:34 - 2011-04-06 14:02 - 02610808 _____ (Sunplus Technology) C:\Windows\system32\Drivers\SPUVCBv_x64.sys
2016-06-12 16:34 - 2011-03-17 14:47 - 00213368 _____ (Dext5xx) C:\Windows\system32\DextUVCB_x64.ax
2016-06-12 16:34 - 2011-03-17 14:47 - 00193400 _____ (Dext5xx) C:\Windows\SysWOW64\DextUVCB.ax
2016-06-12 16:34 - 2010-12-21 15:08 - 00087096 _____ C:\Windows\un_dext.exe
2016-06-12 16:34 - 2010-12-20 13:42 - 00281976 _____ (Sunplusit) C:\Windows\system32\CoInstaller_x64.dll
2016-06-12 16:34 - 2010-11-19 14:28 - 00087928 _____ C:\Windows\SPRemove_x64.exe
2016-06-12 16:34 - 2010-08-18 00:28 - 00026136 _____ (Intel Corporation) C:\Windows\system32\Drivers\ICCWDT.sys
2016-06-12 16:34 - 2010-07-19 14:42 - 00003400 _____ C:\Windows\Dext_25.ini
2016-06-12 16:34 - 2010-07-19 14:41 - 00002964 _____ C:\Windows\Dext_13.ini
2016-06-12 16:34 - 2010-07-19 14:40 - 00002992 _____ C:\Windows\Dext_01.ini
2016-06-12 16:34 - 2010-07-19 14:39 - 00002944 _____ C:\Windows\Dext_09.ini
2016-06-12 16:34 - 2010-07-19 14:38 - 00003036 _____ C:\Windows\Dext_29.ini
2016-06-12 16:34 - 2010-07-19 14:37 - 00002376 _____ C:\Windows\Dext_18.ini
2016-06-12 16:34 - 2010-07-19 14:35 - 00003176 _____ C:\Windows\Dext_07.ini
2016-06-12 16:34 - 2010-07-19 14:34 - 00003124 _____ C:\Windows\Dext_19.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003386 _____ C:\Windows\Dext_12.ini
2016-06-12 16:34 - 2010-07-19 14:33 - 00003180 _____ C:\Windows\Dext_16.ini
2016-06-12 16:34 - 2010-07-19 14:32 - 00003250 _____ C:\Windows\Dext_10.ini
2016-06-12 16:34 - 2010-07-19 14:31 - 00003148 _____ C:\Windows\Dext_22.ini
2016-06-12 16:34 - 2010-07-19 14:30 - 00002446 _____ C:\Windows\Dext_17.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002544 _____ C:\Windows\Dext_04.ini
2016-06-12 16:34 - 2010-07-19 14:18 - 00002314 _____ C:\Windows\Dext_52.ini
2016-06-12 16:33 - 2016-05-03 05:07 - 04181288 _____ (Qualcomm Atheros Communications, Inc.) C:\Windows\system32\Drivers\athrx.sys
2016-06-12 16:31 - 2015-05-26 20:02 - 05375448 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-06-12 16:31 - 2015-05-26 20:00 - 00017082 _____ C:\Windows\system32\iglhxs64.vp
2016-06-12 16:31 - 2015-05-26 19:52 - 00440320 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439808 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00439296 _____ (Intel Corporation) C:\Windows\system32\igfxrrom.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrhrv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438784 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00438272 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437760 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00437248 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00435712 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00432128 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00431104 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00429056 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00428544 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00286208 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-06-12 16:31 - 2015-05-26 19:52 - 00223664 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00210106 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00194245 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00166170 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00163421 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00159008 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00149682 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00148042 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147393 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00147288 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00146004 _____ C:\Windows\system32\Gfxres.ro-RO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00145491 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144645 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144260 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00144020 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00143932 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142882 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142877 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142717 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142289 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00142008 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141838 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00141049 _____ C:\Windows\system32\Gfxres.hr-HR.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137889 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137784 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00137141 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00132623 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00126976 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-06-12 16:31 - 2015-05-26 19:52 - 00126300 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00124650 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-06-12 16:31 - 2015-05-26 19:52 - 00000268 _____ C:\Windows\system32\GfxUI.exe.config
2016-06-12 16:31 - 2015-05-26 19:50 - 01981696 _____ C:\Windows\system32\iglhxa64.cpa
2016-06-12 16:31 - 2015-05-26 19:50 - 00059425 _____ C:\Windows\system32\iglhxo64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059398 _____ C:\Windows\system32\iglhxg64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059230 _____ C:\Windows\system32\iglhxc64.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00059104 _____ C:\Windows\system32\iglhxc64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058796 _____ C:\Windows\system32\iglhxg64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00058109 _____ C:\Windows\system32\iglhxo64_dev.vp
2016-06-12 16:31 - 2015-05-26 19:50 - 00001074 _____ C:\Windows\system32\iglhxa64.vp
2016-06-12 16:30 - 2015-06-04 21:20 - 00116224 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v4229.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 01049576 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00940360 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00530968 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00525800 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00220432 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2016-06-12 16:30 - 2015-05-26 20:00 - 00184352 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00101376 _____ C:\Windows\system32\igdde64.dll
2016-06-12 16:30 - 2015-05-26 19:53 - 00081408 _____ C:\Windows\SysWOW64\igdde32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 10811392 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00410112 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00384512 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00330752 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00175104 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00025088 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-06-12 16:30 - 2015-05-26 19:52 - 00009728 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-06-12 16:30 - 2015-05-26 19:51 - 13028864 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03511296 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 03121152 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00575488 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2016-06-12 16:30 - 2015-05-26 19:50 - 00542720 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2016-06-12 16:29 - 2016-06-12 16:29 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-06-12 16:29 - 2015-06-04 21:21 - 05906536 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00513640 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00444008 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00401512 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00280680 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00256616 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00187496 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2016-06-12 16:29 - 2015-06-04 21:21 - 00173672 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\SysWOW64\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00963452 _____ C:\Windows\system32\igcodeckrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\SysWOW64\igvpkrng600.bin
2016-06-12 16:29 - 2015-05-26 19:50 - 00272928 _____ C:\Windows\system32\igvpkrng600.bin
2016-06-12 16:29 - 2014-12-11 22:56 - 00033448 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2016-06-12 16:29 - 2014-01-30 17:17 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2016-06-12 16:28 - 2016-06-12 16:28 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2016-06-12 16:27 - 2016-06-12 16:28 - 00000000 ____D C:\Program Files\Elantech
2016-06-12 16:27 - 2015-09-09 22:00 - 00062672 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\ETDCoInstaller15005.dll
2016-06-12 16:27 - 2015-09-09 21:59 - 00577096 _____ (ELAN Microelectronics Corp.) C:\Windows\system32\Drivers\ETD.sys
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-06-12 16:25 - 2016-06-12 16:25 - 00000000 ____D C:\Windows\system32\DAX2
2016-06-12 16:24 - 2016-06-03 07:29 - 72520720 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 07172920 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 06064046 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-06-12 16:24 - 2016-06-03 07:29 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-06-12 16:24 - 2016-06-03 07:29 - 05111040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-06-12 16:24 - 2016-06-03 07:29 - 03283248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03199744 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 03096248 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 02895104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-06-12 16:24 - 2016-06-03 07:29 - 02060032 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 01355616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00965032 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00689888 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00677672 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00532384 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00447728 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00387320 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00343712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00321720 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00231920 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00221968 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00209536 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00192984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00166208 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00151792 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00134208 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00090920 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088352 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00088320 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00083632 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-06-12 16:24 - 2016-06-03 07:29 - 00023696 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 07096192 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 06264640 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 05339552 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 03282544 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 02050184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01965816 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01959608 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01780624 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01591064 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01508936 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 01061120 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00743968 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00727440 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00708312 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00678184 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00574760 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00504312 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00445400 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00441272 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00371456 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00362056 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00330568 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00327456 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00310424 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00272720 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253904 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00253872 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00252880 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00122328 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-06-12 16:23 - 2016-06-03 07:29 - 00118600 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-06-12 16:23 - 2015-09-17 11:42 - 00463112 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00646408 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2016-06-12 16:23 - 2015-05-29 16:05 - 00030960 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorF.sys
2016-06-12 16:22 - 2016-06-12 16:22 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2016-06-12 16:22 - 2016-03-29 07:01 - 00181304 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2016-06-12 16:21 - 2014-01-10 13:13 - 00082128 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiSDa.sys
2016-06-12 16:21 - 2013-10-29 23:15 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2016-06-12 15:50 - 2016-06-12 15:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_b57xdbd_01009.Wdf
2016-06-12 15:50 - 2013-07-23 16:23 - 00059088 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bScsiMSa.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00072280 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdbd.sys
2016-06-12 15:50 - 2012-08-13 10:59 - 00021080 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\b57xdmp.sys
2016-06-12 15:39 - 2016-06-12 16:35 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-06-12 15:39 - 2016-06-12 15:39 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-06-12 15:39 - 2016-06-12 15:39 - 00000000 ____D C:\Users\Sandra Nicola\AppData\Roaming\TeamViewer
2016-06-08 21:43 - 2016-06-12 20:51 - 00000008 __RSH C:\ProgramData\ntuser.pol
2016-06-08 21:15 - 2016-06-08 21:15 - 00000000 ____D C:\Users\Sandra Nicola\Downloads\pkeyuibx_v1.5.0
2016-06-08 19:11 - 2016-06-12 12:17 - 00000000 ____D C:\Users\Public\Downloads\Windows 7 Ultimate
2016-06-08 17:13 - 2016-06-09 21:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-04 13:23 - 2016-06-04 13:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-04 11:18 - 2016-06-05 11:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-05-29 17:55 - 2016-05-29 17:55 - 00000000 ____D C:\Users\Sany\AppData\Roaming\mp3DirectCut

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-06-17 20:15 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:15 - 2009-07-14 06:45 - 00027840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-06-17 20:14 - 2015-11-04 09:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-06-17 20:14 - 2014-01-04 17:26 - 00000000 ___RD C:\Users\Sany\Documents\Dropbox
2016-06-17 20:13 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Skype
2016-06-17 20:08 - 2012-08-29 22:57 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-17 20:08 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-17 19:44 - 2015-06-16 17:01 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job
2016-06-17 19:42 - 2014-06-12 22:18 - 00000000 ____D C:\Users\UpdatusUser
2016-06-17 19:41 - 2016-05-10 11:32 - 00412840 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-17 19:39 - 2014-12-15 22:40 - 00000000 ____D C:\Windows\system32\appraiser
2016-06-17 19:32 - 2013-08-30 23:11 - 00000000 ____D C:\Users\Sany\AppData\Roaming\vlc
2016-06-17 18:42 - 2013-08-30 23:00 - 00000000 ____D C:\Users\Sany\AppData\Local\Sidebar7
2016-06-17 17:44 - 2015-06-16 17:01 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job
2016-06-17 14:59 - 2012-08-28 22:46 - 00000000 ____D C:\Users\Sany\Desktop\Neuer Ordner
2016-06-17 14:52 - 2012-08-30 07:36 - 00697522 _____ C:\Windows\system32\perfh007.dat
2016-06-17 14:52 - 2012-08-30 07:36 - 00149458 _____ C:\Windows\system32\perfc007.dat
2016-06-17 14:52 - 2009-07-14 07:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-17 14:52 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-06-17 10:06 - 2013-08-30 22:57 - 00000000 ____D C:\Users\Sany\AppData\Roaming\DVDVideoSoft
2016-06-17 09:35 - 2013-08-31 09:57 - 00000000 ____D C:\Windows\system32\MRT
2016-06-17 09:06 - 2012-08-29 23:27 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-16 22:53 - 2015-09-23 22:59 - 00000071 _____ C:\Users\Sany\Desktop\Schulden.txt
2016-06-16 21:44 - 2015-11-04 09:56 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-06-16 21:43 - 2012-08-30 22:13 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-16 21:43 - 2012-08-30 22:13 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-16 21:43 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-06-14 23:18 - 2013-08-30 23:27 - 00000000 ____D C:\Users\Sany\Documents\Rezepte
2016-06-14 23:08 - 2013-09-08 13:57 - 00000000 ____D C:\Users\Sany\AppData\Local\FreePDF_XP
2016-06-13 21:01 - 2013-02-26 21:24 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-06-12 22:56 - 2016-05-10 12:12 - 00000000 ____D C:\Users\Sany\Desktop\Grey's Anatomy
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieBrowserModeList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieUserList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieSiteList
2016-06-12 21:58 - 2015-03-23 20:04 - 00000000 __SHD C:\Users\Sany\AppData\Local\EmieBrowserModeList
2016-06-12 21:58 - 2015-02-26 00:26 - 00000000 __SHD C:\Users\Sany\AppData\LocalLow\EmieSiteList
2016-06-12 21:43 - 2012-08-30 21:23 - 00007620 _____ C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2016-06-12 21:18 - 2012-08-29 21:46 - 00000000 ____D C:\Users\Sandra Nicola
2016-06-12 21:12 - 2012-08-29 22:54 - 00000000 ____D C:\Program Files (x86)\Intel
2016-06-12 21:01 - 2012-08-29 23:08 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-12 19:21 - 2015-07-10 09:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-12 19:20 - 2015-07-10 09:50 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-12 16:47 - 2013-08-30 23:00 - 00109680 _____ C:\Users\Sany\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\SysWOW64\NV
2016-06-12 16:43 - 2014-06-12 22:46 - 00000000 ____D C:\Windows\system32\NV
2016-06-12 16:26 - 2012-08-29 22:57 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-06-12 10:06 - 2014-04-05 19:49 - 00000000 ____D C:\Users\Sany\Desktop\Drucken
2016-06-09 22:05 - 2015-12-16 01:45 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-06-09 22:05 - 2012-09-02 14:46 - 00000000 ____D C:\ProgramData\Skype
2016-06-09 21:58 - 2013-04-12 19:20 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-08 20:44 - 2012-09-09 11:53 - 00000000 ____D C:\Users\Sany\Desktop\Siedler
2016-06-06 20:55 - 2012-08-29 23:13 - 00002201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-04 13:23 - 2014-01-04 17:23 - 00000000 ____D C:\Users\Sany\AppData\Roaming\Dropbox
2016-06-04 09:53 - 2015-07-09 10:20 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-05-27 10:48 - 2016-03-20 10:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-05-27 10:48 - 2015-04-05 10:27 - 00000000 ___SD C:\Windows\system32\GWX
2016-05-26 21:50 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-05-24 23:14 - 2015-02-12 11:55 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-05-20 21:07 - 2013-08-30 23:54 - 00000000 ____D C:\Users\Sany\Documents\Steuerfälle

==================== Files in the root of some directories =======

2012-08-29 22:04 - 2012-08-29 22:04 - 0004264 _____ () C:\Users\Sandra Nicola\AppData\Local\HWVendorDetection.log
2012-08-30 21:23 - 2016-06-12 21:43 - 0007620 _____ () C:\Users\Sandra Nicola\AppData\Local\Resmon.ResmonCfg
2012-10-02 17:17 - 2016-05-02 08:58 - 0000211 _____ () C:\ProgramData\acer.zip
2016-06-12 16:25 - 2016-06-12 16:25 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Sany\biing2.exe


Some files in TEMP:
====================
C:\Users\Sandra Nicola\AppData\Local\Temp\libeay32.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\msvcr120.dll
C:\Users\Sandra Nicola\AppData\Local\Temp\sqlite3.dll
C:\Users\Sany\AppData\Local\Temp\gkey.exe
C:\Users\Sany\AppData\Local\Temp\pkeyui.exe
C:\Users\Sany\AppData\Local\Temp\wabk.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-05-10 14:17

==================== End of FRST.txt ============================
         
--- --- ---

--- --- ---

Alt 17.06.2016, 19:29   #7
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version:16-06-2016 01
Ran by Sandra Nicola (2016-06-17 20:18:51)
Running from C:\Users\Sany\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2012-08-29 19:46:53)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3682184643-4074992415-2154467960-500 - Administrator - Disabled)
Guest (S-1-5-21-3682184643-4074992415-2154467960-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3682184643-4074992415-2154467960-1004 - Limited - Enabled)
Sandra Nicola (S-1-5-21-3682184643-4074992415-2154467960-1000 - Administrator - Enabled) => C:\Users\Sandra Nicola
Sany (S-1-5-21-3682184643-4074992415-2154467960-1002 - Limited - Enabled) => C:\Users\Sany
UpdatusUser (S-1-5-21-3682184643-4074992415-2154467960-1043 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1.3M HD WebCam (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.6.04 - SunplusIT)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1216 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1216 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3000 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Amazon Amazon Music) (Version: 3.11.5.1140 - Amazon Services LLC)
Atheros Driver Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 11.2.2262 - AVAST Software)
Benutzerhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Useg) (Version:  - )
Biing! 2 Version 1.8 (HKLM-x32\...\{D31EEA07-5033-4A7B-BC48-B57F69C8FA15}_is1) (Version: 1.8 - Reline)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.6059 - CDBurnerXP)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version:  - )
Dropbox (HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\...\Dropbox) (Version: 4.4.29 - Dropbox, Inc.)
ELAN Touchpad 15.6.3.3_X64_WHQL (HKLM\...\Elantech) (Version: 15.6.3.3 - ELAN Microelectronic Corp.)
Epson Easy Photo Print 2 (HKLM-x32\...\{A02D7029-C4EF-44C1-9FD4-C0D3CA518113}) (Version: 2.2.4.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX235 Series Printer Uninstall (HKLM\...\EPSON SX235 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Config V4 (HKLM-x32\...\{08013FB5-DF8B-4D29-9B5E-B3DE88EBA6CA}) (Version: 4.6.0 - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
Fotor 3.0.0 (HKLM-x32\...\Fotor) (Version: 3.0.0 - Everimaging Co., Ltd.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)
Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.3.1019 - DVDVideoSoft Ltd.)
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.0.10.1211 - DVDVideoSoft Ltd.)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.84 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.35 - Irfan Skiljan)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java SE Development Kit 7 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170710}) (Version: 1.7.0.710 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 7.0 (HKLM-x32\...\{DE59B901-18EA-4CB9-ADE4-291BF5C1E12E}_is1) (Version:  - MiniTool Solution Ltd.)
Miranda Fusion 3.2.35.0 (HKLM-x32\...\MirandaFusion) (Version: 3.2.35.0 - Miranda Fusion Team)
mIRC (HKLM-x32\...\mIRC) (Version: 7.1 - mIRC Co. Ltd.)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 45.1.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.1.1 (x86 de)) (Version: 45.1.1 - Mozilla)
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Netzwerkhandbuch EPSON SX235 Series (HKLM-x32\...\EPSON SX235 Series Netg) (Version:  - )
NVIDIA Grafiktreiber 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.5.0 - Frank Heindörfer, Philip Chinery)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version:  - )
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version:  - )
SafeZone Stable 1.48.2066.101 (x32 Version: 1.48.2066.101 - Avast Software) Hidden
Skype™ 7.24 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.24.104 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steuer-Software 2013 (HKLM-x32\...\{3193DDB1-8F15-43DA-85D5-4796BF645914}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Steuer-Software 2014 (HKLM-x32\...\{77D53A25-9700-42C7-8305-8E469FEBEE30}) (Version: 19.10.89 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2015 (HKLM-x32\...\{8D59E108-081D-4F4F-84EF-0132479C25C6}) (Version: 20.38.173 - Akademische Arbeitsgemeinschaft)
Steuer-Software 2016 (HKLM-x32\...\{700B1B66-851B-4DA2-9233-1F14602CFA6F}) (Version: 21.34.95 - Akademische Arbeitsgemeinschaft)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.6.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.59518 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
Win7codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 2.4.2 - Shark007)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Wuala (HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\...\Wuala) (Version: 1.0.444.0 - LaCie)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Sany\AppData\Local\Microsoft\Windows Sidebar\Gadgets\sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3682184643-4074992415-2154467960-1002_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sany\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04397A23-DFC7-480E-BD5A-4146F04E1641} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {35D990BA-622F-4FBF-AF80-3B9F19812768} - System32\Tasks\Wise Care 365 PC Checkup Task => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe
Task: {388D6C50-8D70-43FF-BFE8-7327D31F8A4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {404B6DC8-BA8F-4784-A1BD-B960A215CA4D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4F7F859F-0DDB-4325-9E96-55559992F663} - System32\Tasks\UALU notificatin => C:\Program Files\Acer\Acer Updater\UALU.exe [2012-04-05] (Acer Incorporated)
Task: {61FC3F73-1286-49B8-A6DF-1FBD23CB1F1A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-04] (AVAST Software)
Task: {765D315B-55BA-4F63-967B-D6850AFCC108} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-05] (AVAST Software)
Task: {CAB6E484-18DA-4A3D-99D3-B8526EE3D186} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {DD3C22FB-15E3-4277-B2A8-3B6C8721E333} - System32\Tasks\SafeZone scheduled Autoupdate 1458763563 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-04-15] (Avast Software)
Task: {DE68D6AA-9A2A-4DAC-855C-5AD0789FB1D8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {FACA77E6-48B3-4C60-AADC-EFACFA3F5749} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-16] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002Core.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3682184643-4074992415-2154467960-1002UA.job => C:\Users\Sany\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Care 365 PC Checkup Task.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2014-06-12 22:17 - 2013-11-11 17:02 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-05 21:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2008-10-24 17:35 - 2008-10-24 17:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
2011-03-26 08:28 - 2011-03-26 08:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-08-14 16:55 - 2015-11-18 23:36 - 05890368 _____ () C:\Users\Sany\AppData\Local\Amazon Music\Amazon Music Helper.exe
2016-05-04 19:42 - 2016-05-04 19:42 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2016-05-04 19:41 - 2016-05-04 19:41 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-17 12:48 - 2016-06-17 12:48 - 02934784 _____ () C:\Program Files\AVAST Software\Avast\defs\16061700\algo.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00309912 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2016-05-04 19:42 - 2016-05-04 19:42 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-09-06 20:13 - 2015-12-11 03:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-09-06 20:14 - 2015-12-11 03:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-05-19 22:30 - 2016-05-19 22:30 - 00060928 _____ () C:\Program Files (x86)\MirandaFusion\zlib.dll
2008-05-03 09:59 - 2008-05-03 09:59 - 00094208 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\svc_dbepp.dll
2009-08-04 09:46 - 2009-08-04 09:46 - 00162304 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\actman.dll
2009-05-08 23:42 - 2009-05-08 23:42 - 00067072 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\authstate.dll
2010-02-10 20:42 - 2010-02-10 20:42 - 00117760 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\extraicons.dll
2013-03-15 10:27 - 2013-03-15 10:27 - 00322048 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\facebook.dll
2010-09-28 17:59 - 2010-09-28 17:59 - 00498688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\fingerprint.dll
2012-05-24 20:20 - 2012-05-24 20:20 - 00110592 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\folders.dll
2016-05-19 22:42 - 2016-05-19 22:42 - 00326144 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\icq.dll
2016-05-19 22:32 - 2016-05-19 22:32 - 00318976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\irc.dll
2011-02-09 23:56 - 2011-02-09 23:56 - 00082021 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\keepstatus.dll
2010-08-26 18:27 - 2010-08-26 18:27 - 00062976 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\menuex.dll
2012-07-18 20:39 - 2012-07-18 20:39 - 00106496 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\metacontacts.dll
2011-07-17 19:07 - 2011-07-17 19:07 - 00671232 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\mirotr.dll
2010-04-08 20:33 - 2010-04-08 20:33 - 00240128 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\sendss.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00094315 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\startupstatus.dll
2012-11-05 22:48 - 2012-11-05 22:48 - 00372736 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\twitter.dll
2010-10-10 11:12 - 2010-10-10 11:12 - 00374272 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\uinfoexw.dll
2009-10-09 09:04 - 2009-10-09 09:04 - 00036864 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\useactions.dll
2011-09-13 15:59 - 2011-09-13 15:59 - 00114688 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\variables.dll
2010-07-17 10:16 - 2010-07-17 10:16 - 00283136 _____ () C:\Program Files (x86)\MirandaFusion\Plugins\watrack.dll
2015-12-20 12:35 - 2015-12-20 12:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00034768 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00019408 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00116688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2016-06-04 13:23 - 2016-05-05 12:09 - 00093640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00018376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\select.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00105928 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00392144 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2016-06-04 13:23 - 2016-05-31 20:34 - 00381752 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00692688 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020816 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00123856 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01682760 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021840 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00038696 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\fastpath.pyd
2016-06-04 13:22 - 2016-05-05 12:11 - 00020936 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024528 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32event.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00114640 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32security.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00124880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00021832 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00175560 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32gui.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00030160 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00043472 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32process.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00048592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32service.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023872 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd
2016-06-04 13:22 - 2016-05-05 12:09 - 00134088 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00026456 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00057808 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00024016 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32profile.pyd
2016-06-04 13:22 - 2016-05-31 20:33 - 00246592 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00028616 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32ts.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00052024 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2016-06-04 13:23 - 2016-05-05 12:09 - 00134608 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_elementtree.pyd
2016-06-04 13:22 - 2016-05-05 12:10 - 00240584 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\jpegtran.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00019776 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00020800 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00020280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00023376 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00350152 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00022352 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00024392 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2016-06-04 13:22 - 2016-05-05 12:12 - 00036296 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\librsync.dll
2016-06-04 13:22 - 2016-05-31 20:34 - 00084280 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2016-06-04 13:22 - 2016-05-31 20:34 - 01826096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2016-06-04 13:23 - 2016-05-05 12:10 - 00083912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\sip.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 03928880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 01971504 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00531248 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00132912 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00223544 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00207672 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2016-06-04 13:23 - 2016-05-05 12:11 - 00060880 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-06-04 13:23 - 2016-05-31 20:34 - 00024904 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00546096 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2016-06-04 13:22 - 2016-05-31 20:34 - 00357680 _____ () C:\Users\Sany\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2016-06-06 20:55 - 2016-06-04 03:56 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libglesv2.dll
2016-06-06 20:55 - 2016-06-04 03:56 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.84\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3682184643-4074992415-2154467960-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandra Nicola\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3682184643-4074992415-2154467960-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sany\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9A0CF582-0842-415F-97A1-14A654C6F136}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{FCED189B-2A51-4C48-81F4-9BA024D2FFF7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [TCP Query User{237545CD-8E8F-46C2-8ACB-A678244FC57A}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{E5A34E10-5039-418C-AA4C-02B16C69857C}C:\program files (x86)\mirc\mirc.exe] => (Allow) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [{F6B11CC8-4FC3-4387-BE59-D571144FA32E}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{7AC80160-79F7-44FF-80BC-DBF3DB9269F5}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [UDP Query User{D0BF65DD-9224-4195-BEB8-48325C09653E}C:\program files (x86)\mirc\mirc.exe] => (Block) C:\program files (x86)\mirc\mirc.exe
FirewallRules: [TCP Query User{C7F6AE34-7668-4B93-9D6D-41985EF010EF}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [UDP Query User{72A764F2-9306-4FAA-9C47-5A96B0605D8B}C:\program files (x86)\mirandafusion\miranda32.exe] => (Block) C:\program files (x86)\mirandafusion\miranda32.exe
FirewallRules: [TCP Query User{7F05617C-9138-4983-9389-2109B875F7FE}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{89B536E7-87FF-40AA-8251-2592CDC1D51D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{4123086B-6697-4B43-BD16-010618B721FB}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{0EBC3C2E-AB9C-4B23-A8FF-A70A01DD7080}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{84251E9D-B8A6-4300-B08E-92EE91156D48}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{A963B6E5-838A-44FC-84DF-2B80331443A6}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{71FC902B-09B2-4C10-983E-B41930E91B68}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{E2BD0630-B9D9-4B77-AEF5-C89EBFE82AAF}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{BD89FB5C-1A7E-4879-A06E-BC0D24FB6A1A}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{BB312A91-45EC-4701-A552-671E652913C0}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{3E9183B8-DD4F-4779-8FB9-B07D116267C8}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9F2B7316-C788-491F-80B8-D4FA029717BF}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{BC62D37A-7E3E-4C09-AE24-10D37C0E7885}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{38005A59-206E-444D-826A-B3C973D53BC5}] => (Allow) C:\Users\Sany\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{C66CEDA0-34C3-4673-97C7-507520BE12CA}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{225EBDE7-F54A-4FE3-9E31-0EAAE9BA0A0E}C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sany\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{A9E135AD-9189-45CA-A4A6-52C2A33BA576}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{8659C8BA-C315-47E2-8D57-CCB279D35015}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{EDA315FD-4162-4F1D-AEBA-8031807924A2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE8408C6-C881-460D-93CC-0B5F457F92CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{D328A208-F129-4F7B-A4C4-15C4673B0E90}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{CAC0DB41-3206-4799-A826-144E7DC67A28}] => (Allow) D:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{0554891A-4EA7-47A8-9F47-C75E1074C365}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BFE2DA77-0714-494F-A849-173008D83F25}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C50E5472-57FE-4D9C-8143-28A3C496AC79}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{D6021033-8E01-4D45-B014-32D0215F6AC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5240FB5F-93E9-46EA-9023-75D1DA3B4B01}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{5371A095-407B-4645-915B-A6968D6C93C6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B53C6CD7-C266-47FA-AAF5-431D86BBDFD2}] => (Allow) LPort=5556
FirewallRules: [{9B9EB6EB-B6CF-406D-85F1-6522EFEC3AC0}] => (Allow) LPort=5558
FirewallRules: [{64EC39E4-9F0C-475A-9C74-46EA0D3B5B6D}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{CE7348D5-3868-41D1-9870-FE8F0C9DB4FC}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{8D273D0A-9A26-435E-9BA3-282F9BA80BCE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57D894D6-149C-400C-88F3-5C66583CCCA9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94AB55FB-7C15-4F5E-B436-6C7080EAF7DE}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [{B30C533C-C81C-4522-88C7-0E02EBAF0580}] => (Allow) C:\Program Files (x86)\EpsonNet\EpsonNet Config V4\ENConfig.exe
FirewallRules: [TCP Query User{DA48D2EB-AF84-4B7A-941C-4BF138A942AB}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{FA836D36-3023-412A-83FC-B9FBC396FD87}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{67977728-DBCF-47F1-B5E2-525DF228E576}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{60C4E4DC-1CC6-4B41-96A3-9E09AC67BE9E}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{3BB1637D-9740-4A87-8CAB-D53727C00C35}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [UDP Query User{C15E4FCC-B746-4935-8E4E-0A0F3FFC75D7}C:\bluebyte\die siedler iv\exe\s4_main.exe] => (Block) C:\bluebyte\die siedler iv\exe\s4_main.exe
FirewallRules: [{8954813C-A257-4146-BC74-0CB6C6E91114}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{8B76A7AD-078F-41DD-9B36-90113B1DB1C7}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{10422358-E789-4EE7-BE5C-F1E5906113BF}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{2F885933-905F-44A5-BE62-D0B438331F61}] => (Allow) C:\Program Files (x86)\MirandaFusion\miranda32.exe
FirewallRules: [{13D86C52-AE3D-49BA-AD7A-E1135B05BC88}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{CA9B7285-2895-4A8D-872E-DCDF071C628C}] => (Allow) C:\Program Files (x86)\MirandaFusion\fusiontools\updater.exe
FirewallRules: [{A93D1EC0-9BDB-4AB7-B060-6CCEB4823E4B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{8113944F-77DD-45B2-9FD8-250C08111E65}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{664D13CA-FD37-4B59-B5F9-BD3EA501F9EF}C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\public\downloads\snappy driver installer\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [TCP Query User{1FEFA7E8-E89C-419A-8226-EAC38CF1F1E4}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [UDP Query User{AEFFE97E-CF2C-43F3-8793-A8F4F995535C}C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe] => (Allow) C:\users\sany\desktop\sdi_r454\sdi_r454\sdi_x64_r454.exe
FirewallRules: [{D5FD2EE5-8B49-4102-A4BD-0B5839FDB1CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4FCCF01D-5B90-470B-9496-BC2049F6FF53}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{700A3990-5DE0-4218-919F-D5855ECDDE38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBA2A12F-A324-489C-8DDC-7239B2E493EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Restore Points =========================

10-06-2016 21:15:45 Windows Update
12-06-2016 16:20:06 Installed drivers
12-06-2016 19:19:43 Removed Windows 7 USB/DVD Download Tool
12-06-2016 19:29:38 Removed Dolby Advanced Audio v2
12-06-2016 19:31:42 Installed Dolby Advanced Audio v2
12-06-2016 21:02:23 Removed Dolby Advanced Audio v2
15-06-2016 09:12:14 Windows Update
17-06-2016 08:47:42 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2016 08:08:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/17/2016 07:43:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/17/2016 07:42:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 09:13:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 08:53:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 08:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 07:35:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 04:50:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 04:38:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/12/2016 04:18:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Name des fehlerhaften Moduls: SDI_x64_R454.exe, Version: 0.3.0.454, Zeitstempel: 0x575300a6
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000002c359
ID des fehlerhaften Prozesses: 0x934
Startzeit der fehlerhaften Anwendung: 0xSDI_x64_R454.exe0
Pfad der fehlerhaften Anwendung: SDI_x64_R454.exe1
Pfad des fehlerhaften Moduls: SDI_x64_R454.exe2
Berichtskennung: SDI_x64_R454.exe3


System errors:
=============
Error: (06/17/2016 08:09:57 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde nicht richtig gestartet.

Error: (06/17/2016 08:08:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (06/17/2016 08:08:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3 = Das System kann den angegebenen Pfad nicht finden.


Error: (06/17/2016 07:48:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/17/2016 07:42:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wise Boot Assistant" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2 = Das System kann die angegebene Datei nicht finden.


Error: (06/17/2016 07:42:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%3 = Das System kann den angegebenen Pfad nicht finden.


Error: (06/17/2016 07:37:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Restart the service.

Error: (06/17/2016 07:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/17/2016 07:37:04 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player Network Sharing Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.

Error: (06/17/2016 07:37:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Restart the service.


CodeIntegrity:
===================================
  Date: 2013-02-26 21:36:26.227
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:26.187
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:24.056
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:24.022
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:21.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:21.938
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:19.880
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:19.856
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:17.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-26 21:36:17.764
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 41%
Total physical RAM: 8043.86 MB
Available physical RAM: 4739.05 MB
Total Virtual: 16085.9 MB
Available Virtual: 12623 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:465.66 GB) (Free:205.86 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 444A0486)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
         

Alt 19.06.2016, 13:47   #8
burningice
/// Malwareteam
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Alt 20.06.2016, 19:25   #9
Ecronika
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a84eda532cdc534ca70f276a7dba289a
# end=init
# utc_time=2016-06-19 08:58:39
# local_time=2016-06-19 10:58:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 29848
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=a84eda532cdc534ca70f276a7dba289a
# end=updated
# utc_time=2016-06-19 09:01:50
# local_time=2016-06-19 11:01:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=a84eda532cdc534ca70f276a7dba289a
# engine=29848
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-06-20 06:21:48
# local_time=2016-06-20 08:21:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 70 704710 230867398 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 704865 218076758 0 0
# scanned=311969
# found=4
# cleaned=0
# scan_time=76796
sh=B975036D8399E74F6C960896A0EA4630455FCD03 ft=1 fh=3fd17a3606893100 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Sidebar\SoftonicDownloader_fuer_7-sidebar-gadget.exe"
sh=10E120C8FB3F82D44EC9812F8D84157CC1D63B8C ft=1 fh=2e2da38de0b32da0 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Video Schnipsel Progs\Free3GPVideoConverter.exe"
sh=B7FB9D7C81DA7006819C6F9ACA009A84F402341B ft=1 fh=3ae72d4148cf79f7 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Video Schnipsel Progs\FreeStudio.exe"
sh=DE98478DC86D276347A339E1D820DB20DB1B6781 ft=1 fh=34da6ca21dfe1451 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Public\Downloads\Video Schnipsel Progs\FreeVideoDub.exe"
         

Alt 21.06.2016, 10:45   #10
burningice
/// Malwareteam
 
System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Standard

System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Sany\biing2.exe 
emptytemp:
C:\Users\Public\Downloads\Sidebar\SoftonicDownloader_fuer_7-sidebar-gadget.exe

C:\Users\Public\Downloads\Video Schnipsel Progs\Free3GPVideoConverter.exe

C:\Users\Public\Downloads\Video Schnipsel Progs\FreeStudio.exe

C:\Users\Public\Downloads\Video Schnipsel Progs\FreeVideoDub.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort

Themen zu System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes
.com, antivirus, browser, defender, desktop, dnsapi.dll, firefox, flash player, google, google analytics, homepage, internet, internet explorer, logfile, mozilla, performance, popups, realtek, registry, rundll, security, server, services.exe, software, svchost.exe, system, windows




Ähnliche Themen: System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes


  1. adwcleaner Funde löschen?
    Plagegeister aller Art und deren Bekämpfung - 22.03.2016 (19)
  2. System sehr träge, Festplatte defekt?
    Netzwerk und Hardware - 07.09.2015 (1)
  3. Malwarebytes und ADWCleaner haben sehr viel gefunden, was kann ich noch tun?
    Log-Analyse und Auswertung - 03.07.2015 (13)
  4. Google App Engine: Google reagiert träge auf Java-Sicherheitslücken
    Nachrichten - 18.05.2015 (0)
  5. Win7 System sehr träge, svchost.exe hohe Auslastung
    Log-Analyse und Auswertung - 12.01.2015 (13)
  6. Windows 8.1: Funde bei AdwCleaner: SuperEasy Software,
    Log-Analyse und Auswertung - 27.12.2014 (7)
  7. Windows 7: AVAST 3 Funde, Malwarebytes 8 Funde
    Log-Analyse und Auswertung - 16.12.2014 (13)
  8. AdwCleaner-Log: Können Funde in Registrierungsdatenbank gelöscht werden?
    Log-Analyse und Auswertung - 20.09.2014 (3)
  9. CPU Auslastung trotz AVG, Avira, Malwarebytes, ADWcleaner, Spybot etc. zu hoch
    Plagegeister aller Art und deren Bekämpfung - 16.06.2014 (9)
  10. Funde von AdwCleaner
    Log-Analyse und Auswertung - 27.04.2014 (4)
  11. Rechner mit Win Vista plötzlich sehr langsam, reagiert träge und Programme hängen sich auf
    Plagegeister aller Art und deren Bekämpfung - 01.03.2014 (12)
  12. Funde durch AdwCleaner...weitere Schritte nötig?
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (3)
  13. Malwarebytes und AdwCleaner finden Pup.optional
    Log-Analyse und Auswertung - 09.10.2013 (13)
  14. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  15. Laptop plötzlich total langsam..Funde durch adwCleaner
    Plagegeister aller Art und deren Bekämpfung - 27.07.2013 (9)
  16. Windows 7 32bit: Hohe Prozessorauslastung / System träge
    Plagegeister aller Art und deren Bekämpfung - 29.06.2011 (19)
  17. Prozessor dauerhaft 20% - Ram voll ausgelastet - System träge
    Log-Analyse und Auswertung - 07.09.2010 (7)

Zum Thema System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes - Moin Moin, ich habe ein System, dass sehr träge reagierte und von mir als erste Maßnahme mit Malwarebytes und Adwcleaner bereinigt wurde - das hat die Performance auch schon etwas - System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes...
Archiv
Du betrachtest: System reagiert(e) träge, Funde mit Adwcleaner und Malwarebytes auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.