Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
PC extrem langsam, friert ein

PC extrem langsam, friert ein


Plagegeister aller Art und deren Bekämpfung: PC extrem langsam, friert ein

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.04.2016, 14:36   #1
overloaddani
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Guten Tag,

nachdem ich für meine Mutter vor etwas über einem Jahr einen PC gekauft habe, die meiste Zeit auch alles gut war, häufen sich die Probleme, seitdem mein kleiner Bruder aufgrund eines Defekts seines Laptops diesen PC mitbenutzt. Er weiß natürlich von nichts.

Daher wurde ich gerufen, um doch mal nachzusehen, woran es liegt. Anscheinend friert öfters der PC einfach mal so ein, zuerst Mozilla, dann der ganze Explorer - dann hilft, wenn überhaupt, nur noch ein Neustart.

Vielen Dank für eure Mühe.

Alt 06.04.2016, 20:24   #2
M-K-D-B
/// TB-Ausbilder
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein





Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________
Alt 10.04.2016, 15:10   #3
M-K-D-B
/// TB-Ausbilder
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Alt 18.04.2016, 20:05   #4
overloaddani
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Hallo Matthias, tut mir leid, dass ich mich jetzt erst melde, ich hatte keinen Zugriff auf den besagten Rechner.

FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Petra (Administrator) auf PETRA-PC (18-04-2016 20:56:47)
Gestartet von C:\Users\Petra\Downloads
Geladene Profile: Petra (Verfügbare Profile: Petra)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\System32\igfxTray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Petra\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_213.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [456808 2014-10-15] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [807392 2016-03-12] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Run: [Spotify Web Helper] => C:\Users\Petra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-15] (Spotify Ltd)
HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Run: [Spotify] => C:\Users\Petra\AppData\Roaming\Spotify\Spotify.exe [6855280 2016-04-15] (Spotify Ltd)
HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\MountPoints2: {ad5a0ae2-e912-11e4-9a0c-d050993dc38e} - E:\Msetup4.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-21] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 80.69.100.204 80.69.100.213
Tcpip\..\Interfaces\{005AEAC4-BE6F-4F93-B007-B770CE17E09E}: [DhcpNameServer] 80.69.100.204 80.69.100.213

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-426687572-1594056187-641312889-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-25] (Google Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-25] (Google Inc.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-25] (Google Inc.)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Extension: WOT - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-11]
FF Extension: Avira Browser Safety - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default\Extensions\abs@avira.com [2016-03-01]
FF Extension: Adblock Plus - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome: 
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Google Drive) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Google-Suche) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Google Mail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [955736 2016-03-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466504 2016-03-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466504 2016-03-12] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1424880 2016-03-12] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-21] (Avast Software)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-15] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-21] (AVAST Software)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-04-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-12] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-28] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-21] (AVAST Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-21] (Avast Software)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 20:56 - 2016-04-18 20:56 - 00020512 _____ C:\Users\Petra\Downloads\FRST.txt
2016-04-18 20:53 - 2016-04-18 20:56 - 00000000 ____D C:\FRST
2016-04-18 20:46 - 2016-04-18 20:46 - 02375680 _____ (Farbar) C:\Users\Petra\Downloads\FRST64.exe
2016-04-16 00:09 - 2016-04-16 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-13 21:06 - 2016-04-13 21:06 - 00002128 _____ C:\Users\Petra\Desktop\Picasa - CHIP Downloader.lnk
2016-04-13 21:03 - 2016-04-13 21:03 - 01475080 _____ C:\Users\Petra\Downloads\Picasa - CHIP-Installer.exe
2016-04-13 17:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 17:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 17:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 17:49 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 17:49 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 17:49 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 17:49 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 17:49 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 17:49 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 17:49 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 17:49 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 17:49 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 17:49 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 17:49 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 17:49 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 17:49 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 17:49 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 17:49 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 17:49 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 17:49 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 17:49 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 17:49 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 17:49 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 17:49 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 17:49 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 17:49 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 17:49 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 17:49 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 17:49 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 17:49 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 17:49 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 17:49 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 17:49 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 17:49 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 17:49 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 17:49 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 17:49 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 17:49 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 17:49 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 17:49 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 17:49 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:49 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 17:49 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 17:49 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 17:49 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 17:49 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 17:49 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 17:49 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 17:49 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 17:49 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 17:49 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 17:49 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 17:49 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 17:49 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 17:49 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 17:49 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 17:49 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 17:49 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 17:49 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 17:49 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 17:49 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 17:49 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 17:49 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 17:49 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 17:49 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 17:49 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 17:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 17:49 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 17:49 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 17:49 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 17:49 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 17:49 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 17:49 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 17:49 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 17:49 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 17:49 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:49 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:49 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 17:49 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 17:49 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 17:49 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 17:49 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 17:49 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 17:49 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 17:49 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 17:49 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 17:49 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 17:49 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 17:49 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 17:49 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 17:49 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 17:49 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 17:49 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:49 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 17:49 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 17:49 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 17:49 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 17:49 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 17:49 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:49 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 17:49 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:49 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 17:49 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 17:49 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 17:49 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 17:49 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 17:49 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 17:49 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 17:49 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 17:49 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 17:49 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-13 17:49 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 17:49 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 17:49 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:49 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 17:49 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 17:49 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 17:49 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-04-13 17:49 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 17:49 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 17:49 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-13 17:14 - 2016-04-13 21:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-04 17:55 - 2016-04-04 17:55 - 00008192 _____ C:\Windows\system32\config\userdiff
2016-04-04 16:45 - 2016-04-10 12:42 - 00031341 _____ C:\Windows\diagerr.xml
2016-04-04 16:45 - 2016-04-10 12:42 - 00028578 _____ C:\Windows\diagwrn.xml
2016-04-01 11:47 - 2016-04-01 11:47 - 07020776 _____ C:\Users\Petra\Downloads\E3-PRO-GAMING-V5-ASUS-0303.zip
2016-03-23 11:45 - 2016-04-10 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-23 11:45 - 2016-03-23 11:45 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-23 11:45 - 2016-03-23 11:45 - 00000000 ____D C:\Program Files\iTunes
2016-03-23 11:45 - 2016-03-23 11:45 - 00000000 ____D C:\Program Files\iPod
2016-03-23 11:45 - 2016-03-23 11:45 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-20 12:31 - 2016-03-20 12:31 - 00010068 _____ C:\Users\Petra\Documents\Debeka März 2016.xlsx
2016-03-19 21:50 - 2016-03-19 21:50 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-19 21:50 - 2016-03-19 21:50 - 00000000 ____D C:\Program Files (x86)\Apple Software Update

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 20:56 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-18 20:56 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-18 20:48 - 2016-02-29 18:15 - 00000000 ____D C:\Users\Petra\AppData\Local\Spotify
2016-04-18 20:47 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-04-18 20:47 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-04-18 20:47 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-18 20:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-18 20:42 - 2016-02-29 18:15 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Spotify
2016-04-18 20:42 - 2016-01-24 21:29 - 00000000 ___RD C:\Users\Petra\Dropbox
2016-04-18 20:41 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 00:09 - 2016-01-24 21:27 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-15 17:08 - 2016-01-24 21:27 - 00000000 ____D C:\Users\Petra\AppData\Local\Dropbox
2016-04-13 21:42 - 2009-07-14 06:45 - 00409832 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 21:41 - 2015-01-21 00:02 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-13 21:41 - 2015-01-15 00:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 21:26 - 2015-01-31 17:16 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 21:24 - 2015-01-31 17:16 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 17:48 - 2015-03-04 19:11 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-13 17:48 - 2015-03-04 19:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-13 17:48 - 2015-03-04 19:10 - 00000000 ____D C:\Users\Petra\AppData\Local\Adobe
2016-04-12 10:41 - 2015-01-15 00:00 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 19:09 - 2016-02-13 20:36 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-10 19:03 - 2015-01-14 20:59 - 00000000 ____D C:\Windows\Panther
2016-04-10 16:38 - 2016-01-24 21:00 - 00000000 ____D C:\Windows\de
2016-04-10 16:38 - 2016-01-24 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-10 16:38 - 2015-11-29 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6600 series Benutzerregistrierung
2016-04-10 16:38 - 2015-11-29 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6600 series Manual
2016-04-10 16:38 - 2015-05-17 11:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-04-10 16:38 - 2015-04-07 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HERMA
2016-04-10 16:38 - 2015-01-31 17:19 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-04-10 16:38 - 2015-01-31 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-10 16:38 - 2015-01-15 02:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-10 16:38 - 2015-01-15 02:16 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-10 16:38 - 2015-01-15 02:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-10 16:38 - 2015-01-15 02:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-10 16:38 - 2015-01-15 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-10 16:38 - 2015-01-15 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-04-10 16:38 - 2015-01-15 00:11 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-04-10 16:38 - 2015-01-15 00:11 - 00000000 ____D C:\Windows\system32\vbox
2016-04-10 16:38 - 2015-01-15 00:02 - 00000000 ____D C:\Program Files\Intel
2016-04-10 16:38 - 2015-01-14 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-04-10 16:38 - 2015-01-14 21:26 - 00000000 ____D C:\Users\Petra
2016-04-10 16:38 - 2015-01-14 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-04-10 16:38 - 2011-04-12 09:55 - 00000000 ____D C:\Windows\ShellNew
2016-04-10 16:38 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-04-10 16:38 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-04-10 16:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-10 16:38 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-04-10 16:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-10 16:38 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-10 12:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2016-04-10 10:36 - 2016-01-24 21:28 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-10 10:36 - 2016-01-24 21:28 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-10 10:36 - 2015-01-15 00:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-10 10:36 - 2015-01-15 00:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-09 20:14 - 2015-03-04 19:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-05 16:41 - 2015-11-29 11:45 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-04-04 17:42 - 2016-01-24 21:28 - 00004318 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-04-04 17:42 - 2016-01-24 21:28 - 00004066 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-04-04 17:42 - 2015-05-17 11:28 - 00003542 _____ C:\Windows\System32\Tasks\Avira Browser Safety Updater Task
2016-04-04 17:42 - 2015-03-04 19:11 - 00003932 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-04 17:42 - 2015-01-15 02:59 - 00004292 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-04 17:42 - 2015-01-15 00:00 - 00004216 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-04 17:42 - 2015-01-15 00:00 - 00003964 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-01 22:47 - 2016-01-24 20:07 - 00000000 ____D C:\Users\Petra\AppData\Roaming\DVDVideoSoft
2016-03-28 10:00 - 2015-03-17 01:04 - 00000000 ____D C:\Users\Petra\Desktop\Daniel Unterlagen CU
2016-03-28 09:59 - 2015-07-04 00:14 - 00000000 ____D C:\Users\Petra\Desktop\Jona
2016-03-24 02:02 - 2015-04-07 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 02:02 - 2015-04-07 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-23 11:45 - 2016-02-05 15:52 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-19 21:50 - 2016-02-05 15:52 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-03 09:34 - 2016-03-03 09:34 - 0000000 ____H () C:\Users\Petra\AppData\Local\BIT6417.tmp
2015-01-22 15:28 - 2015-01-22 15:28 - 0000017 _____ () C:\Users\Petra\AppData\Local\resmon.resmoncfg
2016-03-03 09:33 - 2016-03-03 09:34 - 0000000 _____ () C:\Users\Petra\AppData\Local\{26507179-4002-409E-9BBF-50EC2A218965}

Einige Dateien in TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\avgnt.exe
C:\Users\Petra\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Petra\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Petra\AppData\Local\Temp\ose00000.exe
C:\Users\Petra\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Petra\AppData\Local\Temp\sfextra.dll
C:\Users\Petra\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-29 14:30

==================== Ende von FRST.txt ============================


Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Petra (2016-04-18 20:57:07)
Gestartet von C:\Users\Petra\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-01-14 19:26:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-426687572-1594056187-641312889-500 - Administrator - Disabled)
Gast (S-1-5-21-426687572-1594056187-641312889-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-426687572-1594056187-641312889-1002 - Limited - Enabled)
Petra (S-1-5-21-426687572-1594056187-641312889-1000 - Administrator - Enabled) => C:\Users\Petra

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG6600 series Benutzerregistrierung (HKLM-x32\...\Canon MG6600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.00 - Canon Inc.)
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-426687572-1594056187-641312889-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {039476FC-067E-4073-B2CE-5FB8A9A2DE30} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-24] (Dropbox, Inc.)
Task: {05D8A34E-CC22-40A3-A358-46135FB0FE39} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-21] (AVAST Software)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {30B9C590-E4E7-45EB-9B50-25507FC47B13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {76E12543-B21E-4FA8-8CCB-91EC974F0A2B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {86AD5ADE-69A2-468C-87D8-FAE524FA71FF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {C01E510E-A55B-42B2-8229-EEF795597D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {D338DF69-2B0C-4D2E-9235-34F2ED7AFA37} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {E356BE6B-5A1E-4F82-BC3F-925CAC98B2BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-13] (Adobe Systems Incorporated)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
Task: {FBF88356-2E04-45D8-BFD7-1AF6523AAF05} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-24] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-01-15 00:18 - 2014-10-15 13:56 - 00456808 _____ () C:\Windows\System32\igfxTray.exe
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-29 11:54 - 2013-06-28 17:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-07-21 10:31 - 2015-07-21 10:31 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-21 10:31 - 2015-07-21 10:31 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-18 17:33 - 2016-04-18 17:33 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16041800\algo.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-07-21 10:31 - 2015-07-21 10:31 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-24 21:28 - 2016-03-21 23:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-16 00:09 - 2016-03-21 23:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-16 00:09 - 2016-03-21 23:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-01-24 21:28 - 2016-03-21 23:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-01-24 21:28 - 2016-03-21 23:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-01-24 21:28 - 2016-04-08 20:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-16 00:09 - 2016-03-21 23:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-01-24 21:28 - 2016-04-08 20:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-01-24 21:28 - 2016-03-21 23:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-01-24 21:28 - 2016-03-21 23:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-01-24 21:28 - 2016-04-08 20:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-16 00:09 - 2016-03-21 23:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-01-24 21:28 - 2016-04-08 20:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-01-24 21:28 - 2016-03-21 23:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-16 00:09 - 2016-03-21 23:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-16 00:09 - 2016-03-21 23:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-16 00:09 - 2016-03-21 23:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-16 00:09 - 2016-04-08 20:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-16 00:09 - 2016-04-08 20:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-01-24 21:28 - 2016-03-21 23:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-16 00:09 - 2016-03-21 23:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-16 00:09 - 2016-03-21 23:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-01-24 21:28 - 2016-04-08 20:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-01-24 21:28 - 2016-03-21 23:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-04-13 17:48 - 2016-04-13 17:48 - 19403968 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\Users\Petra\Desktop\2016-03-31 17.08.25.jpg:com.dropbox.attributes [309]
AlternateDataStreams: C:\Users\Petra\Desktop\2scan.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\2scan.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt1.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt1.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt2.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt2.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt3.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\Bescheinigung.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\Bescheinigung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\versicherung.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\versicherung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\Zuzahlung.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\Zuzahlung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1001movie.com -> 1001movie.com

Da befinden sich 6091 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-426687572-1594056187-641312889-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.69.100.204 - 80.69.100.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{272640E5-6C26-40AF-972C-5B57FAE25943}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{74D882BE-8437-4E11-9D71-4A5FE4855F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CE83FDC9-5AEC-409B-BC45-FE8F791D41E7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CCC38767-4BEF-450A-BB74-1A6C0CCBF06E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DB95F496-C56B-4D83-B5EB-57D76F614FF6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{58F8EE83-455F-4C03-A92C-EF0021A9855F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{136318AE-8ACC-498B-8D3C-7F9C6CB8E3BC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F8C77348-27DA-4AA8-AE73-8A01CE7A7DBE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A2BE7B64-2EE7-454C-82BE-F03FA0A9CB87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9739DB89-0B29-4E3C-ABBA-6F3057FC80F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB3B1A40-3B40-4665-9A11-AA51C44533B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3EF3878F-03D7-410F-85C9-76CBD209BB02}] => (Allow) LPort=2869
FirewallRules: [{E1803B20-8405-41C8-BD4D-8BC0FB4F7E98}] => (Allow) LPort=1900
FirewallRules: [{51C6A758-E2FC-4B4F-90B5-86F16B0442B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1924D7F-0EDF-4566-A737-23FD7F74D88D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDCD3924-3B85-4BE4-872E-5C8F1481B9D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5656B94E-BEF1-42E5-BCC6-1D08F1106285}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8A3330BC-7050-44AB-8F87-5C6500FFBB5B}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0C9E1F23-7063-4374-AFF2-C470C8F4CD3B}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8AE6A0DA-D281-4A71-9156-68A877B7407C}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{40163756-E3F5-43C7-BD20-7793CC692F72}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9226744D-F4CB-44AA-BED5-7B2FB93BFD94}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F2A77047-2D6C-40CE-B791-25B399FB6FC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F5C23CF9-773F-4292-87F2-BBD2914B07C9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

13-04-2016 21:22:40 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/18/2016 08:42:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 05:32:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2016 11:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 05:07:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 04:47:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 11:30:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/14/2016 07:48:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2016 09:43:33 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: PresentationCore, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=amd64 . Error code = 0x80070020

Error: (04/13/2016 09:42:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/13/2016 09:41:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (04/18/2016 08:42:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/18/2016 05:32:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/16/2016 11:56:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/16/2016 12:08:36 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {96D1EED3-701E-4FE5-B996-A543A8465897}

Error: (04/15/2016 05:07:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/15/2016 05:06:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎04.‎2016 um 17:05:02 unerwartet heruntergefahren.

Error: (04/15/2016 04:47:39 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/15/2016 11:30:01 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/14/2016 07:48:14 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/13/2016 09:42:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 7845.08 MB
Verfügbarer physikalischer RAM: 5354.24 MB
Summe virtueller Speicher: 15688.34 MB
Verfügbarer virtueller Speicher: 12716.18 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:238.38 GB) (Free:163.64 GB) NTFS
Drive d: (Lokaler Datenträger) (Fixed) (Total:931.51 GB) (Free:756.29 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 4DC26C84)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BBCDD72E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Alt 18.04.2016, 20:08   #5
overloaddani
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Code:
ATTFilter
21:00:21.0321 0x14ac  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
21:00:24.0247 0x14ac  ============================================================
21:00:24.0247 0x14ac  Current date / time: 2016/04/18 21:00:24.0247
21:00:24.0247 0x14ac  SystemInfo:
21:00:24.0247 0x14ac  
21:00:24.0247 0x14ac  OS Version: 6.1.7601 ServicePack: 1.0
21:00:24.0247 0x14ac  Product type: Workstation
21:00:24.0248 0x14ac  ComputerName: PETRA-PC
21:00:24.0248 0x14ac  UserName: Petra
21:00:24.0248 0x14ac  Windows directory: C:\Windows
21:00:24.0248 0x14ac  System windows directory: C:\Windows
21:00:24.0248 0x14ac  Running under WOW64
21:00:24.0248 0x14ac  Processor architecture: Intel x64
21:00:24.0248 0x14ac  Number of processors: 2
21:00:24.0248 0x14ac  Page size: 0x1000
21:00:24.0248 0x14ac  Boot type: Normal boot
21:00:24.0248 0x14ac  ============================================================
21:00:24.0748 0x14ac  KLMD registered as C:\Windows\system32\drivers\10423719.sys
21:00:24.0959 0x14ac  System UUID: {3BAA44F7-0F53-FD55-4F33-AF26EAE0B0FB}
21:00:25.0461 0x14ac  Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:00:25.0461 0x14ac  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:00:25.0465 0x14ac  ============================================================
21:00:25.0465 0x14ac  \Device\Harddisk0\DR0:
21:00:25.0465 0x14ac  MBR partitions:
21:00:25.0465 0x14ac  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:00:25.0465 0x14ac  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC02B0
21:00:25.0465 0x14ac  \Device\Harddisk1\DR1:
21:00:25.0465 0x14ac  MBR partitions:
21:00:25.0465 0x14ac  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:00:25.0465 0x14ac  ============================================================
21:00:25.0466 0x14ac  C: <-> \Device\Harddisk0\DR0\Partition2
21:00:26.0062 0x14ac  D: <-> \Device\Harddisk1\DR1\Partition1
21:00:26.0062 0x14ac  ============================================================
21:00:26.0062 0x14ac  Initialize success
21:00:26.0062 0x14ac  ============================================================
21:01:04.0408 0x13a0  ============================================================
21:01:04.0408 0x13a0  Scan started
21:01:04.0408 0x13a0  Mode: Manual; SigCheck; TDLFS; 
21:01:04.0408 0x13a0  ============================================================
21:01:04.0408 0x13a0  KSN ping started
21:01:40.0576 0x13a0  KSN ping finished: true
21:01:41.0519 0x13a0  ================ Scan system memory ========================
21:01:41.0519 0x13a0  System memory - ok
21:01:41.0520 0x13a0  ================ Scan services =============================
21:01:41.0555 0x13a0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:01:41.0592 0x13a0  1394ohci - ok
21:01:41.0603 0x13a0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:01:41.0615 0x13a0  ACPI - ok
21:01:41.0618 0x13a0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:01:41.0628 0x13a0  AcpiPmi - ok
21:01:41.0650 0x13a0  [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:01:41.0661 0x13a0  AdobeFlashPlayerUpdateSvc - ok
21:01:41.0672 0x13a0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:01:41.0686 0x13a0  adp94xx - ok
21:01:41.0695 0x13a0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:01:41.0706 0x13a0  adpahci - ok
21:01:41.0712 0x13a0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:01:41.0721 0x13a0  adpu320 - ok
21:01:41.0726 0x13a0  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:01:41.0735 0x13a0  AeLookupSvc - ok
21:01:41.0746 0x13a0  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
21:01:41.0760 0x13a0  AFD - ok
21:01:41.0766 0x13a0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:01:41.0773 0x13a0  agp440 - ok
21:01:41.0777 0x13a0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:01:41.0787 0x13a0  ALG - ok
21:01:41.0790 0x13a0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:01:41.0797 0x13a0  aliide - ok
21:01:41.0800 0x13a0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:01:41.0807 0x13a0  amdide - ok
21:01:41.0810 0x13a0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:01:41.0819 0x13a0  AmdK8 - ok
21:01:41.0823 0x13a0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
21:01:41.0832 0x13a0  AmdPPM - ok
21:01:41.0836 0x13a0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:01:41.0844 0x13a0  amdsata - ok
21:01:41.0850 0x13a0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:01:41.0859 0x13a0  amdsbs - ok
21:01:41.0862 0x13a0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:01:41.0870 0x13a0  amdxata - ok
21:01:41.0892 0x13a0  [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
21:01:41.0921 0x13a0  AntiVirMailService - ok
21:01:41.0933 0x13a0  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
21:01:41.0946 0x13a0  AntiVirSchedulerService - ok
21:01:41.0956 0x13a0  [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
21:01:41.0971 0x13a0  AntiVirService - ok
21:01:41.0995 0x13a0  [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
21:01:42.0025 0x13a0  AntiVirWebService - ok
21:01:42.0030 0x13a0  [ A9FB80B0BBA6F765F4E691B7AD4963A7, 06BC740AF47ACECEE3707C433357F872EA0D9F2CA1B9FC2489FA3B421A262EF0 ] AppID           C:\Windows\system32\drivers\appid.sys
21:01:42.0039 0x13a0  AppID - ok
21:01:42.0042 0x13a0  [ C47B6624AF9AEE4146743DCB133A159D, 10D1E6C9F972C3A8CC304F38B0A52818A78D70B4AF71F6E22CE1773397FC2AB4 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:01:42.0050 0x13a0  AppIDSvc - ok
21:01:42.0054 0x13a0  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
21:01:42.0064 0x13a0  Appinfo - ok
21:01:42.0069 0x13a0  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:01:42.0077 0x13a0  Apple Mobile Device Service - ok
21:01:42.0083 0x13a0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:01:42.0094 0x13a0  AppMgmt - ok
21:01:42.0098 0x13a0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
21:01:42.0106 0x13a0  arc - ok
21:01:42.0110 0x13a0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:01:42.0118 0x13a0  arcsas - ok
21:01:42.0129 0x13a0  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:01:42.0138 0x13a0  aspnet_state - ok
21:01:42.0141 0x13a0  [ 25863B5A3AC02DD35063D77C1F1415FF, F3F61F83CCF78F2FB3CD3DC66C28C1BE4D6D6F3C7440B6E5F7EEAC3739DB80DD ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
21:01:42.0148 0x13a0  aswHwid - ok
21:01:42.0152 0x13a0  [ 2894AC8C6159201940C8CD5B33CC5203, 4717301395100BD71B49451109AA29A58F702AF1E24C816CE5CC4320B6F3CA67 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
21:01:42.0160 0x13a0  aswMonFlt - ok
21:01:42.0164 0x13a0  [ C384DC3DDF65F3E011DFBDFDB500F89A, 0B15E09AE0DA51000B2AAF5DE6C5BBD7EBE4EB1DACB680A159AD9369CDA6D7D1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
21:01:42.0172 0x13a0  aswRdr - ok
21:01:42.0176 0x13a0  [ 7F5ADFD9CA8EF06D020273B81BFFD731, 04A47F26DA3E507D9C984D7C737EC29B04AA88F68222FB4538BEA80D4D07D7FB ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
21:01:42.0184 0x13a0  aswRvrt - ok
21:01:42.0203 0x13a0  [ D8AED327929029227447ADA450AA3AE8, B4164430915B3FF58C479CDAC28A87436F8C203D492266C2D96C2872ECD6EE94 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
21:01:42.0226 0x13a0  aswSnx - ok
21:01:42.0237 0x13a0  [ D96A7EE9F5E25A7941F2A2A2BED46339, 7619A7052C33CA47A847ABAE22CD2C6E9EB102B64D212597B926D21C8A038264 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
21:01:42.0250 0x13a0  aswSP - ok
21:01:42.0255 0x13a0  [ 82F2525A22A380AA977428490AA849E3, 457F3D58B23BB61ED1BFA84B4CB2E12EE54C4BA7F9286F952E6632477EE9B548 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
21:01:42.0264 0x13a0  aswStm - ok
21:01:42.0270 0x13a0  [ 2F3F0B08EBF741FE22745BECC794CE34, 969C12129C9C9981BF20656057C05290E050B410E4ECF8405C020F9A23728099 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
21:01:42.0282 0x13a0  aswVmm - ok
21:01:42.0285 0x13a0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:01:42.0307 0x13a0  AsyncMac - ok
21:01:42.0312 0x13a0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:01:42.0319 0x13a0  atapi - ok
21:01:42.0334 0x13a0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:01:42.0353 0x13a0  AudioEndpointBuilder - ok
21:01:42.0366 0x13a0  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:01:42.0385 0x13a0  AudioSrv - ok
21:01:42.0392 0x13a0  [ A97E144E84A665B22AE6E6A93E4DD465, 888D702B9B9E6C446AD7499571DAEAB072BEF141FF3300E74C6E538FA312BDCD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
21:01:42.0400 0x13a0  avast! Antivirus - ok
21:01:42.0464 0x13a0  [ CCC3FE1DDCCF99633539B3D7681EF7D7, 0C048EDCD22681C82586845B822990FB4A9303B3B1F4161EBA5A6C444EF7C5CC ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
21:01:42.0536 0x13a0  AvastVBoxSvc - ok
21:01:42.0545 0x13a0  [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
21:01:42.0554 0x13a0  avgntflt - ok
21:01:42.0559 0x13a0  [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
21:01:42.0568 0x13a0  avipbb - ok
21:01:42.0574 0x13a0  [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
21:01:42.0585 0x13a0  Avira.ServiceHost - ok
21:01:42.0588 0x13a0  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
21:01:42.0594 0x13a0  avkmgr - ok
21:01:42.0598 0x13a0  [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
21:01:42.0605 0x13a0  avnetflt - ok
21:01:42.0609 0x13a0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:01:42.0622 0x13a0  AxInstSV - ok
21:01:42.0632 0x13a0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:01:42.0646 0x13a0  b06bdrv - ok
21:01:42.0653 0x13a0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:01:42.0665 0x13a0  b57nd60a - ok
21:01:42.0670 0x13a0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:01:42.0680 0x13a0  BDESVC - ok
21:01:42.0683 0x13a0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:01:42.0705 0x13a0  Beep - ok
21:01:42.0718 0x13a0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:01:42.0737 0x13a0  BFE - ok
21:01:42.0754 0x13a0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:01:42.0789 0x13a0  BITS - ok
21:01:42.0793 0x13a0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:01:42.0802 0x13a0  blbdrive - ok
21:01:42.0811 0x13a0  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:01:42.0826 0x13a0  Bonjour Service - ok
21:01:42.0830 0x13a0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:01:42.0839 0x13a0  bowser - ok
21:01:42.0842 0x13a0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:01:42.0852 0x13a0  BrFiltLo - ok
21:01:42.0854 0x13a0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:01:42.0864 0x13a0  BrFiltUp - ok
21:01:42.0869 0x13a0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:01:42.0879 0x13a0  Browser - ok
21:01:42.0887 0x13a0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:01:42.0899 0x13a0  Brserid - ok
21:01:42.0902 0x13a0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:01:42.0912 0x13a0  BrSerWdm - ok
21:01:42.0915 0x13a0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:01:42.0925 0x13a0  BrUsbMdm - ok
21:01:42.0928 0x13a0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:01:42.0936 0x13a0  BrUsbSer - ok
21:01:42.0940 0x13a0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:01:42.0950 0x13a0  BTHMODEM - ok
21:01:42.0954 0x13a0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:01:42.0978 0x13a0  bthserv - ok
21:01:42.0982 0x13a0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:01:43.0005 0x13a0  cdfs - ok
21:01:43.0010 0x13a0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:01:43.0020 0x13a0  cdrom - ok
21:01:43.0024 0x13a0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:01:43.0046 0x13a0  CertPropSvc - ok
21:01:43.0051 0x13a0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:01:43.0060 0x13a0  circlass - ok
21:01:43.0069 0x13a0  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
21:01:43.0082 0x13a0  CLFS - ok
21:01:43.0087 0x13a0  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:01:43.0095 0x13a0  clr_optimization_v2.0.50727_32 - ok
21:01:43.0100 0x13a0  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:01:43.0108 0x13a0  clr_optimization_v2.0.50727_64 - ok
21:01:43.0116 0x13a0  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:01:43.0126 0x13a0  clr_optimization_v4.0.30319_32 - ok
21:01:43.0131 0x13a0  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:01:43.0142 0x13a0  clr_optimization_v4.0.30319_64 - ok
21:01:43.0145 0x13a0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
21:01:43.0153 0x13a0  CmBatt - ok
21:01:43.0156 0x13a0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:01:43.0163 0x13a0  cmdide - ok
21:01:43.0174 0x13a0  [ CA3FB5A6B626D8A00A89E049CF95954E, CD5E3E40972513195108BA46CEC1D0AEA6B09A67EEBDD17EB759BD1729B07C06 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:01:43.0191 0x13a0  CNG - ok
21:01:43.0195 0x13a0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
21:01:43.0202 0x13a0  Compbatt - ok
21:01:43.0205 0x13a0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:01:43.0215 0x13a0  CompositeBus - ok
21:01:43.0217 0x13a0  COMSysApp - ok
21:01:43.0239 0x13a0  [ 414AB2F2ACD35A4B82F5ECD9F51A201B, E90EC638EEAA17007AB28B5619D7CCE67204AD69E946B864E0AF1A5A0047C364 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
21:01:43.0252 0x13a0  cphs - ok
21:01:43.0255 0x13a0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:01:43.0262 0x13a0  crcdisk - ok
21:01:43.0268 0x13a0  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:01:43.0280 0x13a0  CryptSvc - ok
21:01:43.0290 0x13a0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:01:43.0307 0x13a0  CSC - ok
21:01:43.0322 0x13a0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:01:43.0342 0x13a0  CscService - ok
21:01:43.0349 0x13a0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:01:43.0358 0x13a0  dbupdate - ok
21:01:43.0362 0x13a0  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
21:01:43.0371 0x13a0  dbupdatem - ok
21:01:43.0382 0x13a0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:01:43.0400 0x13a0  DcomLaunch - ok
21:01:43.0409 0x13a0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:01:43.0436 0x13a0  defragsvc - ok
21:01:43.0441 0x13a0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:01:43.0463 0x13a0  DfsC - ok
21:01:43.0470 0x13a0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:01:43.0485 0x13a0  Dhcp - ok
21:01:43.0509 0x13a0  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:01:43.0540 0x13a0  DiagTrack - ok
21:01:43.0550 0x13a0  [ DEE4A1F675EC604E9641B1A03CF1816F, A0AC84713DDFD9A94B8558DFA26B278FB29833C5663451CC582ACA85B29CBFD8 ] DigitalWave.Update.Service C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
21:01:43.0562 0x13a0  DigitalWave.Update.Service - ok
21:01:43.0565 0x13a0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:01:43.0587 0x13a0  discache - ok
21:01:43.0591 0x13a0  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
21:01:43.0599 0x13a0  Disk - ok
21:01:43.0603 0x13a0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:01:43.0611 0x13a0  dmvsc - ok
21:01:43.0617 0x13a0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:01:43.0628 0x13a0  Dnscache - ok
21:01:43.0634 0x13a0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:01:43.0660 0x13a0  dot3svc - ok
21:01:43.0665 0x13a0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:01:43.0690 0x13a0  DPS - ok
21:01:43.0693 0x13a0  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:01:43.0701 0x13a0  drmkaud - ok
21:01:43.0720 0x13a0  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:01:43.0742 0x13a0  DXGKrnl - ok
21:01:43.0753 0x13a0  [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
21:01:43.0767 0x13a0  e1dexpress - ok
21:01:43.0772 0x13a0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:01:43.0796 0x13a0  EapHost - ok
21:01:43.0851 0x13a0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:01:43.0912 0x13a0  ebdrv - ok
21:01:43.0920 0x13a0  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] EFS             C:\Windows\System32\lsass.exe
21:01:43.0931 0x13a0  EFS - ok
21:01:43.0946 0x13a0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:01:43.0965 0x13a0  ehRecvr - ok
21:01:43.0970 0x13a0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:01:43.0980 0x13a0  ehSched - ok
21:01:43.0991 0x13a0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:01:44.0006 0x13a0  elxstor - ok
21:01:44.0009 0x13a0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:01:44.0017 0x13a0  ErrDev - ok
21:01:44.0028 0x13a0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:01:44.0056 0x13a0  EventSystem - ok
21:01:44.0062 0x13a0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:01:44.0088 0x13a0  exfat - ok
21:01:44.0093 0x13a0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:01:44.0119 0x13a0  fastfat - ok
21:01:44.0132 0x13a0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:01:44.0152 0x13a0  Fax - ok
21:01:44.0156 0x13a0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
21:01:44.0165 0x13a0  fdc - ok
21:01:44.0167 0x13a0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:01:44.0191 0x13a0  fdPHost - ok
21:01:44.0194 0x13a0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:01:44.0217 0x13a0  FDResPub - ok
21:01:44.0220 0x13a0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:01:44.0228 0x13a0  FileInfo - ok
21:01:44.0231 0x13a0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:01:44.0253 0x13a0  Filetrace - ok
21:01:44.0256 0x13a0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:01:44.0264 0x13a0  flpydisk - ok
21:01:44.0271 0x13a0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:01:44.0282 0x13a0  FltMgr - ok
21:01:44.0303 0x13a0  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
21:01:44.0331 0x13a0  FontCache - ok
21:01:44.0336 0x13a0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:01:44.0343 0x13a0  FontCache3.0.0.0 - ok
21:01:44.0346 0x13a0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:01:44.0354 0x13a0  FsDepends - ok
21:01:44.0357 0x13a0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:01:44.0364 0x13a0  Fs_Rec - ok
21:01:44.0370 0x13a0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:01:44.0382 0x13a0  fvevol - ok
21:01:44.0387 0x13a0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:01:44.0395 0x13a0  gagp30kx - ok
21:01:44.0398 0x13a0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:01:44.0405 0x13a0  GEARAspiWDM - ok
21:01:44.0420 0x13a0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:01:44.0454 0x13a0  gpsvc - ok
21:01:44.0460 0x13a0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:44.0468 0x13a0  gupdate - ok
21:01:44.0472 0x13a0  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:01:44.0480 0x13a0  gupdatem - ok
21:01:44.0485 0x13a0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:01:44.0495 0x13a0  gusvc - ok
21:01:44.0498 0x13a0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:01:44.0507 0x13a0  hcw85cir - ok
21:01:44.0515 0x13a0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:01:44.0530 0x13a0  HdAudAddService - ok
21:01:44.0534 0x13a0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:01:44.0546 0x13a0  HDAudBus - ok
21:01:44.0549 0x13a0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:01:44.0558 0x13a0  HidBatt - ok
21:01:44.0561 0x13a0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:01:44.0572 0x13a0  HidBth - ok
21:01:44.0576 0x13a0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:01:44.0587 0x13a0  HidIr - ok
21:01:44.0590 0x13a0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:01:44.0613 0x13a0  hidserv - ok
21:01:44.0617 0x13a0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:01:44.0625 0x13a0  HidUsb - ok
21:01:44.0629 0x13a0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:01:44.0653 0x13a0  hkmsvc - ok
21:01:44.0659 0x13a0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:01:44.0671 0x13a0  HomeGroupListener - ok
21:01:44.0676 0x13a0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:01:44.0689 0x13a0  HomeGroupProvider - ok
21:01:44.0693 0x13a0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:01:44.0701 0x13a0  HpSAMD - ok
21:01:44.0718 0x13a0  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:01:44.0737 0x13a0  HTTP - ok
21:01:44.0741 0x13a0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:01:44.0748 0x13a0  hwpolicy - ok
21:01:44.0752 0x13a0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:01:44.0761 0x13a0  i8042prt - ok
21:01:44.0771 0x13a0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:01:44.0784 0x13a0  iaStorV - ok
21:01:44.0800 0x13a0  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:01:44.0821 0x13a0  idsvc - ok
21:01:44.0824 0x13a0  IEEtwCollectorService - ok
21:01:44.0902 0x13a0  [ 09F8023A17EE9EB0897A1B195428192B, 2DF018A24766E32E16F4B4FA9DA3D095BA42702B6869D4D1624A5EBF83805AF2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
21:01:45.0011 0x13a0  igfx - ok
21:01:45.0030 0x13a0  [ E6293C8F05FEB58E8877D5658E5FEF89, B669EF793910AF3A794B968A063682B50254336653AA92A9C6ADAF8310D52F87 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
21:01:45.0043 0x13a0  igfxCUIService1.0.0.0 - ok
21:01:45.0047 0x13a0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:01:45.0055 0x13a0  iirsp - ok
21:01:45.0058 0x13a0  [ EB7BA65AA0EDF27EAB0109AC73F2779C, EB952C72CBB43A07E1E8AC003323CD7C5E2ED7AFC5E06973F7BDB0C702C5630D ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
21:01:45.0066 0x13a0  IJPLMSVC - ok
21:01:45.0083 0x13a0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:01:45.0106 0x13a0  IKEEXT - ok
21:01:45.0167 0x13a0  [ E9740A3BC0AE6EA035FF7ECE3A1B27B6, 4CA3E094B0057E143955DE5D41C3344688B6D2C4FFC0417235FF46312B600F99 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:01:45.0230 0x13a0  IntcAzAudAddService - ok
21:01:45.0244 0x13a0  [ 0D92782AEAFEC340F7F637E91C7E367D, 2E2654D017FF567CF8ED4D0BA20209894792C8BDDF50C3396961F2B850E17E36 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
21:01:45.0260 0x13a0  IntcDAud - ok
21:01:45.0266 0x13a0  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
21:01:45.0276 0x13a0  Intel(R) PROSet Monitoring Service - ok
21:01:45.0279 0x13a0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:01:45.0286 0x13a0  intelide - ok
21:01:45.0289 0x13a0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:01:45.0298 0x13a0  intelppm - ok
21:01:45.0302 0x13a0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:01:45.0326 0x13a0  IPBusEnum - ok
21:01:45.0330 0x13a0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:01:45.0353 0x13a0  IpFilterDriver - ok
21:01:45.0364 0x13a0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:01:45.0382 0x13a0  iphlpsvc - ok
21:01:45.0386 0x13a0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:01:45.0395 0x13a0  IPMIDRV - ok
21:01:45.0399 0x13a0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:01:45.0424 0x13a0  IPNAT - ok
21:01:45.0437 0x13a0  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:01:45.0454 0x13a0  iPod Service - ok
21:01:45.0457 0x13a0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:01:45.0468 0x13a0  IRENUM - ok
21:01:45.0472 0x13a0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:01:45.0479 0x13a0  isapnp - ok
21:01:45.0486 0x13a0  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:01:45.0497 0x13a0  iScsiPrt - ok
21:01:45.0500 0x13a0  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:01:45.0507 0x13a0  iusb3hcs - ok
21:01:45.0515 0x13a0  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:01:45.0527 0x13a0  iusb3hub - ok
21:01:45.0542 0x13a0  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:01:45.0561 0x13a0  iusb3xhc - ok
21:01:45.0565 0x13a0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:01:45.0573 0x13a0  kbdclass - ok
21:01:45.0575 0x13a0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:01:45.0584 0x13a0  kbdhid - ok
21:01:45.0587 0x13a0  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] KeyIso          C:\Windows\system32\lsass.exe
21:01:45.0596 0x13a0  KeyIso - ok
21:01:45.0600 0x13a0  [ B6C2FA7F5E5BC1A488A57C6344D29D64, 857245D664CF9ED8121E2087D73F85DA3FED721484DDC6B51AF6A344EC29A27F ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:01:45.0609 0x13a0  KSecDD - ok
21:01:45.0614 0x13a0  [ FB4397DDCC732DB6A7B33B747C7EB708, AD8B9500AAE12C1507B982B74B86731BE75AFAC7F64538332A380AC43EDEC271 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:01:45.0624 0x13a0  KSecPkg - ok
21:01:45.0627 0x13a0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:01:45.0652 0x13a0  ksthunk - ok
21:01:45.0662 0x13a0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:01:45.0692 0x13a0  KtmRm - ok
21:01:45.0698 0x13a0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:01:45.0725 0x13a0  LanmanServer - ok
21:01:45.0729 0x13a0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:01:45.0755 0x13a0  LanmanWorkstation - ok
21:01:45.0761 0x13a0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:01:45.0784 0x13a0  lltdio - ok
21:01:45.0791 0x13a0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:01:45.0820 0x13a0  lltdsvc - ok
21:01:45.0823 0x13a0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:01:45.0847 0x13a0  lmhosts - ok
21:01:45.0852 0x13a0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:01:45.0861 0x13a0  LSI_FC - ok
21:01:45.0865 0x13a0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:01:45.0874 0x13a0  LSI_SAS - ok
21:01:45.0882 0x13a0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:01:45.0891 0x13a0  LSI_SAS2 - ok
21:01:45.0895 0x13a0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:01:45.0904 0x13a0  LSI_SCSI - ok
21:01:45.0908 0x13a0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:01:45.0933 0x13a0  luafv - ok
21:01:45.0937 0x13a0  [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:01:45.0946 0x13a0  MBAMSwissArmy - ok
21:01:45.0950 0x13a0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:01:45.0960 0x13a0  Mcx2Svc - ok
21:01:45.0963 0x13a0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:01:45.0971 0x13a0  megasas - ok
21:01:45.0977 0x13a0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:01:45.0989 0x13a0  MegaSR - ok
21:01:45.0993 0x13a0  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:01:46.0001 0x13a0  MEIx64 - ok
21:01:46.0006 0x13a0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:01:46.0030 0x13a0  MMCSS - ok
21:01:46.0034 0x13a0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:01:46.0057 0x13a0  Modem - ok
21:01:46.0059 0x13a0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:01:46.0069 0x13a0  monitor - ok
21:01:46.0072 0x13a0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:01:46.0080 0x13a0  mouclass - ok
21:01:46.0082 0x13a0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:01:46.0091 0x13a0  mouhid - ok
21:01:46.0095 0x13a0  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:01:46.0103 0x13a0  mountmgr - ok
21:01:46.0110 0x13a0  [ 63282F5EB7E5BFB58FD1EC93C6ADB457, 25096C4AE319E854153C75DCEC0A67A63F6B05FDD0B49D4D373724B3BF55D665 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:01:46.0120 0x13a0  MozillaMaintenance - ok
21:01:46.0125 0x13a0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:01:46.0135 0x13a0  mpio - ok
21:01:46.0139 0x13a0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:01:46.0161 0x13a0  mpsdrv - ok
21:01:46.0177 0x13a0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:01:46.0212 0x13a0  MpsSvc - ok
21:01:46.0217 0x13a0  [ D7ADC2B83CA0B0381F75A98351F72CEE, 05476B7CA0486DF770AE492B5A90C85E3D3E7485152EB2FA30A19EC9BE44ED81 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:01:46.0227 0x13a0  MRxDAV - ok
21:01:46.0235 0x13a0  [ ACEC16415275E1AD6F7983EF472810E3, E5017E157954F6C21AA66233FF2C1A6B1FF3E4685F26648A8A21F2B9718DD97C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:01:46.0246 0x13a0  mrxsmb - ok
21:01:46.0258 0x13a0  [ 0F276F2F2018296FABC7BD2BCCAAB40B, 378A36F7282EE9FFEC8A1D5783ECD0A428E0215B1774AAA166C5AA09B3C636F7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:01:46.0270 0x13a0  mrxsmb10 - ok
21:01:46.0274 0x13a0  [ 1D4B7972375052F5B7877A6FD9BE33A0, B3FD235F6FE975F1869436ED1215913F0E8EB1123BB252FD221C35AB1121C3F5 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:01:46.0284 0x13a0  mrxsmb20 - ok
21:01:46.0287 0x13a0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:01:46.0294 0x13a0  msahci - ok
21:01:46.0298 0x13a0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:01:46.0306 0x09e8  Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
21:01:46.0308 0x13a0  msdsm - ok
21:01:46.0315 0x13a0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:01:46.0327 0x13a0  MSDTC - ok
21:01:46.0332 0x13a0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:01:46.0354 0x13a0  Msfs - ok
21:01:46.0357 0x13a0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:01:46.0378 0x13a0  mshidkmdf - ok
21:01:46.0381 0x13a0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:01:46.0388 0x13a0  msisadrv - ok
21:01:46.0393 0x13a0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:01:46.0419 0x13a0  MSiSCSI - ok
21:01:46.0424 0x13a0  msiserver - ok
21:01:46.0427 0x13a0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:01:46.0449 0x13a0  MSKSSRV - ok
21:01:46.0451 0x13a0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:01:46.0474 0x13a0  MSPCLOCK - ok
21:01:46.0477 0x13a0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:01:46.0499 0x13a0  MSPQM - ok
21:01:46.0508 0x13a0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:01:46.0521 0x13a0  MsRPC - ok
21:01:46.0525 0x13a0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:01:46.0532 0x13a0  mssmbios - ok
21:01:46.0535 0x13a0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:01:46.0557 0x13a0  MSTEE - ok
21:01:46.0561 0x13a0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:01:46.0569 0x13a0  MTConfig - ok
21:01:46.0574 0x13a0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:01:46.0582 0x13a0  Mup - ok
21:01:46.0596 0x13a0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:01:46.0627 0x13a0  napagent - ok
21:01:46.0634 0x13a0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:01:46.0650 0x13a0  NativeWifiP - ok
21:01:46.0668 0x13a0  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:01:46.0690 0x13a0  NDIS - ok
21:01:46.0694 0x13a0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:01:46.0716 0x13a0  NdisCap - ok
21:01:46.0718 0x13a0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:01:46.0740 0x13a0  NdisTapi - ok
21:01:46.0745 0x13a0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:01:46.0766 0x13a0  Ndisuio - ok
21:01:46.0771 0x13a0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:01:46.0794 0x13a0  NdisWan - ok
21:01:46.0797 0x13a0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:01:46.0819 0x13a0  NDProxy - ok
21:01:46.0822 0x13a0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:01:46.0844 0x13a0  NetBIOS - ok
21:01:46.0851 0x13a0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:01:46.0878 0x13a0  NetBT - ok
21:01:46.0881 0x13a0  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] Netlogon        C:\Windows\system32\lsass.exe
21:01:46.0890 0x13a0  Netlogon - ok
21:01:46.0898 0x13a0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:01:46.0927 0x13a0  Netman - ok
21:01:46.0936 0x13a0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:46.0946 0x13a0  NetMsmqActivator - ok
21:01:46.0950 0x13a0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:46.0960 0x13a0  NetPipeActivator - ok
21:01:46.0969 0x13a0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:01:46.0996 0x021c  Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
21:01:47.0001 0x13a0  netprofm - ok
21:01:47.0006 0x13a0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:47.0016 0x13a0  NetTcpActivator - ok
21:01:47.0020 0x13a0  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:01:47.0030 0x13a0  NetTcpPortSharing - ok
21:01:47.0033 0x13a0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:01:47.0041 0x13a0  nfrd960 - ok
21:01:47.0045 0x13a0  [ 531ABFAFAE0AFA2F3E9BBB2C08477ED1, 434C4DAE4BD03F61174CD71F41FF7927769F045ECF841550C29E4E055675423E ] ngvss           C:\Windows\system32\drivers\ngvss.sys
21:01:47.0054 0x13a0  ngvss - ok
21:01:47.0061 0x13a0  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:01:47.0076 0x13a0  NlaSvc - ok
21:01:47.0079 0x13a0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:01:47.0101 0x13a0  Npfs - ok
21:01:47.0104 0x13a0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:01:47.0129 0x13a0  nsi - ok
21:01:47.0132 0x13a0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:01:47.0154 0x13a0  nsiproxy - ok
21:01:47.0185 0x13a0  [ 47B2D0B31BDC3EBE6090228E2BA3764D, 984A4B38300954164BCBF57EC1A09C18B53779E60A26E9618B50E26016735787 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:01:47.0224 0x13a0  Ntfs - ok
21:01:47.0228 0x13a0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:01:47.0251 0x13a0  Null - ok
21:01:47.0255 0x13a0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:01:47.0265 0x13a0  nvraid - ok
21:01:47.0269 0x13a0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:01:47.0279 0x13a0  nvstor - ok
21:01:47.0283 0x13a0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:01:47.0292 0x13a0  nv_agp - ok
21:01:47.0302 0x13a0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:01:47.0315 0x13a0  odserv - ok
21:01:47.0319 0x13a0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:01:47.0330 0x13a0  ohci1394 - ok
21:01:47.0334 0x13a0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:01:47.0344 0x13a0  ose - ok
21:01:47.0352 0x13a0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:01:47.0367 0x13a0  p2pimsvc - ok
21:01:47.0376 0x13a0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:01:47.0392 0x13a0  p2psvc - ok
21:01:47.0397 0x13a0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:01:47.0406 0x13a0  Parport - ok
21:01:47.0410 0x13a0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:01:47.0418 0x13a0  partmgr - ok
21:01:47.0423 0x13a0  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:01:47.0435 0x13a0  PcaSvc - ok
21:01:47.0441 0x13a0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:01:47.0451 0x13a0  pci - ok
21:01:47.0454 0x13a0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:01:47.0461 0x13a0  pciide - ok
21:01:47.0469 0x13a0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:01:47.0479 0x13a0  pcmcia - ok
21:01:47.0482 0x13a0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:01:47.0490 0x13a0  pcw - ok
21:01:47.0503 0x13a0  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:01:47.0521 0x13a0  PEAUTH - ok
21:01:47.0546 0x13a0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:01:47.0577 0x13a0  PeerDistSvc - ok
21:01:47.0598 0x13a0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:01:47.0608 0x13a0  PerfHost - ok
21:01:47.0635 0x13a0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:01:47.0680 0x13a0  pla - ok
21:01:47.0690 0x13a0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:01:47.0707 0x13a0  PlugPlay - ok
21:01:47.0710 0x13a0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:01:47.0720 0x13a0  PNRPAutoReg - ok
21:01:47.0728 0x13a0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:01:47.0742 0x13a0  PNRPsvc - ok
21:01:47.0754 0x13a0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:01:47.0784 0x13a0  PolicyAgent - ok
21:01:47.0793 0x13a0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:01:47.0819 0x13a0  Power - ok
21:01:47.0823 0x13a0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:01:47.0846 0x13a0  PptpMiniport - ok
21:01:47.0849 0x13a0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
21:01:47.0859 0x13a0  Processor - ok
21:01:47.0865 0x13a0  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:01:47.0880 0x13a0  ProfSvc - ok
21:01:47.0883 0x13a0  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] ProtectedStorage C:\Windows\system32\lsass.exe
21:01:47.0893 0x13a0  ProtectedStorage - ok
21:01:47.0897 0x13a0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:01:47.0920 0x13a0  Psched - ok
21:01:47.0948 0x13a0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:01:47.0980 0x13a0  ql2300 - ok
21:01:47.0986 0x13a0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:01:47.0996 0x13a0  ql40xx - ok
21:01:48.0002 0x13a0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:01:48.0018 0x13a0  QWAVE - ok
21:01:48.0021 0x13a0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:01:48.0033 0x13a0  QWAVEdrv - ok
21:01:48.0036 0x13a0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:01:48.0059 0x13a0  RasAcd - ok
21:01:48.0062 0x13a0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:01:48.0085 0x13a0  RasAgileVpn - ok
21:01:48.0088 0x13a0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:01:48.0114 0x13a0  RasAuto - ok
21:01:48.0118 0x13a0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:01:48.0142 0x13a0  Rasl2tp - ok
21:01:48.0149 0x13a0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:01:48.0182 0x13a0  RasMan - ok
21:01:48.0186 0x13a0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:01:48.0211 0x13a0  RasPppoe - ok
21:01:48.0214 0x13a0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:01:48.0234 0x0e78  Object required for P2P: [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdate
21:01:48.0238 0x13a0  RasSstp - ok
21:01:48.0245 0x13a0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:01:48.0271 0x13a0  rdbss - ok
21:01:48.0276 0x13a0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:01:48.0286 0x13a0  rdpbus - ok
21:01:48.0288 0x13a0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:01:48.0310 0x13a0  RDPCDD - ok
21:01:48.0317 0x13a0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:01:48.0327 0x13a0  RDPDR - ok
21:01:48.0329 0x13a0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:01:48.0352 0x13a0  RDPENCDD - ok
21:01:48.0359 0x13a0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:01:48.0383 0x13a0  RDPREFMP - ok
21:01:48.0389 0x13a0  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:01:48.0401 0x13a0  RDPWD - ok
21:01:48.0408 0x13a0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:01:48.0417 0x13a0  rdyboost - ok
21:01:48.0421 0x13a0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:01:48.0447 0x13a0  RemoteAccess - ok
21:01:48.0452 0x13a0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:01:48.0478 0x13a0  RemoteRegistry - ok
21:01:48.0482 0x13a0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:01:48.0507 0x13a0  RpcEptMapper - ok
21:01:48.0510 0x13a0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:01:48.0520 0x13a0  RpcLocator - ok
21:01:48.0532 0x13a0  [ 622C96AFB07BB82C8650B47172137AC4, B74CEA5A3F4945E5A3EAE7AF1B1FA75F611C65C6FACE393052A512FA81B0C17C ] RpcSs           C:\Windows\system32\rpcss.dll
21:01:48.0549 0x13a0  RpcSs - ok
21:01:48.0553 0x13a0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:01:48.0577 0x13a0  rspndr - ok
21:01:48.0583 0x13a0  [ DDF3EFB4AD226C61D0ADA6E779E3D968, 5B14B35321F10D974B9F47D60C9DAA527A2C907029C242A6F4214E6012A046DA ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
21:01:48.0594 0x13a0  RtkAudioService - ok
21:01:48.0596 0x13a0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:01:48.0604 0x13a0  s3cap - ok
21:01:48.0609 0x13a0  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] SamSs           C:\Windows\system32\lsass.exe
21:01:48.0618 0x13a0  SamSs - ok
21:01:48.0622 0x13a0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:01:48.0631 0x13a0  sbp2port - ok
21:01:48.0636 0x13a0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:01:48.0663 0x13a0  SCardSvr - ok
21:01:48.0666 0x13a0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:01:48.0689 0x13a0  scfilter - ok
21:01:48.0709 0x13a0  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
21:01:48.0736 0x13a0  Schedule - ok
21:01:48.0741 0x13a0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:01:48.0766 0x13a0  SCPolicySvc - ok
21:01:48.0771 0x13a0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:01:48.0783 0x13a0  SDRSVC - ok
21:01:48.0786 0x13a0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:01:48.0795 0x13a0  secdrv - ok
21:01:48.0798 0x13a0  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
21:01:48.0808 0x13a0  seclogon - ok
21:01:48.0811 0x13a0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:01:48.0836 0x13a0  SENS - ok
21:01:48.0839 0x13a0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:01:48.0849 0x13a0  SensrSvc - ok
21:01:48.0851 0x13a0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:01:48.0861 0x13a0  Serenum - ok
21:01:48.0864 0x13a0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:01:48.0875 0x13a0  Serial - ok
21:01:48.0882 0x13a0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:01:48.0891 0x13a0  sermouse - ok
21:01:48.0898 0x13a0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:01:48.0924 0x13a0  SessionEnv - ok
21:01:48.0926 0x13a0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:01:48.0936 0x13a0  sffdisk - ok
21:01:48.0939 0x13a0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:01:48.0949 0x13a0  sffp_mmc - ok
21:01:48.0952 0x13a0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:01:48.0962 0x13a0  sffp_sd - ok
21:01:48.0964 0x13a0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:01:48.0973 0x13a0  sfloppy - ok
21:01:48.0982 0x13a0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:01:49.0014 0x13a0  SharedAccess - ok
21:01:49.0024 0x13a0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:01:49.0053 0x13a0  ShellHWDetection - ok
21:01:49.0057 0x13a0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:01:49.0065 0x13a0  SiSRaid2 - ok
21:01:49.0069 0x13a0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:01:49.0078 0x13a0  SiSRaid4 - ok
21:01:49.0082 0x13a0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:01:49.0107 0x13a0  Smb - ok
21:01:49.0112 0x13a0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:01:49.0123 0x13a0  SNMPTRAP - ok
21:01:49.0126 0x13a0  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
21:01:49.0136 0x13a0  speedfan - ok
21:01:49.0139 0x13a0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:01:49.0147 0x13a0  spldr - ok
21:01:49.0160 0x13a0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:01:49.0179 0x13a0  Spooler - ok
21:01:49.0237 0x13a0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:01:49.0317 0x13a0  sppsvc - ok
21:01:49.0325 0x13a0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:01:49.0350 0x13a0  sppuinotify - ok
21:01:49.0360 0x13a0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:01:49.0374 0x13a0  srv - ok
21:01:49.0384 0x13a0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:01:49.0398 0x13a0  srv2 - ok
21:01:49.0403 0x13a0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:01:49.0414 0x13a0  srvnet - ok
21:01:49.0419 0x13a0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:01:49.0446 0x13a0  SSDPSRV - ok
21:01:49.0450 0x13a0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:01:49.0475 0x13a0  SstpSvc - ok
21:01:49.0478 0x13a0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:01:49.0485 0x13a0  stexstor - ok
21:01:49.0498 0x13a0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:01:49.0522 0x13a0  stisvc - ok
21:01:49.0527 0x13a0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:01:49.0535 0x13a0  storflt - ok
21:01:49.0537 0x13a0  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:01:49.0548 0x13a0  StorSvc - ok
21:01:49.0551 0x13a0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:01:49.0558 0x13a0  storvsc - ok
21:01:49.0561 0x13a0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:01:49.0569 0x13a0  swenum - ok
21:01:49.0580 0x13a0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:01:49.0612 0x13a0  swprv - ok
21:01:49.0642 0x13a0  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
21:01:49.0680 0x13a0  SysMain - ok
21:01:49.0686 0x13a0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:01:49.0701 0x13a0  TabletInputService - ok
21:01:49.0708 0x13a0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:01:49.0736 0x13a0  TapiSrv - ok
21:01:49.0767 0x13a0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:01:49.0805 0x13a0  Tcpip - ok
21:01:49.0842 0x13a0  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:01:49.0881 0x13a0  TCPIP6 - ok
21:01:49.0887 0x13a0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:01:49.0896 0x13a0  tcpipreg - ok
21:01:49.0900 0x13a0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:01:49.0908 0x13a0  TDPIPE - ok
21:01:49.0912 0x13a0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:01:49.0921 0x13a0  TDTCP - ok
21:01:49.0925 0x13a0  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:01:49.0935 0x13a0  tdx - ok
21:01:49.0938 0x13a0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:01:49.0946 0x13a0  TermDD - ok
21:01:49.0960 0x13a0  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:01:49.0980 0x13a0  TermService - ok
21:01:49.0983 0x13a0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:01:49.0997 0x13a0  Themes - ok
21:01:50.0000 0x13a0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:01:50.0025 0x13a0  THREADORDER - ok
21:01:50.0033 0x13a0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:01:50.0059 0x13a0  TrkWks - ok
21:01:50.0066 0x13a0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:01:50.0091 0x13a0  TrustedInstaller - ok
21:01:50.0096 0x13a0  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:01:50.0104 0x13a0  tssecsrv - ok
21:01:50.0108 0x13a0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:01:50.0116 0x13a0  TsUsbFlt - ok
21:01:50.0119 0x13a0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:01:50.0129 0x13a0  TsUsbGD - ok
21:01:50.0134 0x13a0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:01:50.0157 0x13a0  tunnel - ok
21:01:50.0160 0x13a0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:01:50.0168 0x13a0  uagp35 - ok
21:01:50.0176 0x13a0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:01:50.0202 0x13a0  udfs - ok
21:01:50.0206 0x13a0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:01:50.0219 0x13a0  UI0Detect - ok
21:01:50.0222 0x13a0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:01:50.0230 0x13a0  uliagpkx - ok
21:01:50.0234 0x13a0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:01:50.0242 0x13a0  umbus - ok
21:01:50.0245 0x13a0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:01:50.0253 0x13a0  UmPass - ok
21:01:50.0259 0x13a0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:01:50.0271 0x13a0  UmRdpService - ok
21:01:50.0279 0x13a0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:01:50.0309 0x13a0  upnphost - ok
21:01:50.0312 0x13a0  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:01:50.0321 0x13a0  USBAAPL64 - ok
21:01:50.0326 0x13a0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:01:50.0335 0x13a0  usbccgp - ok
21:01:50.0339 0x13a0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:01:50.0348 0x13a0  usbcir - ok
21:01:50.0351 0x13a0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:01:50.0360 0x13a0  usbehci - ok
21:01:50.0368 0x13a0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:01:50.0381 0x13a0  usbhub - ok
21:01:50.0384 0x13a0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:01:50.0392 0x13a0  usbohci - ok
21:01:50.0394 0x13a0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:01:50.0404 0x13a0  usbprint - ok
21:01:50.0407 0x13a0  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:01:50.0415 0x13a0  usbscan - ok
21:01:50.0419 0x13a0  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:01:50.0428 0x13a0  USBSTOR - ok
21:01:50.0431 0x13a0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:01:50.0439 0x13a0  usbuhci - ok
21:01:50.0443 0x13a0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:01:50.0467 0x13a0  UxSms - ok
21:01:50.0469 0x13a0  [ 626BE7CD27F44185AA4DCD3603830312, EBE197BAA8F0ACEA219B402A1D03534A448048F1010A50680D728493A9B0641E ] VaultSvc        C:\Windows\system32\lsass.exe
21:01:50.0479 0x13a0  VaultSvc - ok
21:01:50.0488 0x13a0  [ 2D8A86BE49A1AD9D05678A2A10F64CE7, 771B5882267B593A1E389DB26F21C3F790D534C8C98FD4A8F043978EA6E09CD6 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
21:01:50.0499 0x13a0  VBoxAswDrv - ok
21:01:50.0502 0x13a0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:01:50.0510 0x13a0  vdrvroot - ok
21:01:50.0529 0x13a0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:01:50.0560 0x13a0  vds - ok
21:01:50.0564 0x13a0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:01:50.0574 0x13a0  vga - ok
21:01:50.0577 0x13a0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:01:50.0599 0x13a0  VgaSave - ok
21:01:50.0604 0x13a0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:01:50.0614 0x13a0  vhdmp - ok
21:01:50.0617 0x13a0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:01:50.0625 0x13a0  viaide - ok
21:01:50.0630 0x13a0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:01:50.0640 0x13a0  vmbus - ok
21:01:50.0644 0x13a0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:01:50.0652 0x13a0  VMBusHID - ok
21:01:50.0655 0x13a0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:01:50.0663 0x13a0  volmgr - ok
21:01:50.0671 0x13a0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:01:50.0684 0x13a0  volmgrx - ok
21:01:50.0691 0x13a0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:01:50.0703 0x13a0  volsnap - ok
21:01:50.0708 0x13a0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:01:50.0717 0x13a0  vsmraid - ok
21:01:50.0745 0x13a0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:01:50.0793 0x13a0  VSS - ok
21:01:50.0798 0x13a0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:01:50.0808 0x13a0  vwifibus - ok
21:01:50.0816 0x13a0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:01:50.0846 0x13a0  W32Time - ok
21:01:50.0850 0x13a0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:01:50.0859 0x13a0  WacomPen - ok
21:01:50.0863 0x13a0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:01:50.0886 0x13a0  WANARP - ok
21:01:50.0889 0x13a0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:01:50.0912 0x13a0  Wanarpv6 - ok
21:01:50.0938 0x13a0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:01:50.0973 0x13a0  wbengine - ok
21:01:50.0981 0x13a0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:01:50.0997 0x13a0  WbioSrvc - ok
21:01:51.0005 0x13a0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:01:51.0023 0x13a0  wcncsvc - ok
21:01:51.0027 0x13a0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:01:51.0037 0x13a0  WcsPlugInService - ok
21:01:51.0040 0x13a0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
21:01:51.0048 0x13a0  Wd - ok
21:01:51.0062 0x13a0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:01:51.0083 0x13a0  Wdf01000 - ok
21:01:51.0088 0x13a0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:01:51.0099 0x13a0  WdiServiceHost - ok
21:01:51.0102 0x13a0  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:01:51.0114 0x13a0  WdiSystemHost - ok
21:01:51.0120 0x13a0  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
21:01:51.0133 0x13a0  WebClient - ok
21:01:51.0140 0x13a0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:01:51.0168 0x13a0  Wecsvc - ok
21:01:51.0172 0x13a0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:01:51.0196 0x04a4  Object required for P2P: [ 63282F5EB7E5BFB58FD1EC93C6ADB457 ] MozillaMaintenance
21:01:51.0198 0x13a0  wercplsupport - ok
21:01:51.0202 0x13a0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:01:51.0227 0x13a0  WerSvc - ok
21:01:51.0231 0x13a0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:01:51.0254 0x13a0  WfpLwf - ok
21:01:51.0257 0x13a0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:01:51.0266 0x13a0  WIMMount - ok
21:01:51.0268 0x13a0  WinDefend - ok
21:01:51.0272 0x13a0  WinHttpAutoProxySvc - ok
21:01:51.0283 0x13a0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:01:51.0309 0x13a0  Winmgmt - ok
21:01:51.0344 0x13a0  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:01:51.0387 0x13a0  WinRM - ok
21:01:51.0396 0x13a0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
21:01:51.0406 0x13a0  WinUsb - ok
21:01:51.0423 0x13a0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:01:51.0451 0x13a0  Wlansvc - ok
21:01:51.0491 0x13a0  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:01:51.0534 0x13a0  wlidsvc - ok
21:01:51.0540 0x13a0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:01:51.0549 0x13a0  WmiAcpi - ok
21:01:51.0555 0x13a0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:01:51.0567 0x13a0  wmiApSrv - ok
21:01:51.0569 0x13a0  WMPNetworkSvc - ok
21:01:51.0572 0x13a0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:01:51.0583 0x13a0  WPCSvc - ok
21:01:51.0587 0x13a0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:01:51.0600 0x13a0  WPDBusEnum - ok
21:01:51.0603 0x13a0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:01:51.0624 0x13a0  ws2ifsl - ok
21:01:51.0629 0x13a0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:01:51.0643 0x13a0  wscsvc - ok
21:01:51.0648 0x13a0  WSearch - ok
21:01:51.0694 0x13a0  [ 86F11B85102AFA6A1A6101DCE2F09386, 68A0F0E628C8F33FDAC114876DA8ED14776DD74E80AC5A6A52257E19DE011091 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:01:51.0746 0x13a0  wuauserv - ok
21:01:51.0756 0x13a0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:01:51.0766 0x13a0  WudfPf - ok
21:01:51.0773 0x13a0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:01:51.0783 0x13a0  WUDFRd - ok
21:01:51.0787 0x13a0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:01:51.0799 0x13a0  wudfsvc - ok
21:01:51.0805 0x13a0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:01:51.0819 0x13a0  WwanSvc - ok
21:01:51.0821 0x13a0  ================ Scan global ===============================
21:01:51.0824 0x13a0  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
21:01:51.0833 0x13a0  [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
21:01:51.0843 0x13a0  [ 841BF993597DCD498247684B5D3AE845, B80FDDE2F36F7DC9BCE253FFE0148C918DC3DD4357F37761B364DE7B887239EA ] C:\Windows\system32\winsrv.dll
21:01:51.0851 0x13a0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:01:51.0860 0x13a0  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:01:51.0866 0x13a0  [ Global ] - ok
21:01:51.0867 0x13a0  ================ Scan MBR ==================================
21:01:51.0868 0x13a0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:01:51.0952 0x13a0  \Device\Harddisk0\DR0 - ok
21:01:52.0587 0x13a0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:01:52.0659 0x13a0  \Device\Harddisk1\DR1 - ok
21:01:52.0660 0x13a0  ================ Scan VBR ==================================
21:01:52.0665 0x13a0  [ CE3E070B2678D7655F021234B8A09DD7 ] \Device\Harddisk0\DR0\Partition1
21:01:52.0667 0x13a0  \Device\Harddisk0\DR0\Partition1 - ok
21:01:52.0671 0x13a0  [ 8997919AC76DA63103741203073D34F0 ] \Device\Harddisk0\DR0\Partition2
21:01:52.0673 0x13a0  \Device\Harddisk0\DR0\Partition2 - ok
21:01:52.0678 0x13a0  [ 3ECDA6F750A3D8AD829645FFB176461B ] \Device\Harddisk1\DR1\Partition1
21:01:52.0710 0x13a0  \Device\Harddisk1\DR1\Partition1 - ok
21:01:52.0711 0x13a0  ================ Scan generic autorun ======================
21:01:52.0712 0x13a0  HotKeysCmds - ok
21:01:52.0713 0x13a0  Persistence - ok
21:01:52.0942 0x13a0  [ 324B8DDDF70D28B7A767E0608256DF36, 2FA4AA3F5E6D9C16A50F986027708AF657ADE9AE2A286E4F7686A1DF510FC2C1 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:01:53.0180 0x13a0  RtHDVCpl - ok
21:01:53.0202 0x13a0  [ 7EE4CE5FC9062A10D47553A91EE1EBCD, 16BB1317EC19A7BBA3C70A975CE6FBC75FEDCE77D660B7CC58CAA41AAA37A9BA ] C:\Windows\system32\igfxtray.exe
21:01:53.0217 0x13a0  IgfxTray - ok
21:01:53.0222 0x13a0  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
21:01:53.0232 0x13a0  iTunesHelper - ok
21:01:53.0238 0x13a0  [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:01:53.0249 0x13a0  USB3MON - ok
21:01:53.0345 0x13a0  [ 12DDF400E9E4441C0A9C144861D1EE01, 8B6702F149E044EC0CDA1291EE7AE64B9954E93E68F15DF8A925E396435254FF ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
21:01:53.0454 0x13a0  AvastUI.exe - ok
21:01:53.0478 0x13a0  [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
21:01:53.0497 0x13a0  avgnt - ok
21:01:53.0501 0x13a0  [ 86069F4F421FB355C41FD734500E477F, CB4CE22C3298280B033105875079A373D7E1ADEA15F0F71A2095CCA50CF7E5A5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
21:01:53.0508 0x13a0  Avira SystrayStartTrigger - ok
21:01:53.0531 0x13a0  [ AABD3E439647167142FFA5567512B3A4, 9C90D4638B072BE1E49FE1704127F62FA1A98D4A7D8A17A4DE2F797FDFB85FAE ] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
21:01:53.0556 0x13a0  CanonQuickMenu - ok
21:01:53.0560 0x13a0  Dropbox - ok
21:01:53.0564 0x13a0  [ E971C2901BC0E9934D01D84AD127FAAF, 2DC4B1D898430CD152B16D0909C9DEF252579F91E093632E78D47F77CBFDC843 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
21:01:53.0572 0x13a0  APSDaemon - ok
21:01:53.0593 0x13a0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:01:53.0636 0x13a0  Sidebar - ok
21:01:53.0640 0x13a0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:01:53.0654 0x13a0  mctadmin - ok
21:01:53.0674 0x13a0  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:01:53.0701 0x13a0  Sidebar - ok
21:01:53.0705 0x13a0  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:01:53.0718 0x13a0  mctadmin - ok
21:01:53.0745 0x13a0  [ DAAC3B07146F31C2B26E5E9A8FDDD4B9, BA417ECC767243A4F407507414C3442F8D908E85927E784592922A93C39D6627 ] C:\Users\Petra\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:01:53.0775 0x13a0  Spotify Web Helper - ok
21:01:53.0884 0x13a0  [ 9A1116015A5E62DCF2004DEB5687636E, 29884B56F8D57C266F00FC52D8F266ADC3082D062B2BA11EE602F71B5B7F6EDA ] C:\Users\Petra\AppData\Roaming\Spotify\Spotify.exe
21:01:53.0993 0x13a0  Spotify - ok
21:01:53.0999 0x13a0  Waiting for KSN requests completion. In queue: 262
21:01:54.0497 0x09e8  Object send P2P result: true
21:01:54.0999 0x13a0  Waiting for KSN requests completion. In queue: 252
21:01:55.0382 0x04a4  Object send P2P result: true
21:01:55.0999 0x13a0  Waiting for KSN requests completion. In queue: 231
21:01:56.0999 0x13a0  Waiting for KSN requests completion. In queue: 231
21:01:57.0999 0x13a0  Waiting for KSN requests completion. In queue: 231
21:01:58.0288 0x1b38  Object required for P2P: [ 12DDF400E9E4441C0A9C144861D1EE01 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
21:01:58.0999 0x13a0  Waiting for KSN requests completion. In queue: 51
21:01:59.0999 0x13a0  Waiting for KSN requests completion. In queue: 51
21:02:00.0941 0x0e78  Object send P2P result: true
21:02:00.0941 0x0e78  Object required for P2P: [ A1F58FFF448E4099297D6EE0641D4D0E ] dbupdatem
21:02:00.0999 0x13a0  Waiting for KSN requests completion. In queue: 50
21:02:02.0000 0x13a0  Waiting for KSN requests completion. In queue: 50
21:02:02.0523 0x1b38  Object send P2P result: true
21:02:02.0523 0x1b38  Object required for P2P: [ 9A1116015A5E62DCF2004DEB5687636E ] C:\Users\Petra\AppData\Roaming\Spotify\Spotify.exe
21:02:03.0000 0x13a0  Waiting for KSN requests completion. In queue: 40
21:02:04.0000 0x13a0  Waiting for KSN requests completion. In queue: 40
21:02:05.0000 0x13a0  Waiting for KSN requests completion. In queue: 40
21:02:05.0154 0x0e78  Object send P2P result: true
21:02:05.0299 0x1b38  Object send P2P result: true
21:02:06.0000 0x13a0  Waiting for KSN requests completion. In queue: 10
21:02:06.0999 0x021c  Object send P2P result: false
21:02:07.0000 0x13a0  Waiting for KSN requests completion. In queue: 6
21:02:08.0037 0x13a0  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
21:02:08.0039 0x13a0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41000 ( enabled : updated )
21:02:08.0055 0x13a0  Win FW state via NFP2: enabled ( trusted )
21:02:23.0215 0x13a0  ============================================================
21:02:23.0215 0x13a0  Scan finished
21:02:23.0215 0x13a0  ============================================================
21:02:23.0232 0x181c  Detected object count: 0
21:02:23.0232 0x181c  Actual detected object count: 0


Alt 19.04.2016, 16:51   #6
M-K-D-B
/// TB-Ausbilder
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Servus,


einen Grund wüsste ich schon, warum der Rechner einfrieren kann:

Zitat:
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
Bitte eine Antivirenprogramm deinstallieren.

Rechner neu starten.



Dann nochmal FRST:
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.
Alt 21.04.2016, 08:21   #7
overloaddani
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Petra (Administrator) auf PETRA-PC (21-04-2016 09:13:49)
Gestartet von C:\Users\Petra\Downloads
Geladene Profile: Petra (Verfügbare Profile: Petra)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Opera)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\System32\igfxTray.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Petra\AppData\Roaming\Spotify\SpotifyWebHelper.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
(CANON INC.) C:\Program Files (x86)\Canon\Quick Menu\CNQMSWCS.EXE
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [456808 2014-10-15] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6108752 2015-11-10] (AVAST Software)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1284680 2014-01-17] (CANON INC.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23248560 2016-04-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Run: [Spotify Web Helper] => C:\Users\Petra\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1525360 2016-04-15] (Spotify Ltd)
HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Run: [Spotify] => C:\Users\Petra\AppData\Roaming\Spotify\Spotify.exe [6855280 2016-04-15] (Spotify Ltd)
HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\MountPoints2: {ad5a0ae2-e912-11e4-9a0c-d050993dc38e} - E:\Msetup4.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-21] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.30.dll [2016-04-08] (Dropbox, Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 80.69.100.204 80.69.100.213
Tcpip\..\Interfaces\{005AEAC4-BE6F-4F93-B007-B770CE17E09E}: [DhcpNameServer] 80.69.100.204 80.69.100.213

Internet Explorer:
==================
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-426687572-1594056187-641312889-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-25] (Google Inc.)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-21] (AVAST Software)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-25] (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-23] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-12-25] (Google Inc.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-12-25] (Google Inc.)

FireFox:
========
FF ProfilePath: C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default
FF Homepage: hxxp://www.t-online.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1216156.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2011-11-30] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Extension: WOT - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2015-12-11]
FF Extension: Avira Browser Safety - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default\Extensions\abs@avira.com [2016-03-01]
FF Extension: Adblock Plus - C:\Users\Petra\AppData\Roaming\Mozilla\Firefox\Profiles\vk7i7jr3.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-23]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome: 
=======
CHR Profile: C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-15]
CHR Extension: (Google Drive) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-15]
CHR Extension: (YouTube) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-15]
CHR Extension: (Google-Suche) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-15]
CHR Extension: (Google Mail) - C:\Users\Petra\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-21]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-21]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-21] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-21] (Avast Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-01-24] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-01-19] (Digital Wave Ltd.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-15] (Intel Corporation)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-21] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-21] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-21] (AVAST Software)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-28] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-21] (AVAST Software)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-21] (Avast Software)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-21 09:13 - 2016-04-21 09:13 - 00018408 _____ C:\Users\Petra\Downloads\FRST.txt
2016-04-21 09:10 - 2016-04-21 09:10 - 00725304 _____ (Opera Software) C:\Users\Petra\Downloads\OperaSetup.exe
2016-04-21 09:10 - 2016-04-21 09:10 - 00003858 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1461222641
2016-04-21 09:10 - 2016-04-21 09:10 - 00001135 _____ C:\Users\Public\Desktop\Opera.lnk
2016-04-21 09:10 - 2016-04-21 09:10 - 00001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-04-21 09:10 - 2016-04-21 09:10 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Opera Software
2016-04-21 09:10 - 2016-04-21 09:10 - 00000000 ____D C:\Users\Petra\AppData\Local\Opera Software
2016-04-21 09:10 - 2016-04-21 09:10 - 00000000 ____D C:\Program Files (x86)\Opera
2016-04-21 09:03 - 2016-04-21 09:03 - 00000000 ____D C:\Windows\system32\appmgmt
2016-04-18 21:00 - 2016-04-18 21:17 - 00212408 _____ C:\TDSSKiller.3.1.0.9_18.04.2016_21.00.21_log.txt
2016-04-18 20:59 - 2016-04-18 20:59 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Petra\Downloads\tdsskiller.exe
2016-04-18 20:53 - 2016-04-21 09:13 - 00000000 ____D C:\FRST
2016-04-18 20:46 - 2016-04-18 20:46 - 02375680 _____ (Farbar) C:\Users\Petra\Downloads\FRST64.exe
2016-04-16 00:09 - 2016-04-16 00:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-04-13 21:06 - 2016-04-13 21:06 - 00002128 _____ C:\Users\Petra\Desktop\Picasa - CHIP Downloader.lnk
2016-04-13 21:03 - 2016-04-13 21:03 - 01475080 _____ C:\Users\Petra\Downloads\Picasa - CHIP-Installer.exe
2016-04-13 17:49 - 2016-04-04 20:14 - 00038120 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-13 17:49 - 2016-04-04 20:02 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-13 17:49 - 2016-04-02 15:08 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-13 17:49 - 2016-03-31 21:25 - 00394952 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-13 17:49 - 2016-03-31 20:41 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-13 17:49 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-13 17:49 - 2016-03-31 02:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-04-13 17:49 - 2016-03-31 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-04-13 17:49 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-13 17:49 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-13 17:49 - 2016-03-31 02:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-04-13 17:49 - 2016-03-31 02:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-04-13 17:49 - 2016-03-31 02:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-04-13 17:49 - 2016-03-31 02:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-04-13 17:49 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-13 17:49 - 2016-03-31 02:22 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-04-13 17:49 - 2016-03-31 02:21 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-04-13 17:49 - 2016-03-31 02:19 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-04-13 17:49 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-13 17:49 - 2016-03-31 02:17 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-04-13 17:49 - 2016-03-31 02:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-04-13 17:49 - 2016-03-31 02:17 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-04-13 17:49 - 2016-03-31 02:11 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-04-13 17:49 - 2016-03-31 02:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-04-13 17:49 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-13 17:49 - 2016-03-31 02:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-04-13 17:49 - 2016-03-31 02:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-04-13 17:49 - 2016-03-31 01:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-04-13 17:49 - 2016-03-31 01:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-04-13 17:49 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-13 17:49 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-13 17:49 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-13 17:49 - 2016-03-31 01:53 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-04-13 17:49 - 2016-03-31 01:52 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-04-13 17:49 - 2016-03-31 01:52 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-04-13 17:49 - 2016-03-31 01:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-04-13 17:49 - 2016-03-31 01:52 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-04-13 17:49 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-13 17:49 - 2016-03-31 01:48 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-04-13 17:49 - 2016-03-31 01:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-04-13 17:49 - 2016-03-31 01:46 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-13 17:49 - 2016-03-31 01:45 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-04-13 17:49 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-13 17:49 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-13 17:49 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-13 17:49 - 2016-03-31 01:42 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-04-13 17:49 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-13 17:49 - 2016-03-31 01:38 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-04-13 17:49 - 2016-03-31 01:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-04-13 17:49 - 2016-03-31 01:33 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-04-13 17:49 - 2016-03-31 01:31 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-04-13 17:49 - 2016-03-31 01:31 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-04-13 17:49 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-13 17:49 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-13 17:49 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-13 17:49 - 2016-03-31 01:29 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-04-13 17:49 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-13 17:49 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-13 17:49 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-13 17:49 - 2016-03-31 01:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-04-13 17:49 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-13 17:49 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-13 17:49 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-13 17:49 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-13 17:49 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-13 17:49 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-13 17:49 - 2016-03-29 19:53 - 03216896 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-13 17:49 - 2016-03-23 16:02 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-13 17:49 - 2016-03-18 01:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-13 17:49 - 2016-03-18 01:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-13 17:49 - 2016-03-18 01:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-13 17:49 - 2016-03-18 01:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-04-13 17:49 - 2016-03-18 01:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-13 17:49 - 2016-03-18 01:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-13 17:49 - 2016-03-18 00:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-04-13 17:49 - 2016-03-18 00:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2016-04-13 17:49 - 2016-03-18 00:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-04-13 17:49 - 2016-03-18 00:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-13 17:49 - 2016-03-18 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-04-13 17:49 - 2016-03-18 00:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-04-13 17:49 - 2016-03-18 00:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-04-13 17:49 - 2016-03-18 00:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-04-13 17:49 - 2016-03-18 00:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-04-13 17:49 - 2016-03-18 00:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-04-13 17:49 - 2016-03-18 00:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-04-13 17:49 - 2016-03-18 00:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-04-13 17:49 - 2016-03-18 00:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-04-13 17:49 - 2016-03-18 00:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-04-13 17:49 - 2016-03-18 00:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-04-13 17:49 - 2016-03-18 00:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-04-13 17:49 - 2016-03-18 00:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-04-13 17:49 - 2016-03-18 00:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-04-13 17:49 - 2016-03-18 00:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-04-13 17:49 - 2016-03-18 00:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-04-13 17:49 - 2016-03-18 00:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-04-13 17:49 - 2016-03-17 23:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2016-04-13 17:49 - 2016-03-17 23:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-04-13 17:49 - 2016-03-17 23:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-04-13 17:49 - 2016-03-17 23:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-04-13 17:49 - 2016-03-17 23:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-04-13 17:49 - 2016-03-17 23:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-04-13 17:49 - 2016-03-17 23:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-13 17:49 - 2016-03-17 23:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-13 17:49 - 2016-03-17 23:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-13 17:49 - 2016-03-17 23:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-04-13 17:49 - 2016-03-17 23:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-04-13 17:49 - 2016-03-17 23:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-04-13 17:49 - 2016-03-17 23:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-04-13 17:49 - 2016-03-17 23:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-04-13 17:49 - 2016-03-17 23:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-04-13 17:49 - 2016-03-17 23:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 23:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-13 17:49 - 2016-03-17 20:04 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-13 17:49 - 2016-03-16 20:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-13 17:49 - 2016-03-16 20:28 - 00176128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-13 17:49 - 2016-03-16 20:28 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-13 17:49 - 2016-03-16 02:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-13 17:49 - 2016-03-16 02:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-13 17:49 - 2016-03-16 01:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-13 17:49 - 2016-03-11 20:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-04-13 17:49 - 2016-03-11 20:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-04-13 17:49 - 2016-03-06 20:53 - 01885696 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-13 17:49 - 2016-03-06 20:53 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-04-13 17:49 - 2016-03-06 20:38 - 01240576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-13 17:49 - 2016-03-06 20:38 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-04-13 17:49 - 2016-02-05 20:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-04-13 17:49 - 2016-02-05 20:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-04-13 17:49 - 2016-02-05 19:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-04-13 17:49 - 2016-02-02 20:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-04-13 17:49 - 2016-01-21 02:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-04-13 17:49 - 2015-06-03 22:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-04-13 17:14 - 2016-04-13 21:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-04 17:55 - 2016-04-04 17:55 - 00008192 _____ C:\Windows\system32\config\userdiff
2016-04-04 16:45 - 2016-04-10 12:42 - 00031341 _____ C:\Windows\diagerr.xml
2016-04-04 16:45 - 2016-04-10 12:42 - 00028578 _____ C:\Windows\diagwrn.xml
2016-04-01 11:47 - 2016-04-01 11:47 - 07020776 _____ C:\Users\Petra\Downloads\E3-PRO-GAMING-V5-ASUS-0303.zip
2016-03-23 11:45 - 2016-04-10 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-23 11:45 - 2016-03-23 11:45 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-23 11:45 - 2016-03-23 11:45 - 00000000 ____D C:\Program Files\iTunes
2016-03-23 11:45 - 2016-03-23 11:45 - 00000000 ____D C:\Program Files\iPod
2016-03-23 11:45 - 2016-03-23 11:45 - 00000000 ____D C:\Program Files (x86)\iTunes

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-21 09:13 - 2016-02-29 18:15 - 00000000 ____D C:\Users\Petra\AppData\Local\Spotify
2016-04-21 09:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-21 09:09 - 2009-07-14 06:45 - 00020480 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-21 09:07 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2016-04-21 09:07 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2016-04-21 09:07 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-21 09:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-21 09:04 - 2015-01-14 21:32 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-21 09:02 - 2016-02-29 18:15 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Spotify
2016-04-21 09:02 - 2016-01-24 21:29 - 00000000 ___RD C:\Users\Petra\Dropbox
2016-04-21 09:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 00:09 - 2016-01-24 21:27 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-04-15 17:08 - 2016-01-24 21:27 - 00000000 ____D C:\Users\Petra\AppData\Local\Dropbox
2016-04-13 21:42 - 2009-07-14 06:45 - 00409832 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-13 21:41 - 2015-01-21 00:02 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-13 21:41 - 2015-01-15 00:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 21:26 - 2015-01-31 17:16 - 00000000 ____D C:\Windows\system32\MRT
2016-04-13 21:24 - 2015-01-31 17:16 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-13 17:48 - 2015-03-04 19:11 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-13 17:48 - 2015-03-04 19:11 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-13 17:48 - 2015-03-04 19:10 - 00000000 ____D C:\Users\Petra\AppData\Local\Adobe
2016-04-12 10:41 - 2015-01-15 00:00 - 00002187 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-10 19:09 - 2016-02-13 20:36 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-10 19:03 - 2015-01-14 20:59 - 00000000 ____D C:\Windows\Panther
2016-04-10 16:38 - 2016-01-24 21:00 - 00000000 ____D C:\Windows\de
2016-04-10 16:38 - 2016-01-24 20:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2016-04-10 16:38 - 2015-11-29 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6600 series Benutzerregistrierung
2016-04-10 16:38 - 2015-11-29 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG6600 series Manual
2016-04-10 16:38 - 2015-04-07 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HERMA
2016-04-10 16:38 - 2015-01-31 17:19 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2016-04-10 16:38 - 2015-01-31 17:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-04-10 16:38 - 2015-01-15 02:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-04-10 16:38 - 2015-01-15 02:16 - 00000000 ____D C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-10 16:38 - 2015-01-15 02:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-04-10 16:38 - 2015-01-15 02:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-04-10 16:38 - 2015-01-15 01:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-04-10 16:38 - 2015-01-15 00:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan
2016-04-10 16:38 - 2015-01-15 00:11 - 00000000 ____D C:\Windows\SysWOW64\vbox
2016-04-10 16:38 - 2015-01-15 00:11 - 00000000 ____D C:\Windows\system32\vbox
2016-04-10 16:38 - 2015-01-15 00:02 - 00000000 ____D C:\Program Files\Intel
2016-04-10 16:38 - 2015-01-14 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2016-04-10 16:38 - 2015-01-14 21:26 - 00000000 ____D C:\Users\Petra
2016-04-10 16:38 - 2015-01-14 21:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster
2016-04-10 16:38 - 2011-04-12 09:55 - 00000000 ____D C:\Windows\ShellNew
2016-04-10 16:38 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2016-04-10 16:38 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2016-04-10 16:38 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-04-10 16:38 - 2009-07-14 05:20 - 00000000 __RSD C:\Windows\Media
2016-04-10 16:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2016-04-10 16:38 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-04-10 12:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Registration
2016-04-10 10:36 - 2016-01-24 21:28 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-10 10:36 - 2016-01-24 21:28 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-10 10:36 - 2015-01-15 00:00 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-10 10:36 - 2015-01-15 00:00 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-09 20:14 - 2015-03-04 19:11 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-06 10:18 - 2010-11-21 05:27 - 00453280 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-05 16:41 - 2015-11-29 11:45 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-04-04 17:42 - 2016-01-24 21:28 - 00004318 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2016-04-04 17:42 - 2016-01-24 21:28 - 00004066 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2016-04-04 17:42 - 2015-03-04 19:11 - 00003932 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-04-04 17:42 - 2015-01-15 02:59 - 00004292 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-04-04 17:42 - 2015-01-15 00:00 - 00004216 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-04-04 17:42 - 2015-01-15 00:00 - 00003964 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-04-01 22:47 - 2016-01-24 20:07 - 00000000 ____D C:\Users\Petra\AppData\Roaming\DVDVideoSoft
2016-03-28 10:00 - 2015-03-17 01:04 - 00000000 ____D C:\Users\Petra\Desktop\Daniel Unterlagen CU
2016-03-28 09:59 - 2015-07-04 00:14 - 00000000 ____D C:\Users\Petra\Desktop\Jona
2016-03-24 02:02 - 2015-04-07 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-03-24 02:02 - 2015-04-07 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2016-03-23 11:45 - 2016-02-05 15:52 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-03-03 09:34 - 2016-03-03 09:34 - 0000000 ____H () C:\Users\Petra\AppData\Local\BIT6417.tmp
2015-01-22 15:28 - 2015-01-22 15:28 - 0000017 _____ () C:\Users\Petra\AppData\Local\resmon.resmoncfg
2016-03-03 09:33 - 2016-03-03 09:34 - 0000000 _____ () C:\Users\Petra\AppData\Local\{26507179-4002-409E-9BBF-50EC2A218965}

Einige Dateien in TEMP:
====================
C:\Users\Petra\AppData\Local\Temp\avgnt.exe
C:\Users\Petra\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Petra\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Petra\AppData\Local\Temp\ose00000.exe
C:\Users\Petra\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Petra\AppData\Local\Temp\sfextra.dll
C:\Users\Petra\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-03-29 14:30

==================== Ende von FRST.txt ============================

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Petra (2016-04-21 09:14:05)
Gestartet von C:\Users\Petra\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-01-14 19:26:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-426687572-1594056187-641312889-500 - Administrator - Disabled)
Gast (S-1-5-21-426687572-1594056187-641312889-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-426687572-1594056187-641312889-1002 - Limited - Enabled)
Petra (S-1-5-21-426687572-1594056187-641312889-1000 - Administrator - Enabled) => C:\Users\Petra

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.6.156 - Adobe Systems, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon MG6600 series Benutzerregistrierung (HKLM-x32\...\Canon MG6600 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MG6600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6600_series) (Version: 1.00 - Canon Inc.)
Canon MG6600 series On-screen Manual (HKLM-x32\...\Canon MG6600 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.4.0 - Canon Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.18.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden
EtikettenAssistent 4.2 (HKLM-x32\...\{9AEF64B1-79A5-4E2F-8FBC-4CA89ECD3595}) (Version: 4.2.1 - HERMA)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7210.1528 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Intel(R) Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 de)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 31.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.4.0 (x86 de)) (Version: 31.4.0 - Mozilla)
Mozilla Thunderbird 38.4.0 (x86 de) (HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Mozilla Thunderbird 38.4.0 (x86 de)) (Version: 38.4.0 - Mozilla)
Opera Stable 36.0.2130.65 (HKLM-x32\...\Opera 36.0.2130.65) (Version: 36.0.2130.65 - Opera Software)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\Spotify) (Version: 1.0.27.75.gdc223232 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUS_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUS_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUS_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUS_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-426687572-1594056187-641312889-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {039476FC-067E-4073-B2CE-5FB8A9A2DE30} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-24] (Dropbox, Inc.)
Task: {05D8A34E-CC22-40A3-A358-46135FB0FE39} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-21] (AVAST Software)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> Keine Datei <==== ACHTUNG
Task: {30B9C590-E4E7-45EB-9B50-25507FC47B13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {76E12543-B21E-4FA8-8CCB-91EC974F0A2B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {85094D92-966F-4F20-8CF3-C198A9AC7BB2} - System32\Tasks\Opera scheduled Autoupdate 1461222641 => C:\Program Files (x86)\Opera\launcher.exe [2016-04-11] (Opera Software)
Task: {86AD5ADE-69A2-468C-87D8-FAE524FA71FF} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> Keine Datei <==== ACHTUNG
Task: {C01E510E-A55B-42B2-8229-EEF795597D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> Keine Datei <==== ACHTUNG
Task: {E356BE6B-5A1E-4F82-BC3F-925CAC98B2BE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-13] (Adobe Systems Incorporated)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> Keine Datei <==== ACHTUNG
Task: {FBF88356-2E04-45D8-BFD7-1AF6523AAF05} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-01-24] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-15 00:18 - 2014-10-15 13:56 - 00456808 _____ () C:\Windows\System32\igfxTray.exe
2015-11-29 11:54 - 2013-06-28 17:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2015-07-21 10:31 - 2015-07-21 10:31 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-21 10:31 - 2015-07-21 10:31 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-04-21 09:00 - 2016-04-21 09:00 - 02890240 _____ () C:\Program Files\AVAST Software\Avast\defs\16042003\algo.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-01-24 20:07 - 2016-01-19 05:02 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-07-21 10:31 - 2015-07-21 10:31 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-01-24 21:28 - 2016-03-21 23:50 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-04-16 00:09 - 2016-03-21 23:51 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-04-16 00:09 - 2016-03-21 23:50 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-01-24 21:28 - 2016-03-21 23:50 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-01-24 21:28 - 2016-03-21 23:50 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-01-24 21:28 - 2016-04-08 20:20 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-04-16 00:09 - 2016-03-21 23:50 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-01-24 21:28 - 2016-04-08 20:20 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-01-24 21:28 - 2016-03-21 23:50 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-01-24 21:28 - 2016-03-21 23:51 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-01-24 21:28 - 2016-04-08 20:20 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2016-04-16 00:09 - 2016-03-21 23:52 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2016-01-24 21:28 - 2016-04-08 20:20 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2016-01-24 21:28 - 2016-03-21 23:50 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-04-16 00:09 - 2016-03-21 23:50 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-04-16 00:09 - 2016-03-21 23:51 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-04-16 00:09 - 2016-03-21 23:52 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-04-16 00:09 - 2016-04-08 20:19 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-01-24 21:28 - 2016-03-21 23:52 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-11 11:37 - 2016-04-08 20:20 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-04-16 00:09 - 2016-04-08 20:19 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-04-16 00:09 - 2016-04-08 20:20 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-01-24 21:28 - 2016-03-21 23:51 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-04-16 00:09 - 2016-03-21 23:54 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2016-04-16 00:09 - 2016-03-21 23:54 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2016-01-24 21:28 - 2016-04-08 20:20 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-04-16 00:09 - 2016-04-08 20:20 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-01-24 21:28 - 2016-03-21 23:56 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [119]
AlternateDataStreams: C:\Users\Petra\Desktop\2016-03-31 17.08.25.jpg:com.dropbox.attributes [309]
AlternateDataStreams: C:\Users\Petra\Desktop\2scan.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\2scan.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt1.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt1.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt2.jpeg.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt2.jpeg.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt3.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\anwalt3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\Bescheinigung.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\Bescheinigung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\versicherung.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\versicherung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
AlternateDataStreams: C:\Users\Petra\Desktop\Zuzahlung.jpeg:3or4kl4x13tuuug3Byamue2s4b [79]
AlternateDataStreams: C:\Users\Petra\Desktop\Zuzahlung.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-426687572-1594056187-641312889-1000\...\1001movie.com -> 1001movie.com

Da befinden sich 6091 mehr Seiten.


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-426687572-1594056187-641312889-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Petra\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.69.100.204 - 80.69.100.213
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{272640E5-6C26-40AF-972C-5B57FAE25943}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{74D882BE-8437-4E11-9D71-4A5FE4855F7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{CE83FDC9-5AEC-409B-BC45-FE8F791D41E7}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CCC38767-4BEF-450A-BB74-1A6C0CCBF06E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DB95F496-C56B-4D83-B5EB-57D76F614FF6}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{58F8EE83-455F-4C03-A92C-EF0021A9855F}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{136318AE-8ACC-498B-8D3C-7F9C6CB8E3BC}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F8C77348-27DA-4AA8-AE73-8A01CE7A7DBE}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{A2BE7B64-2EE7-454C-82BE-F03FA0A9CB87}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9739DB89-0B29-4E3C-ABBA-6F3057FC80F9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB3B1A40-3B40-4665-9A11-AA51C44533B2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3EF3878F-03D7-410F-85C9-76CBD209BB02}] => (Allow) LPort=2869
FirewallRules: [{E1803B20-8405-41C8-BD4D-8BC0FB4F7E98}] => (Allow) LPort=1900
FirewallRules: [{51C6A758-E2FC-4B4F-90B5-86F16B0442B8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B1924D7F-0EDF-4566-A737-23FD7F74D88D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CDCD3924-3B85-4BE4-872E-5C8F1481B9D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5656B94E-BEF1-42E5-BCC6-1D08F1106285}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8A3330BC-7050-44AB-8F87-5C6500FFBB5B}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0C9E1F23-7063-4374-AFF2-C470C8F4CD3B}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8AE6A0DA-D281-4A71-9156-68A877B7407C}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{40163756-E3F5-43C7-BD20-7793CC692F72}C:\users\petra\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petra\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9226744D-F4CB-44AA-BED5-7B2FB93BFD94}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F2A77047-2D6C-40CE-B791-25B399FB6FC4}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F5C23CF9-773F-4292-87F2-BBD2914B07C9}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

13-04-2016 21:22:40 Windows Update
21-04-2016 09:03:47 Removed Avira Browser Safety
21-04-2016 09:05:38 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/21/2016 09:02:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/21/2016 09:00:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/19/2016 03:44:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 10:10:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 08:42:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/18/2016 05:32:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/16/2016 11:56:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 05:07:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 04:47:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/15/2016 11:30:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (04/21/2016 09:02:35 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/21/2016 08:59:58 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/19/2016 03:44:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/18/2016 10:10:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/18/2016 08:42:31 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/18/2016 05:32:20 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/16/2016 11:56:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/16/2016 12:08:36 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {96D1EED3-701E-4FE5-B996-A543A8465897}

Error: (04/15/2016 05:07:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
cdrom

Error: (04/15/2016 05:06:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎15.‎04.‎2016 um 17:05:02 unerwartet heruntergefahren.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 7845.08 MB
Verfügbarer physikalischer RAM: 4875.22 MB
Summe virtueller Speicher: 15688.34 MB
Verfügbarer virtueller Speicher: 12143.01 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:238.38 GB) (Free:163.75 GB) NTFS
Drive d: (Lokaler Datenträger) (Fixed) (Total:931.51 GB) (Free:756.29 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 4DC26C84)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BBCDD72E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Würde auch etwa vom Zeitraum passen, Avira war erst seit Anfang März installiert, wahrscheinlich von meinem kleinen Bruder.

Avira ist nun deinstalliert. Gleichzeitig habe ich meiner Mutter dazu geraten einen alternativen Browser zu verwenden. Aktuell tendiere ich zu Opera, ist der nach wie vor zu empfehlen?

Alt 21.04.2016, 13:45   #8
M-K-D-B
/// TB-Ausbilder
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Zitat:
Zitat von overloaddani Beitrag anzeigen
Avira ist nun deinstalliert. Gleichzeitig habe ich meiner Mutter dazu geraten einen alternativen Browser zu verwenden. Aktuell tendiere ich zu Opera, ist der nach wie vor zu empfehlen?
Ja.

Sollen wir noch ein paar Kontrollsuchläufe durchführen?

Alt 24.04.2016, 15:10   #9
M-K-D-B
/// TB-Ausbilder
 
PC extrem langsam, friert ein - Standard

PC extrem langsam, friert ein


Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen.

Antwort

Themen zu PC extrem langsam, friert ein
aufgrund, bruder, einfach, explorer, extrem, extrem langsam, friert, friert ein, gekauft, guten, hilft, kleiner, langsam, laptops, mozilla, mutter, natürlich, pc extrem langsam, probleme, schei, seitdem, woran, überhaupt, öfters


« Benutzerkonto erstellt sich immer wieder neu | löschen bitte »


Ähnliche Themen: PC extrem langsam, friert ein


  1. Medion Akoya E1318T startet langsam, läuft langsam, hängt, Bildschirm friert ein, Bluescreen, Blackscreen
    Plagegeister aller Art und deren Bekämpfung - 24.02.2016 (8)
  2. Win7 - Rechner extrem langsam und friert teilweise ein
    Log-Analyse und Auswertung - 27.12.2015 (7)
  3. PC friert ein, ist extrem langsam und meldet Script Fehler
    Plagegeister aller Art und deren Bekämpfung - 04.10.2015 (10)
  4. Windows 8: automatische Updatefunktion in den Diensten fehlt, Rechner friert gelegentlich ein/wird extrem langsam
    Log-Analyse und Auswertung - 07.07.2015 (1)
  5. Startleiste friert ein, Taskleiste dann unbrauchbar, + Rechner braucht beim Herunterfahren extrem lange
    Log-Analyse und Auswertung - 23.11.2014 (3)
  6. Pc sehr langsam und friert oft ein!
    Log-Analyse und Auswertung - 11.10.2014 (14)
  7. Netbook fährt extrem langsam hoch und auch die Programme laden langsam
    Log-Analyse und Auswertung - 29.07.2014 (19)
  8. Bidschirm friert ein und langsam!
    Plagegeister aller Art und deren Bekämpfung - 02.04.2014 (11)
  9. Pc friert ein und hängt extrem oft
    Log-Analyse und Auswertung - 04.12.2013 (49)
  10. Rechner (Internet) extrem langsam langsam und hackelig!Leerlaufprozess Task Manager ständig zw. 70-98 %
    Plagegeister aller Art und deren Bekämpfung - 11.04.2013 (17)
  11. Notebook friert unregelmäßig ein oder ist extrem träge
    Log-Analyse und Auswertung - 23.06.2011 (26)
  12. Rechner ist so langsam wie nie und friert oft ein!
    Log-Analyse und Auswertung - 26.05.2011 (40)
  13. Rechner extrem langsam - Internetseitenaufbau langsam/ ladehemmungen
    Log-Analyse und Auswertung - 21.07.2010 (1)
  14. Pc langsam und friert ein
    Alles rund um Windows - 30.06.2010 (10)
  15. System langsam, PC friert ein
    Log-Analyse und Auswertung - 29.07.2007 (26)
  16. IE langsam und friert ein!!
    Plagegeister aller Art und deren Bekämpfung - 30.08.2006 (3)
  17. Beide Computer langsam - einer nach 3 Minuten sogar extrem langsam
    Log-Analyse und Auswertung - 09.06.2006 (7)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema PC extrem langsam, friert ein - Guten Tag, nachdem ich für meine Mutter vor etwas über einem Jahr einen PC gekauft habe, die meiste Zeit auch alles gut war, häufen sich die Probleme, seitdem mein kleiner - PC extrem langsam, friert ein...
Archiv
Du betrachtest: PC extrem langsam, friert ein auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129