Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Internet sehr langsam

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.10.2014, 10:25   #1
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



Hallo,

mein Internet ist manchmal ziemlcih langsam. Es werden nichtmal die Youtube Videos geladen.
Ich habe eine 16k Leitung. Hoffe ihr könnt mir helfen

Danke shconmal im vorraus.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Katharina (administrator) on HEIM on 25-10-2014 09:48:32
Running from C:\Users\Katharina\Desktop
Loaded Profile: Katharina (Available profiles: Katharina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(BitTorrent Inc.) C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2012-11-10] (Realtek Semiconductor)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [uTorrent] => C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe [1045072 2014-10-16] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2014-10-24]

Chrome: 
=======
CHR HomePage: Default -> file:///C:/Users/Nina/Desktop/Meine%20Seite/Meine%20Seite%203.4/Alex%20ich%20liebe%20Dich.html
CHR StartupUrls: Default -> "file:///C:/Users/Katharina/Desktop/mama/Katharina/Desktop/Meine%20Seite%203.4/ti%20durak,%20alex.html"
CHR Profile: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-16]
CHR Extension: (Google Docs) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-10-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-16]
CHR Extension: (YouTube) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-16]
CHR Extension: (Adblock Plus) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-16]
CHR Extension: (Google-Suche) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-16]
CHR Extension: (Google Tabellen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-16]
CHR Extension: (Uhr) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-10-16]
CHR Extension: (Avast Online Security) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-16]
CHR Extension: (IP-Adresse) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-16]
CHR Extension: (Google Mail) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-10-18]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-23] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-10-16] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20141022.002\IDSvia64.sys [633560 2014-10-15] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141022.003\ENG64.SYS [129752 2014-10-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141022.003\EX64.SYS [2137304 2014-10-16] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-10-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 09:48 - 2014-10-25 09:49 - 00015052 _____ () C:\Users\Katharina\Desktop\FRST.txt
2014-10-25 09:48 - 2014-10-25 09:48 - 00000000 ____D () C:\FRST
2014-10-25 09:47 - 2014-10-25 09:48 - 00000000 ____D () C:\Users\Katharina\Desktop\erste hilfe 2
2014-10-25 09:47 - 2014-10-24 22:17 - 02112000 _____ (Farbar) C:\Users\Katharina\Desktop\FRST64.exe
2014-10-24 21:06 - 2014-10-24 21:06 - 00011633 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264153.torrent
2014-10-24 20:57 - 2014-10-24 20:57 - 00015409 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264305.torrent
2014-10-24 20:55 - 2014-10-24 20:55 - 00014485 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id553857.torrent
2014-10-24 19:03 - 2014-10-24 19:04 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-10-24 19:02 - 2014-10-24 19:02 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-23 11:19 - 2014-10-23 11:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-23 10:49 - 2014-10-25 08:25 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 10:49 - 2014-10-23 10:49 - 00000000 __SHD () C:\Recovery
2014-10-23 10:48 - 2014-10-23 10:48 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00000000 ____D () C:\Windows.old
2014-10-23 10:47 - 2014-10-23 10:47 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-23 10:47 - 2014-10-23 10:47 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-23 10:47 - 2014-10-23 10:47 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-23 10:46 - 2014-10-23 10:46 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-23 10:44 - 2014-10-23 10:44 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\inetpub
2014-10-23 10:40 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-23 10:40 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-23 10:29 - 2014-10-23 10:29 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-10-23 10:23 - 2014-10-23 10:23 - 00001452 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-23 10:23 - 2014-10-23 10:23 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-10-23 10:17 - 2014-10-25 09:48 - 02049222 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-10-23 10:16 - 2014-10-23 10:16 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-23 10:07 - 2014-10-23 10:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-10-23 10:02 - 2014-10-23 10:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-23 10:01 - 2014-10-23 10:23 - 00000000 ____D () C:\Users\Katharina
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-10-23 09:55 - 2014-10-23 10:02 - 00012096 _____ () C:\WINDOWS\iis.log
2014-10-23 09:55 - 2014-10-23 09:55 - 01914374 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-23 09:52 - 2014-10-23 09:52 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\Realtek
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-10-23 08:54 - 2014-10-23 10:16 - 00006678 _____ () C:\WINDOWS\comsetup.log
2014-10-18 16:01 - 2014-06-24 09:35 - 00010450 _____ () C:\WINDOWS\system32\autoconfig.cab
2014-10-18 15:12 - 2014-10-18 15:12 - 00000000 ____D () C:\sources
2014-10-17 13:05 - 2014-10-17 13:05 - 00021532 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1159792.torrent
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56277235.txt
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56271198.txt
2014-10-17 12:55 - 2014-10-17 12:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56190140.txt
2014-10-17 12:52 - 2014-10-17 12:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56010832.txt
2014-10-17 01:11 - 2014-10-17 01:11 - 00000000 ____D () C:\ProgramData\Recovery
2014-10-16 21:14 - 2014-10-16 21:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 21:13 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 20:38 - 2014-10-16 20:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-50575.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-49951.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-48937.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-59732.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000136 _____ () C:\WINDOWS\system32\netcfg-53586.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000134 _____ () C:\WINDOWS\system32\netcfg-51698.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000128 _____ () C:\WINDOWS\system32\netcfg-60434.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-69841.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-69264.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-68016.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-76487.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-666093.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-665781.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-516300.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-513633.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-487783.txt
2014-10-16 19:44 - 2014-10-16 19:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-485053.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-363217.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-360112.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-358365.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-357367.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-352421.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-79420.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-78764.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-77563.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-89029.txt
2014-10-16 19:26 - 2014-10-16 19:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6208574.txt
2014-10-16 19:16 - 2014-10-16 19:16 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-10-16 19:09 - 2014-10-24 21:28 - 00000000 ____D () C:\Users\Katharina\Desktop\Kinozal
2014-10-16 18:20 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-16 17:54 - 2014-10-16 17:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Hewlett-Packard
2014-10-16 17:45 - 2014-10-16 17:57 - 00000000 ____D () C:\Users\Katharina\Downloads\Top 25 Country Songs of Faith (2014) MP3
2014-10-16 17:30 - 2014-10-16 17:30 - 00020545 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1263336.torrent
2014-10-16 17:27 - 2014-10-16 17:27 - 00000905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-16 17:27 - 2014-10-16 17:27 - 00000881 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-10-16 17:26 - 2014-10-25 09:48 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\uTorrent
2014-10-16 17:24 - 2014-10-24 20:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\tor
2014-10-16 17:16 - 2014-10-23 10:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-16 17:16 - 2014-10-16 17:16 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-10-16 17:15 - 2014-10-16 17:15 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-10-16 17:12 - 2014-10-16 17:12 - 00000000 ____D () C:\Users\Katharina\Desktop\OpenOffice 4.1.1 (de) Installation Files
2014-10-16 17:09 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-10-16 17:09 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-10-16 17:08 - 2014-10-16 17:08 - 164858324 _____ () C:\Users\Katharina\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-10-16 17:03 - 2014-10-25 09:46 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Skype
2014-10-16 17:03 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 17:02 - 2014-10-16 17:02 - 01677920 _____ (Skype Technologies S.A.) C:\Users\Katharina\Downloads\SkypeSetup.exe
2014-10-16 16:24 - 2014-10-16 16:24 - 00000088 _____ () C:\WINDOWS\system32\netcfg-3215726.txt
2014-10-16 16:23 - 2014-10-16 16:23 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3206241.txt
2014-10-16 16:15 - 2014-10-23 10:14 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 16:15 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 16:14 - 2014-10-25 09:19 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:14 - 2014-10-25 08:23 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Google
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-16 16:14 - 2014-10-16 16:14 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-16 16:14 - 2014-10-16 16:14 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 16:13 - 2014-10-16 16:13 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Apps\2.0
2014-10-16 15:53 - 2014-10-16 15:53 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-10-16 15:50 - 2013-06-14 19:08 - 01045072 _____ (BitTorrent Inc.) C:\Users\Katharina\Desktop\utorrent.exe
2014-10-16 15:50 - 2011-02-25 00:05 - 02180096 _____ () C:\Users\Katharina\Desktop\tor.exe
2014-10-16 15:47 - 2014-10-24 07:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-702799559-3439042313-1217037743-1001
2014-10-16 15:46 - 2014-10-16 15:46 - 00000000 ____D () C:\Users\Katharina\Desktop\mama
2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\ATI
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Local\ATI
2014-10-16 15:41 - 2014-10-16 15:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-16 15:40 - 2014-10-23 10:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-10-16 15:40 - 2013-04-13 07:27 - 00002227 _____ () C:\Users\Public\Desktop\Snapfish Fotos.lnk
2014-10-16 15:40 - 2013-04-13 07:27 - 00002195 _____ () C:\Users\Public\Desktop\eBay.lnk
2014-10-16 15:38 - 2014-10-17 13:52 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Hewlett-Packard
2014-10-16 15:38 - 2014-10-16 15:38 - 00000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-10-16 15:37 - 2014-10-23 10:28 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Power2Go8
2014-10-16 15:36 - 2014-10-23 09:31 - 01525485 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-16 15:36 - 2013-04-13 06:40 - 00000000 ___HD () C:\Users\Katharina\Documents\hp.system.package.metadata
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-326042.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-322906.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-316338.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283703.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283516.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-280271.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-279226.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275528.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275372.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-274468.txt
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 09:47 - 2013-08-22 16:46 - 00292174 _____ () C:\WINDOWS\setupact.log
2014-10-25 09:39 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-25 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-24 21:17 - 2014-09-24 08:17 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-24 21:17 - 2014-09-24 07:43 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-24 21:17 - 2014-09-24 07:43 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-24 19:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-24 19:02 - 2013-04-13 06:43 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-24 19:02 - 2013-04-13 06:40 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-23 11:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-23 10:48 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-23 10:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-23 10:41 - 2013-08-22 13:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-10-23 10:41 - 2013-08-22 13:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-10-23 10:41 - 2013-08-22 13:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 12:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-10-23 10:41 - 2013-08-22 05:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-10-23 10:41 - 2013-08-22 05:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-10-23 10:41 - 2013-08-22 05:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 04:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-10-23 10:23 - 2013-04-13 07:31 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-10-23 10:23 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-23 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 10:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-23 10:17 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-10-23 10:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-23 10:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-23 10:10 - 2013-08-22 16:44 - 00377408 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-23 10:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-23 10:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-23 10:09 - 2013-04-13 07:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-10-23 10:09 - 2013-04-13 07:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-10-23 10:09 - 2013-04-13 07:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-10-23 10:09 - 2013-04-13 06:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-23 10:07 - 2013-08-22 17:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-23 10:07 - 2013-04-13 06:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-23 10:07 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-23 10:06 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-23 10:06 - 2012-08-10 17:06 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-23 10:05 - 2013-04-13 06:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-10-23 10:05 - 2013-04-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-10-23 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-23 09:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-23 09:50 - 2014-09-23 23:06 - 00002482 _____ () C:\WINDOWS\PFRO.log
2014-10-23 08:49 - 2014-09-24 17:19 - 00000000 ___HD () C:\$Windows.~BT
2014-10-23 08:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-21 08:32 - 2013-04-13 07:31 - 00002503 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-10-21 08:32 - 2013-04-13 07:30 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-10-17 20:26 - 2013-04-13 07:31 - 00177312 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-10-17 20:26 - 2013-04-13 07:31 - 00007631 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-10-16 15:40 - 2013-04-13 07:27 - 00000000 ___RD () C:\Program Files\Online Services
2014-10-16 15:40 - 2013-04-13 06:55 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-10-16 15:40 - 2012-12-03 19:57 - 00000000 _RSHD () C:\hp
2014-10-16 15:40 - 2012-10-12 05:24 - 00000000 ____D () C:\SWSETUP
2014-10-16 15:40 - 2012-10-12 05:21 - 00000000 _RSHD () C:\SYSTEM.SAV
2014-10-16 15:37 - 2013-04-13 07:30 - 00000000 ____D () C:\ProgramData\Norton

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-23 09:50

==================== End Of Log ============================
         
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Katharina at 2014-10-25 09:51:33
Running from C:\Users\Katharina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29677 - BitTorrent Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{069BB058-4ED8-D4FC-CA8D-9B44344E8338}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5630 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4605 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.7.4605 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-10-2014 09:18:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {025FA17A-3460-4390-928E-CA99E27F8462} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F08F4B5-FE4C-40FE-8919-34DBFB68C5AE} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {1A79384A-5E3C-4D63-B40E-260059B0BEEB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {302DB300-7136-4FC0-8182-C41205F89CDD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D0E6EEE-FE26-4CF2-9F34-4B013DE165FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D3CE21F-A31B-4A60-9CC6-8D69E7067F4D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {50F5C122-831C-4B7D-AEAD-F52A776322AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {61FAF8BC-AD04-4419-B99B-4A057F43EAA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {6A419B1E-C0C9-4EFB-9D71-924C43739F65} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AE3D893-F562-4D35-867D-64E033EA04FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {6B049B28-BEB3-4D06-A582-838FFC44CFD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6FE36B01-F6A4-4AE0-9E15-1F43A9C9CB68} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77BF4E9F-9F08-406E-845D-BD362148A6F6} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {80BFB5FE-82F5-4AC4-BF04-90D1EE7BAEBE} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B2D1A9F9-6572-41F2-85C6-90C141D67E01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C8E9F645-8C5E-44CC-ABB3-FFFAFEEEC078} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D420007B-EC18-4DC3-ABFA-54BB1BC6B844} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB30CB6B-8CBD-437D-8961-63EE0FDDB8A1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FE551AA5-05F0-4767-95CE-44B986671F13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-12 18:22 - 2012-10-12 18:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-10-18 16:30 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
2013-04-13 07:05 - 2012-06-08 05:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-16 16:15 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-702799559-3439042313-1217037743-500 - Administrator - Disabled)
Gast (S-1-5-21-702799559-3439042313-1217037743-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-702799559-3439042313-1217037743-1005 - Limited - Enabled)
Katharina (S-1-5-21-702799559-3439042313-1217037743-1001 - Administrator - Enabled) => C:\Users\Katharina

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/23/2014 11:18:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02
Name des fehlerhaften Moduls: MSI8295.tmp, Version: 2.0.0.9, Zeitstempel: 0x4d4b089c
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00019d88
ID des fehlerhaften Prozesses: 0x20
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5

Error: (10/23/2014 10:24:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02
Name des fehlerhaften Moduls: MSI99F0.tmp, Version: 2.0.0.9, Zeitstempel: 0x4d4b089c
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00019d88
ID des fehlerhaften Prozesses: 0x6c4
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5

Error: (10/23/2014 09:17:47 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (10/23/2014 07:33:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WWAHost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 588

Startzeit: 01cfee82df8d54b0

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\WWAHost.exe

Berichts-ID: 273ac140-5a76-11e4-be78-7054d29664eb

Vollständiger Name des fehlerhaften Pakets: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Windows.Store

Error: (10/23/2014 07:33:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Heim)
Description: Die App „winstore_cw5n1h2txyewy!Windows.Store“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz   konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet.   0x0.

Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Kontext:  Anwendung, SystemIndex Katalog

Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.

Error: (10/21/2014 08:53:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (10/21/2014 07:17:20 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (1900) Versuch, Datei "C:\Users\Katharina\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.


System errors:
=============
Error: (10/24/2014 07:20:59 AM) (Source: DCOM) (EventID: 10010) (User: Heim)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (10/24/2014 07:20:28 AM) (Source: DCOM) (EventID: 10010) (User: Heim)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (10/23/2014 10:17:17 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.

Error: (10/23/2014 10:16:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2014 10:16:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2014 10:16:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2014 10:16:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2014 10:16:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2014 10:16:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (10/23/2014 10:16:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


Microsoft Office Sessions:
=========================
Error: (10/23/2014 11:18:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1638452158c02MSI8295.tmp2.0.0.94d4b089cc000000d00019d882001cfeea23ff59d3ac:\Windows\syswow64\MsiExec.exeC:\WINDOWS\Installer\MSI8295.tmp815b26b1-5a95-11e4-8251-7054d29664eb

Error: (10/23/2014 10:24:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1638452158c02MSI99F0.tmp2.0.0.94d4b089cc000000d00019d886c401cfee9ac067c332c:\Windows\syswow64\MsiExec.exeC:\WINDOWS\Installer\MSI99F0.tmp1344568d-5a8e-11e4-8251-7054d29664eb

Error: (10/23/2014 09:17:47 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (10/23/2014 07:33:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WWAHost.exe6.2.9200.1642058801cfee82df8d54b04294967295C:\Windows\System32\WWAHost.exe273ac140-5a76-11e4-be78-7054d29664ebwinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store

Error: (10/23/2014 07:33:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Heim)
Description: winstore_cw5n1h2txyewy!Windows.Store

Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet.   0x0

Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext:  Anwendung, SystemIndex Katalog

Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: 

Error: (10/21/2014 08:53:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8

Error: (10/21/2014 07:17:20 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex1900C:\Users\Katharina\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.


==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 36%
Total physical RAM: 5715.87 MB
Available physical RAM: 3622.08 MB
Total Pagefile: 6115.87 MB
Available Pagefile: 4292.41 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.02 GB) (Free:781.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.58 GB) (Free:1.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70FCAD0D)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.10.2014
Suchlauf-Zeit: 09:59:27
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.25.01
Rootkit Datenbank: v2014.10.22.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Katharina

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332272
Verstrichene Zeit: 20 Min, 59 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 25/10/2014 um 09:59:57
# Aktualisiert 20/10/2014 von Xplode
# Datenbank : 2014-10-23.2
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Katharina - HEIM
# Gestartet von : C:\Users\Katharina\Desktop\erste hilfe 2\2 ADW cleaner\AdwCleaner_4.001.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [6031 octets] - [25/10/2014 09:59:57]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6091 octets] ##########
         

Alt 25.10.2014, 10:51   #2
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!





Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 25.10.2014, 11:05   #3
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



Code:
ATTFilter
12:02:51.0114 0x0c48  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:02:51.0115 0x0c48  UEFI system
12:03:06.0572 0x0c48  ============================================================
12:03:06.0572 0x0c48  Current date / time: 2014/10/25 12:03:06.0572
12:03:06.0572 0x0c48  SystemInfo:
12:03:06.0572 0x0c48  
12:03:06.0572 0x0c48  OS Version: 6.3.9600 ServicePack: 0.0
12:03:06.0572 0x0c48  Product type: Workstation
12:03:06.0572 0x0c48  ComputerName: HEIM
12:03:06.0572 0x0c48  UserName: Katharina
12:03:06.0572 0x0c48  Windows directory: C:\WINDOWS
12:03:06.0572 0x0c48  System windows directory: C:\WINDOWS
12:03:06.0572 0x0c48  Running under WOW64
12:03:06.0572 0x0c48  Processor architecture: Intel x64
12:03:06.0572 0x0c48  Number of processors: 2
12:03:06.0572 0x0c48  Page size: 0x1000
12:03:06.0572 0x0c48  Boot type: Normal boot
12:03:06.0572 0x0c48  ============================================================
12:03:07.0166 0x0c48  KLMD registered as C:\WINDOWS\system32\drivers\74504461.sys
12:03:08.0385 0x0c48  System UUID: {FBADE9E7-129E-C87E-A2A7-8999EF5570F2}
12:03:09.0244 0x0c48  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:03:09.0275 0x0c48  ============================================================
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0:
12:03:09.0275 0x0c48  GPT partitions:
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6A4C53B9-57D5-4B88-A622-A83C1127BD7F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5382BF64-B2DF-41D5-8EEB-1C66ACB2DE82}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DEF5A80F-6412-4D82-AFAE-3EC2762D9326}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C3780642-F72B-485F-A40D-AF714B188AA0}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x72C08000
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7FA33E15-6B06-468B-A295-070BCDB7F27F}, Name: , StartLBA 0x72EFC000, BlocksNum 0xE1000
12:03:09.0275 0x0c48  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7399D4EA-58FA-4E21-A41D-8C65E8F4AF32}, Name: Basic data partition, StartLBA 0x72FDD000, BlocksNum 0x1729800
12:03:09.0275 0x0c48  MBR partitions:
12:03:09.0275 0x0c48  ============================================================
12:03:09.0290 0x0c48  C: <-> \Device\Harddisk0\DR0\Partition4
12:03:09.0322 0x0c48  D: <-> \Device\Harddisk0\DR0\Partition6
12:03:09.0322 0x0c48  ============================================================
12:03:09.0322 0x0c48  Initialize success
12:03:09.0322 0x0c48  ============================================================
12:03:14.0953 0x1384  ============================================================
12:03:14.0953 0x1384  Scan started
12:03:14.0953 0x1384  Mode: Manual; 
12:03:14.0953 0x1384  ============================================================
12:03:14.0953 0x1384  KSN ping started
12:03:17.0517 0x1384  KSN ping finished: true
12:03:20.0050 0x1384  ================ Scan system memory ========================
12:03:20.0051 0x1384  System memory - ok
12:03:20.0052 0x1384  ================ Scan services =============================
12:03:20.0351 0x1384  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
12:03:20.0351 0x1384  1394ohci - ok
12:03:20.0445 0x1384  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
12:03:20.0461 0x1384  3ware - ok
12:03:20.0523 0x1384  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
12:03:20.0554 0x1384  ACPI - ok
12:03:20.0570 0x1384  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
12:03:20.0570 0x1384  acpiex - ok
12:03:20.0586 0x1384  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
12:03:20.0601 0x1384  acpipagr - ok
12:03:20.0632 0x1384  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
12:03:20.0632 0x1384  AcpiPmi - ok
12:03:20.0664 0x1384  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
12:03:20.0664 0x1384  acpitime - ok
12:03:20.0742 0x1384  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:03:20.0773 0x1384  ADP80XX - ok
12:03:20.0882 0x1384  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
12:03:20.0898 0x1384  AeLookupSvc - ok
12:03:20.0976 0x1384  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
12:03:20.0976 0x1384  AERTFilters - ok
12:03:21.0023 0x1384  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
12:03:21.0054 0x1384  AFD - ok
12:03:21.0086 0x1384  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
12:03:21.0086 0x1384  agp440 - ok
12:03:21.0117 0x1384  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:03:21.0132 0x1384  ahcache - ok
12:03:21.0164 0x1384  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
12:03:21.0164 0x1384  ALG - ok
12:03:21.0211 0x1384  [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:03:21.0226 0x1384  AMD External Events Utility - ok
12:03:21.0257 0x1384  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
12:03:21.0273 0x1384  AmdK8 - ok
12:03:22.0313 0x1384  [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
12:03:23.0261 0x1384  amdkmdag - ok
12:03:23.0414 0x1384  [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:03:23.0453 0x1384  amdkmdap - ok
12:03:23.0483 0x1384  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
12:03:23.0491 0x1384  AmdPPM - ok
12:03:23.0529 0x1384  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
12:03:23.0537 0x1384  amdsata - ok
12:03:23.0577 0x1384  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
12:03:23.0597 0x1384  amdsbs - ok
12:03:23.0632 0x1384  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
12:03:23.0637 0x1384  amdxata - ok
12:03:23.0692 0x1384  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
12:03:23.0699 0x1384  AppHostSvc - ok
12:03:23.0744 0x1384  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
12:03:23.0754 0x1384  AppID - ok
12:03:23.0789 0x1384  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
12:03:23.0796 0x1384  AppIDSvc - ok
12:03:23.0836 0x1384  [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
12:03:23.0846 0x1384  Appinfo - ok
12:03:23.0906 0x1384  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
12:03:23.0940 0x1384  AppReadiness - ok
12:03:24.0044 0x1384  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
12:03:24.0118 0x1384  AppXSvc - ok
12:03:24.0180 0x1384  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
12:03:24.0195 0x1384  arcsas - ok
12:03:24.0303 0x1384  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:03:24.0303 0x1384  aspnet_state - ok
12:03:24.0397 0x1384  [ 001CFE1AE7A6377D70F654305ED10458, 02319F42082DD01715521BB01C63D93A783890F5EEF4F97E34401D6BF2537075 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
12:03:24.0397 0x1384  aswHwid - ok
12:03:24.0428 0x1384  [ 92E0526D9148DED5E1EB31AFA18F354C, 6B53FDE043163A70C95E6E55F1B672C0A6532749C40880B2B8704729175A3D29 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:03:24.0428 0x1384  aswMonFlt - ok
12:03:24.0459 0x1384  [ 6669541A3566F5B2F64A87ACC9B8821F, DD99968B1D78B55A6A19C8D494B7FB39ADF5175BD223B01E4C833AE10BBD019A ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
12:03:24.0475 0x1384  aswRdr - ok
12:03:24.0490 0x1384  [ 60FED5EA7F14315C319E7FFB3679CC24, 19774A9C0DB86ED99434A194C9138682982EEFEA43CE33AB38985445C72B4C03 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
12:03:24.0506 0x1384  aswRvrt - ok
12:03:24.0584 0x1384  [ 3CEC5CBD6611F35E53BC54E75B6C4612, 1FF4A1F83E5A7BC7C9751D6C024D4C59642152C93C1C1A5527B3B8B64CF906D6 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
12:03:24.0662 0x1384  aswSnx - ok
12:03:24.0725 0x1384  [ 6FC940A01C53BC874F531349E991F2BC, C7D84127217D556D7722B0EBC38057C8DFA173265A6E1DBF89CA47379F061ED7 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
12:03:24.0756 0x1384  aswSP - ok
12:03:24.0803 0x1384  [ 7250DFE069F4CB68F736A12F51AC083E, 7422A030786F777E914E1D6C10BC9B94B03B4AA2A8F888FE948004B91C60CD07 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
12:03:24.0803 0x1384  aswStm - ok
12:03:24.0850 0x1384  [ 5EA98C99B780EE215401658BE5E217CA, A778F2E2414BD0C9C572BEAC1DD0A805ED1827A25D6208D650AEBCCEED4D6994 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
12:03:24.0867 0x1384  aswVmm - ok
12:03:24.0915 0x1384  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:03:24.0920 0x1384  AsyncMac - ok
12:03:24.0950 0x1384  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
12:03:24.0955 0x1384  atapi - ok
12:03:24.0997 0x1384  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:03:25.0013 0x1384  AudioEndpointBuilder - ok
12:03:25.0083 0x1384  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
12:03:25.0176 0x1384  Audiosrv - ok
12:03:25.0280 0x1384  [ 5CE4F1E7D1BF789919DC7F2E7603C638, 604D4D824B9FE183B82637D212D7804DC88D6475383C1E6EE4269CAAD82E7C13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:03:25.0285 0x1384  avast! Antivirus - ok
12:03:25.0322 0x1384  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
12:03:25.0334 0x1384  AxInstSV - ok
12:03:25.0386 0x1384  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
12:03:25.0419 0x1384  b06bdrv - ok
12:03:25.0448 0x1384  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:03:25.0454 0x1384  BasicDisplay - ok
12:03:25.0469 0x1384  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
12:03:25.0474 0x1384  BasicRender - ok
12:03:25.0504 0x1384  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
12:03:25.0509 0x1384  bcmfn2 - ok
12:03:25.0589 0x1384  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
12:03:25.0667 0x1384  BDESVC - ok
12:03:25.0745 0x1384  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:03:25.0761 0x1384  Beep - ok
12:03:25.0839 0x1384  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
12:03:25.0886 0x1384  BFE - ok
12:03:25.0995 0x1384  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
12:03:26.0386 0x1384  BITS - ok
12:03:26.0448 0x1384  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:03:26.0479 0x1384  Bonjour Service - ok
12:03:26.0511 0x1384  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
12:03:26.0526 0x1384  bowser - ok
12:03:26.0604 0x1384  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:03:26.0620 0x1384  BrokerInfrastructure - ok
12:03:26.0667 0x1384  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
12:03:26.0683 0x1384  Browser - ok
12:03:26.0730 0x1384  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:03:26.0745 0x1384  BthAvrcpTg - ok
12:03:26.0761 0x1384  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
12:03:26.0761 0x1384  BthHFEnum - ok
12:03:26.0776 0x1384  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
12:03:26.0792 0x1384  bthhfhid - ok
12:03:26.0823 0x1384  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
12:03:26.0823 0x1384  BTHMODEM - ok
12:03:26.0854 0x1384  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
12:03:26.0870 0x1384  bthserv - ok
12:03:26.0901 0x1384  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:03:26.0901 0x1384  cdfs - ok
12:03:26.0933 0x1384  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
12:03:26.0948 0x1384  cdrom - ok
12:03:26.0990 0x1384  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
12:03:27.0004 0x1384  CertPropSvc - ok
12:03:27.0025 0x1384  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
12:03:27.0031 0x1384  circlass - ok
12:03:27.0067 0x1384  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
12:03:27.0096 0x1384  CLFS - ok
12:03:27.0166 0x1384  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
12:03:27.0177 0x1384  CLVirtualDrive - ok
12:03:27.0207 0x1384  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
12:03:27.0211 0x1384  CmBatt - ok
12:03:27.0277 0x1384  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
12:03:27.0325 0x1384  CNG - ok
12:03:27.0359 0x1384  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
12:03:27.0363 0x1384  CompositeBus - ok
12:03:27.0377 0x1384  COMSysApp - ok
12:03:27.0401 0x1384  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
12:03:27.0408 0x1384  condrv - ok
12:03:27.0472 0x1384  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
12:03:27.0472 0x1384  CryptSvc - ok
12:03:27.0488 0x1384  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
12:03:27.0503 0x1384  dam - ok
12:03:27.0581 0x1384  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:03:27.0628 0x1384  DcomLaunch - ok
12:03:27.0722 0x1384  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
12:03:27.0753 0x1384  defragsvc - ok
12:03:27.0816 0x1384  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:03:27.0847 0x1384  DeviceAssociationService - ok
12:03:27.0862 0x1384  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
12:03:27.0894 0x1384  DeviceInstall - ok
12:03:27.0925 0x1384  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
12:03:27.0941 0x1384  Dfsc - ok
12:03:28.0003 0x1384  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
12:03:28.0034 0x1384  Dhcp - ok
12:03:28.0097 0x1384  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
12:03:28.0097 0x1384  disk - ok
12:03:28.0144 0x1384  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
12:03:28.0144 0x1384  dmvsc - ok
12:03:28.0175 0x1384  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:03:28.0227 0x1384  Dnscache - ok
12:03:28.0285 0x1384  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:03:28.0307 0x1384  dot3svc - ok
12:03:28.0385 0x1384  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
12:03:28.0426 0x1384  DPS - ok
12:03:28.0440 0x1384  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:03:28.0443 0x1384  drmkaud - ok
12:03:28.0482 0x1384  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
12:03:28.0498 0x1384  DsmSvc - ok
12:03:28.0604 0x1384  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:03:28.0701 0x1384  DXGKrnl - ok
12:03:28.0741 0x1384  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
12:03:28.0756 0x1384  Eaphost - ok
12:03:28.0969 0x1384  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
12:03:29.0186 0x1384  ebdrv - ok
12:03:29.0234 0x1384  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
12:03:29.0246 0x1384  EFS - ok
12:03:29.0273 0x1384  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
12:03:29.0282 0x1384  EhStorClass - ok
12:03:29.0322 0x1384  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:03:29.0334 0x1384  EhStorTcgDrv - ok
12:03:29.0369 0x1384  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
12:03:29.0374 0x1384  ErrDev - ok
12:03:29.0530 0x1384  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
12:03:29.0570 0x1384  EventSystem - ok
12:03:29.0606 0x1384  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
12:03:29.0620 0x1384  exfat - ok
12:03:29.0647 0x1384  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
12:03:29.0663 0x1384  fastfat - ok
12:03:29.0738 0x1384  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
12:03:29.0790 0x1384  Fax - ok
12:03:29.0831 0x1384  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
12:03:29.0835 0x1384  fdc - ok
12:03:29.0860 0x1384  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
12:03:29.0869 0x1384  fdPHost - ok
12:03:29.0892 0x1384  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
12:03:29.0901 0x1384  FDResPub - ok
12:03:29.0935 0x1384  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
12:03:29.0951 0x1384  fhsvc - ok
12:03:29.0970 0x1384  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
12:03:29.0981 0x1384  FileInfo - ok
12:03:30.0001 0x1384  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
12:03:30.0006 0x1384  Filetrace - ok
12:03:30.0032 0x1384  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
12:03:30.0037 0x1384  flpydisk - ok
12:03:30.0072 0x1384  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:03:30.0095 0x1384  FltMgr - ok
12:03:30.0200 0x1384  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
12:03:30.0292 0x1384  FontCache - ok
12:03:30.0347 0x1384  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:30.0353 0x1384  FontCache3.0.0.0 - ok
12:03:30.0394 0x1384  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
12:03:30.0401 0x1384  FsDepends - ok
12:03:30.0427 0x1384  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:03:30.0432 0x1384  Fs_Rec - ok
12:03:30.0489 0x1384  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:03:30.0525 0x1384  fvevol - ok
12:03:30.0553 0x1384  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
12:03:30.0559 0x1384  FxPPM - ok
12:03:30.0587 0x1384  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
12:03:30.0595 0x1384  gagp30kx - ok
12:03:30.0634 0x1384  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
12:03:30.0639 0x1384  gencounter - ok
12:03:30.0669 0x1384  [ 5B1EDAFD02AEA9345C24F0B6537CC8A0, D36D4F20756D19CF0A4C6CD0FDB678F7D79D1AC66D62F55845DFE7E7CB433A2B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:03:30.0680 0x1384  GPIOClx0101 - ok
12:03:30.0820 0x1384  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
12:03:30.0927 0x1384  gpsvc - ok
12:03:31.0039 0x1384  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:03:31.0047 0x1384  gupdate - ok
12:03:31.0062 0x1384  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:03:31.0070 0x1384  gupdatem - ok
12:03:31.0097 0x1384  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
12:03:31.0105 0x1384  HDAudBus - ok
12:03:31.0120 0x1384  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
12:03:31.0124 0x1384  HidBatt - ok
12:03:31.0201 0x1384  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
12:03:31.0210 0x1384  HidBth - ok
12:03:31.0236 0x1384  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
12:03:31.0242 0x1384  hidi2c - ok
12:03:31.0262 0x1384  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
12:03:31.0267 0x1384  HidIr - ok
12:03:31.0298 0x1384  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
12:03:31.0309 0x1384  hidserv - ok
12:03:31.0330 0x1384  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
12:03:31.0335 0x1384  HidUsb - ok
12:03:31.0388 0x1384  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
12:03:31.0404 0x1384  hkmsvc - ok
12:03:31.0441 0x1384  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:03:31.0464 0x1384  HomeGroupListener - ok
12:03:31.0545 0x1384  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:03:31.0580 0x1384  HomeGroupProvider - ok
12:03:31.0663 0x1384  [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:03:31.0679 0x1384  HP Support Assistant Service - ok
12:03:31.0694 0x1384  [ 4F88FA114D15504E1B17978A8DA4165E, FB3876525BC82B20D1CD159F1DC2CCBA63CAAA755A97E5C97089B09DEA6DD790 ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
12:03:31.0710 0x1384  HPConnectedRemote - ok
12:03:31.0804 0x1384  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:03:31.0874 0x1384  hpqwmiex - ok
12:03:31.0902 0x1384  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
12:03:31.0910 0x1384  HpSAMD - ok
12:03:32.0054 0x1384  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
12:03:32.0128 0x1384  HTTP - ok
12:03:32.0172 0x1384  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
12:03:32.0177 0x1384  hwpolicy - ok
12:03:32.0204 0x1384  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
12:03:32.0209 0x1384  hyperkbd - ok
12:03:32.0237 0x1384  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:03:32.0241 0x1384  HyperVideo - ok
12:03:32.0279 0x1384  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
12:03:32.0288 0x1384  i8042prt - ok
12:03:32.0325 0x1384  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:03:32.0345 0x1384  iaLPSSi_GPIO - ok
12:03:32.0379 0x1384  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:03:32.0388 0x1384  iaLPSSi_I2C - ok
12:03:32.0468 0x1384  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
12:03:32.0533 0x1384  iaStorAV - ok
12:03:32.0577 0x1384  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
12:03:32.0602 0x1384  iaStorV - ok
12:03:32.0824 0x1384  [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:03:32.0958 0x1384  IconMan_R - ok
12:03:32.0983 0x1384  IEEtwCollectorService - ok
12:03:33.0120 0x1384  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
12:03:33.0199 0x1384  IKEEXT - ok
12:03:33.0550 0x1384  [ 5AB35054EC837E5E2196CA91BCDF8232, 25D881B076162420742B2E0919E0950D05101E7F3127A65BD4B6D9E8507B1150 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:03:33.0856 0x1384  IntcAzAudAddService - ok
12:03:33.0937 0x1384  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
12:03:33.0942 0x1384  intelide - ok
12:03:33.0967 0x1384  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
12:03:33.0972 0x1384  intelpep - ok
12:03:34.0003 0x1384  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
12:03:34.0013 0x1384  intelppm - ok
12:03:34.0059 0x1384  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:03:34.0066 0x1384  IpFilterDriver - ok
12:03:34.0217 0x1384  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
12:03:34.0288 0x1384  iphlpsvc - ok
12:03:34.0334 0x1384  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:03:34.0342 0x1384  IPMIDRV - ok
12:03:34.0363 0x1384  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
12:03:34.0375 0x1384  IPNAT - ok
12:03:34.0389 0x1384  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
12:03:34.0393 0x1384  IRENUM - ok
12:03:34.0411 0x1384  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
12:03:34.0416 0x1384  isapnp - ok
12:03:34.0449 0x1384  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
12:03:34.0468 0x1384  iScsiPrt - ok
12:03:34.0496 0x1384  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
12:03:34.0505 0x1384  kbdclass - ok
12:03:34.0530 0x1384  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
12:03:34.0536 0x1384  kbdhid - ok
12:03:34.0556 0x1384  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:03:34.0561 0x1384  kdnic - ok
12:03:34.0585 0x1384  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
12:03:34.0595 0x1384  KeyIso - ok
12:03:34.0613 0x1384  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
12:03:34.0623 0x1384  KSecDD - ok
12:03:34.0653 0x1384  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:03:34.0665 0x1384  KSecPkg - ok
12:03:34.0696 0x1384  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
12:03:34.0702 0x1384  ksthunk - ok
12:03:34.0760 0x1384  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
12:03:34.0790 0x1384  KtmRm - ok
12:03:34.0843 0x1384  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
12:03:34.0874 0x1384  LanmanServer - ok
12:03:34.0923 0x1384  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:03:34.0960 0x1384  LanmanWorkstation - ok
12:03:35.0039 0x1384  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
12:03:35.0080 0x1384  lfsvc - ok
12:03:35.0119 0x1384  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:03:35.0126 0x1384  lltdio - ok
12:03:35.0178 0x1384  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
12:03:35.0205 0x1384  lltdsvc - ok
12:03:35.0245 0x1384  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
12:03:35.0256 0x1384  lmhosts - ok
12:03:35.0291 0x1384  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
12:03:35.0300 0x1384  LSI_SAS - ok
12:03:35.0330 0x1384  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:03:35.0341 0x1384  LSI_SAS2 - ok
12:03:35.0370 0x1384  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:03:35.0380 0x1384  LSI_SAS3 - ok
12:03:35.0407 0x1384  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
12:03:35.0415 0x1384  LSI_SSS - ok
12:03:35.0527 0x1384  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
12:03:35.0605 0x1384  LSM - ok
12:03:35.0636 0x1384  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
12:03:35.0636 0x1384  luafv - ok
12:03:35.0668 0x1384  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
12:03:35.0668 0x1384  megasas - ok
12:03:35.0730 0x1384  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
12:03:35.0761 0x1384  megasr - ok
12:03:35.0853 0x1384  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
12:03:35.0870 0x1384  MMCSS - ok
12:03:35.0895 0x1384  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
12:03:35.0901 0x1384  Modem - ok
12:03:35.0923 0x1384  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
12:03:35.0928 0x1384  monitor - ok
12:03:35.0956 0x1384  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
12:03:35.0962 0x1384  mouclass - ok
12:03:35.0977 0x1384  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
12:03:35.0982 0x1384  mouhid - ok
12:03:36.0013 0x1384  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
12:03:36.0022 0x1384  mountmgr - ok
12:03:36.0043 0x1384  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
12:03:36.0050 0x1384  mpsdrv - ok
12:03:36.0152 0x1384  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
12:03:36.0210 0x1384  MpsSvc - ok
12:03:36.0236 0x1384  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
12:03:36.0246 0x1384  MRxDAV - ok
12:03:36.0308 0x1384  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:03:36.0339 0x1384  mrxsmb - ok
12:03:36.0384 0x1384  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:03:36.0402 0x1384  mrxsmb10 - ok
12:03:36.0428 0x1384  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:03:36.0442 0x1384  mrxsmb20 - ok
12:03:36.0478 0x1384  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
12:03:36.0489 0x1384  MsBridge - ok
12:03:36.0526 0x1384  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
12:03:36.0546 0x1384  MSDTC - ok
12:03:36.0574 0x1384  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:03:36.0578 0x1384  Msfs - ok
12:03:36.0594 0x1384  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:03:36.0601 0x1384  msgpiowin32 - ok
12:03:36.0654 0x1384  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:03:36.0658 0x1384  mshidkmdf - ok
12:03:36.0673 0x1384  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
12:03:36.0676 0x1384  mshidumdf - ok
12:03:36.0700 0x1384  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
12:03:36.0706 0x1384  msisadrv - ok
12:03:36.0748 0x1384  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
12:03:36.0766 0x1384  MSiSCSI - ok
12:03:36.0778 0x1384  msiserver - ok
12:03:36.0805 0x1384  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:03:36.0810 0x1384  MSKSSRV - ok
12:03:36.0862 0x1384  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:03:36.0870 0x1384  MsLldp - ok
12:03:36.0892 0x1384  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:03:36.0898 0x1384  MSPCLOCK - ok
12:03:36.0921 0x1384  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:03:36.0924 0x1384  MSPQM - ok
12:03:36.0969 0x1384  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
12:03:36.0991 0x1384  MsRPC - ok
12:03:37.0016 0x1384  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
12:03:37.0022 0x1384  mssmbios - ok
12:03:37.0042 0x1384  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
12:03:37.0047 0x1384  MSTEE - ok
12:03:37.0071 0x1384  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
12:03:37.0076 0x1384  MTConfig - ok
12:03:37.0094 0x1384  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
12:03:37.0101 0x1384  Mup - ok
12:03:37.0125 0x1384  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
12:03:37.0132 0x1384  mvumis - ok
12:03:37.0208 0x1384  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
12:03:37.0242 0x1384  napagent - ok
12:03:37.0308 0x1384  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:03:37.0334 0x1384  NativeWifiP - ok
12:03:37.0376 0x1384  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
12:03:37.0394 0x1384  NcaSvc - ok
12:03:37.0429 0x1384  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
12:03:37.0448 0x1384  NcbService - ok
12:03:37.0474 0x1384  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
12:03:37.0489 0x1384  NcdAutoSetup - ok
12:03:37.0570 0x1384  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
12:03:37.0638 0x1384  NDIS - ok
12:03:37.0658 0x1384  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:03:37.0663 0x1384  NdisCap - ok
12:03:37.0685 0x1384  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:03:37.0695 0x1384  NdisImPlatform - ok
12:03:37.0723 0x1384  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:03:37.0729 0x1384  NdisTapi - ok
12:03:37.0755 0x1384  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:03:37.0762 0x1384  Ndisuio - ok
12:03:37.0783 0x1384  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:03:37.0783 0x1384  NdisVirtualBus - ok
12:03:37.0830 0x1384  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:03:37.0846 0x1384  NdisWan - ok
12:03:37.0877 0x1384  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:03:37.0893 0x1384  NdisWanLegacy - ok
12:03:37.0908 0x1384  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:03:37.0924 0x1384  NDProxy - ok
12:03:37.0955 0x1384  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
12:03:37.0955 0x1384  Ndu - ok
12:03:37.0986 0x1384  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:03:37.0986 0x1384  NetBIOS - ok
12:03:38.0018 0x1384  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:03:38.0049 0x1384  NetBT - ok
12:03:38.0065 0x1384  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:03:38.0080 0x1384  Netlogon - ok
12:03:38.0127 0x1384  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
12:03:38.0158 0x1384  Netman - ok
12:03:38.0190 0x1384  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
12:03:38.0236 0x1384  netprofm - ok
12:03:38.0408 0x1384  [ 735E4E58539FA0F0B96B7D9599C6C041, 43B603C7EF5B1819FC99776984326C5AA6D2915BA70E12E5366BB456D1F2B7E3 ] netr28x         C:\WINDOWS\system32\DRIVERS\netr28x.sys
12:03:38.0580 0x1384  netr28x - ok
12:03:38.0627 0x1384  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:38.0721 0x1384  NetTcpPortSharing - ok
12:03:38.0768 0x1384  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
12:03:38.0783 0x1384  netvsc - ok
12:03:38.0830 0x1384  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
12:03:38.0862 0x1384  NlaSvc - ok
12:03:38.0877 0x1384  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:03:38.0877 0x1384  Npfs - ok
12:03:38.0893 0x1384  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
12:03:38.0893 0x1384  npsvctrig - ok
12:03:38.0924 0x1384  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
12:03:38.0940 0x1384  nsi - ok
12:03:38.0955 0x1384  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
12:03:38.0955 0x1384  nsiproxy - ok
12:03:39.0115 0x1384  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:03:39.0267 0x1384  Ntfs - ok
12:03:39.0300 0x1384  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:03:39.0304 0x1384  Null - ok
12:03:39.0336 0x1384  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
12:03:39.0348 0x1384  nvraid - ok
12:03:39.0382 0x1384  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
12:03:39.0396 0x1384  nvstor - ok
12:03:39.0427 0x1384  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
12:03:39.0437 0x1384  nv_agp - ok
12:03:39.0492 0x1384  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
12:03:39.0524 0x1384  p2pimsvc - ok
12:03:39.0608 0x1384  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
12:03:39.0639 0x1384  p2psvc - ok
12:03:39.0686 0x1384  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
12:03:39.0686 0x1384  Parport - ok
12:03:39.0717 0x1384  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
12:03:39.0733 0x1384  partmgr - ok
12:03:39.0780 0x1384  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
12:03:39.0826 0x1384  PcaSvc - ok
12:03:39.0873 0x1384  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
12:03:39.0889 0x1384  pci - ok
12:03:39.0905 0x1384  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
12:03:39.0905 0x1384  pciide - ok
12:03:39.0936 0x1384  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
12:03:39.0952 0x1384  pcmcia - ok
12:03:39.0983 0x1384  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
12:03:39.0983 0x1384  pcw - ok
12:03:39.0998 0x1384  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
12:03:40.0014 0x1384  pdc - ok
12:03:40.0076 0x1384  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
12:03:40.0123 0x1384  PEAUTH - ok
12:03:40.0217 0x1384  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
12:03:40.0233 0x1384  PerfHost - ok
12:03:40.0358 0x1384  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
12:03:40.0452 0x1384  pla - ok
12:03:40.0498 0x1384  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
12:03:40.0514 0x1384  PlugPlay - ok
12:03:40.0545 0x1384  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
12:03:40.0565 0x1384  PNRPAutoReg - ok
12:03:40.0617 0x1384  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
12:03:40.0649 0x1384  PNRPsvc - ok
12:03:40.0706 0x1384  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
12:03:40.0735 0x1384  PolicyAgent - ok
12:03:40.0769 0x1384  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
12:03:40.0788 0x1384  Power - ok
12:03:40.0818 0x1384  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:03:40.0827 0x1384  PptpMiniport - ok
12:03:41.0395 0x1384  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:03:41.0567 0x1384  PrintNotify - ok
12:03:41.0614 0x1384  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
12:03:41.0629 0x1384  Processor - ok
12:03:41.0676 0x1384  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
12:03:41.0692 0x1384  ProfSvc - ok
12:03:41.0723 0x1384  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
12:03:41.0738 0x1384  Psched - ok
12:03:41.0848 0x1384  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
12:03:41.0879 0x1384  QWAVE - ok
12:03:41.0926 0x1384  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
12:03:41.0926 0x1384  QWAVEdrv - ok
12:03:41.0942 0x1384  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:03:41.0957 0x1384  RasAcd - ok
12:03:41.0988 0x1384  [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:03:42.0004 0x1384  RasAgileVpn - ok
12:03:42.0035 0x1384  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:03:42.0051 0x1384  RasAuto - ok
12:03:42.0082 0x1384  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:03:42.0098 0x1384  Rasl2tp - ok
12:03:42.0145 0x1384  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:03:42.0192 0x1384  RasMan - ok
12:03:42.0223 0x1384  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:03:42.0223 0x1384  RasPppoe - ok
12:03:42.0254 0x1384  [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:03:42.0270 0x1384  RasSstp - ok
12:03:42.0321 0x1384  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:03:42.0346 0x1384  rdbss - ok
12:03:42.0386 0x1384  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
12:03:42.0391 0x1384  rdpbus - ok
12:03:42.0420 0x1384  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
12:03:42.0435 0x1384  RDPDR - ok
12:03:42.0479 0x1384  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:03:42.0485 0x1384  RdpVideoMiniport - ok
12:03:42.0513 0x1384  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
12:03:42.0532 0x1384  rdyboost - ok
12:03:42.0624 0x1384  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
12:03:42.0687 0x1384  ReFS - ok
12:03:42.0759 0x1384  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:03:42.0785 0x1384  RemoteAccess - ok
12:03:42.0823 0x1384  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:03:42.0844 0x1384  RemoteRegistry - ok
12:03:42.0870 0x1384  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
12:03:42.0888 0x1384  RpcEptMapper - ok
12:03:42.0931 0x1384  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:03:42.0948 0x1384  RpcLocator - ok
12:03:43.0006 0x1384  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:03:43.0061 0x1384  RpcSs - ok
12:03:43.0120 0x1384  [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR      C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
12:03:43.0142 0x1384  RSPCIESTOR - ok
12:03:43.0176 0x1384  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:03:43.0184 0x1384  rspndr - ok
12:03:43.0250 0x1384  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
12:03:43.0288 0x1384  RTL8168 - ok
12:03:43.0324 0x1384  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
12:03:43.0329 0x1384  s3cap - ok
12:03:43.0360 0x1384  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:03:43.0371 0x1384  SamSs - ok
12:03:43.0417 0x1384  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
12:03:43.0419 0x1384  sbp2port - ok
12:03:43.0466 0x1384  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
12:03:43.0497 0x1384  SCardSvr - ok
12:03:43.0513 0x1384  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
12:03:43.0528 0x1384  ScDeviceEnum - ok
12:03:43.0560 0x1384  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:03:43.0575 0x1384  scfilter - ok
12:03:43.0700 0x1384  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:03:43.0794 0x1384  Schedule - ok
12:03:43.0841 0x1384  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
12:03:43.0862 0x1384  SCPolicySvc - ok
12:03:43.0900 0x1384  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
12:03:43.0917 0x1384  sdbus - ok
12:03:43.0938 0x1384  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
12:03:43.0947 0x1384  sdstor - ok
12:03:43.0963 0x1384  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
12:03:43.0969 0x1384  secdrv - ok
12:03:44.0076 0x1384  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
12:03:44.0093 0x1384  seclogon - ok
12:03:44.0115 0x1384  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
12:03:44.0134 0x1384  SENS - ok
12:03:44.0166 0x1384  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
12:03:44.0191 0x1384  SensrSvc - ok
12:03:44.0221 0x1384  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
12:03:44.0228 0x1384  SerCx - ok
12:03:44.0294 0x1384  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
12:03:44.0305 0x1384  SerCx2 - ok
12:03:44.0335 0x1384  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
12:03:44.0341 0x1384  Serenum - ok
12:03:44.0384 0x1384  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
12:03:44.0392 0x1384  Serial - ok
12:03:44.0408 0x1384  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
12:03:44.0413 0x1384  sermouse - ok
12:03:44.0537 0x1384  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
12:03:44.0575 0x1384  SessionEnv - ok
12:03:44.0687 0x1384  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
12:03:44.0692 0x1384  sfloppy - ok
12:03:44.0782 0x1384  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:03:44.0814 0x1384  SharedAccess - ok
12:03:45.0048 0x1384  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:03:45.0136 0x1384  ShellHWDetection - ok
12:03:45.0224 0x1384  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:03:45.0230 0x1384  SiSRaid2 - ok
12:03:45.0251 0x1384  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
12:03:45.0260 0x1384  SiSRaid4 - ok
12:03:45.0325 0x1384  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
12:03:45.0343 0x1384  SkypeUpdate - ok
12:03:45.0381 0x1384  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
12:03:45.0397 0x1384  smphost - ok
12:03:45.0428 0x1384  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
12:03:45.0444 0x1384  SNMPTRAP - ok
12:03:45.0491 0x1384  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
12:03:45.0522 0x1384  spaceport - ok
12:03:45.0569 0x1384  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
12:03:45.0569 0x1384  SpbCx - ok
12:03:45.0663 0x1384  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
12:03:45.0741 0x1384  Spooler - ok
12:03:46.0390 0x1384  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
12:03:46.0967 0x1384  sppsvc - ok
12:03:47.0067 0x1384  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:03:47.0096 0x1384  srv - ok
12:03:47.0153 0x1384  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
12:03:47.0218 0x1384  srv2 - ok
12:03:47.0283 0x1384  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:03:47.0300 0x1384  srvnet - ok
12:03:47.0345 0x1384  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:03:47.0394 0x1384  SSDPSRV - ok
12:03:47.0439 0x1384  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
12:03:47.0466 0x1384  SstpSvc - ok
12:03:47.0547 0x1384  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
12:03:47.0552 0x1384  stexstor - ok
12:03:47.0649 0x1384  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
12:03:47.0701 0x1384  stisvc - ok
12:03:47.0744 0x1384  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
12:03:47.0752 0x1384  storahci - ok
12:03:47.0781 0x1384  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:03:47.0789 0x1384  storflt - ok
12:03:47.0812 0x1384  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
12:03:47.0819 0x1384  stornvme - ok
12:03:47.0853 0x1384  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
12:03:47.0870 0x1384  StorSvc - ok
12:03:47.0901 0x1384  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
12:03:47.0909 0x1384  storvsc - ok
12:03:47.0941 0x1384  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
12:03:47.0958 0x1384  svsvc - ok
12:03:47.0991 0x1384  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
12:03:47.0996 0x1384  swenum - ok
12:03:48.0076 0x1384  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
12:03:48.0130 0x1384  swprv - ok
12:03:48.0239 0x1384  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
12:03:48.0324 0x1384  SysMain - ok
12:03:48.0384 0x1384  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:03:48.0412 0x1384  SystemEventsBroker - ok
12:03:48.0486 0x1384  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:03:48.0512 0x1384  TabletInputService - ok
12:03:48.0556 0x1384  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:03:48.0611 0x1384  TapiSrv - ok
12:03:49.0050 0x1384  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
12:03:49.0334 0x1384  Tcpip - ok
12:03:49.0564 0x1384  [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:03:49.0758 0x1384  TCPIP6 - ok
12:03:49.0834 0x1384  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
12:03:49.0840 0x1384  tcpipreg - ok
12:03:49.0881 0x1384  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
12:03:49.0892 0x1384  tdx - ok
12:03:49.0922 0x1384  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
12:03:49.0930 0x1384  terminpt - ok
12:03:50.0012 0x1384  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:03:50.0091 0x1384  TermService - ok
12:03:50.0137 0x1384  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
12:03:50.0155 0x1384  Themes - ok
12:03:50.0196 0x1384  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
12:03:50.0209 0x1384  THREADORDER - ok
12:03:50.0274 0x1384  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
12:03:50.0334 0x1384  TimeBroker - ok
12:03:50.0375 0x1384  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
12:03:50.0387 0x1384  TPM - ok
12:03:50.0409 0x1384  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
12:03:50.0432 0x1384  TrkWks - ok
12:03:50.0483 0x1384  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:03:50.0492 0x1384  TrustedInstaller - ok
12:03:50.0518 0x1384  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
12:03:50.0524 0x1384  TsUsbFlt - ok
12:03:50.0542 0x1384  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:03:50.0550 0x1384  TsUsbGD - ok
12:03:50.0573 0x1384  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:03:50.0586 0x1384  tunnel - ok
12:03:50.0617 0x1384  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
12:03:50.0625 0x1384  uagp35 - ok
12:03:50.0659 0x1384  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
12:03:50.0668 0x1384  UASPStor - ok
12:03:50.0696 0x1384  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
12:03:50.0710 0x1384  UCX01000 - ok
12:03:50.0752 0x1384  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
12:03:50.0773 0x1384  udfs - ok
12:03:50.0789 0x1384  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
12:03:50.0795 0x1384  UEFI - ok
12:03:50.0842 0x1384  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
12:03:50.0858 0x1384  UI0Detect - ok
12:03:50.0883 0x1384  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
12:03:50.0891 0x1384  uliagpkx - ok
12:03:50.0921 0x1384  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
12:03:50.0927 0x1384  umbus - ok
12:03:50.0957 0x1384  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
12:03:50.0962 0x1384  UmPass - ok
12:03:51.0035 0x1384  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
12:03:51.0067 0x1384  UmRdpService - ok
12:03:51.0147 0x1384  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:03:51.0215 0x1384  upnphost - ok
12:03:51.0249 0x1384  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
12:03:51.0260 0x1384  usbccgp - ok
12:03:51.0286 0x1384  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
12:03:51.0294 0x1384  usbcir - ok
12:03:51.0323 0x1384  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
12:03:51.0333 0x1384  usbehci - ok
12:03:51.0366 0x1384  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\WINDOWS\System32\drivers\usbfilter.sys
12:03:51.0373 0x1384  usbfilter - ok
12:03:51.0419 0x1384  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
12:03:51.0446 0x1384  usbhub - ok
12:03:51.0490 0x1384  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
12:03:51.0518 0x1384  USBHUB3 - ok
12:03:51.0553 0x1384  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
12:03:51.0559 0x1384  usbohci - ok
12:03:51.0575 0x1384  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
12:03:51.0581 0x1384  usbprint - ok
12:03:51.0621 0x1384  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:03:51.0632 0x1384  USBSTOR - ok
12:03:51.0661 0x1384  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
12:03:51.0668 0x1384  usbuhci - ok
12:03:51.0694 0x1384  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
12:03:51.0709 0x1384  usbvideo - ok
12:03:51.0751 0x1384  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:03:51.0771 0x1384  USBXHCI - ok
12:03:51.0794 0x1384  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
12:03:51.0805 0x1384  VaultSvc - ok
12:03:51.0824 0x1384  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
12:03:51.0829 0x1384  vdrvroot - ok
12:03:51.0942 0x1384  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
12:03:52.0025 0x1384  vds - ok
12:03:52.0056 0x1384  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
12:03:52.0070 0x1384  VerifierExt - ok
12:03:52.0123 0x1384  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
12:03:52.0156 0x1384  vhdmp - ok
12:03:52.0172 0x1384  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
12:03:52.0176 0x1384  viaide - ok
12:03:52.0204 0x1384  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
12:03:52.0213 0x1384  vmbus - ok
12:03:52.0235 0x1384  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
12:03:52.0240 0x1384  VMBusHID - ok
12:03:52.0302 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:03:52.0346 0x1384  vmicguestinterface - ok
12:03:52.0385 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
12:03:52.0418 0x1384  vmicheartbeat - ok
12:03:52.0456 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:03:52.0490 0x1384  vmickvpexchange - ok
12:03:52.0527 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
12:03:52.0561 0x1384  vmicrdv - ok
12:03:52.0600 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
12:03:52.0634 0x1384  vmicshutdown - ok
12:03:52.0673 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
12:03:52.0707 0x1384  vmictimesync - ok
12:03:52.0746 0x1384  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
12:03:52.0779 0x1384  vmicvss - ok
12:03:52.0799 0x1384  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
12:03:52.0806 0x1384  volmgr - ok
12:03:52.0843 0x1384  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
12:03:52.0868 0x1384  volmgrx - ok
12:03:52.0914 0x1384  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
12:03:52.0934 0x1384  volsnap - ok
12:03:52.0968 0x1384  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
12:03:52.0976 0x1384  vpci - ok
12:03:53.0016 0x1384  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
12:03:53.0028 0x1384  vsmraid - ok
12:03:53.0132 0x1384  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
12:03:53.0222 0x1384  VSS - ok
12:03:53.0265 0x1384  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
12:03:53.0284 0x1384  VSTXRAID - ok
12:03:53.0327 0x1384  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
12:03:53.0339 0x1384  vwifibus - ok
12:03:53.0392 0x1384  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:03:53.0400 0x1384  vwififlt - ok
12:03:53.0426 0x1384  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:03:53.0433 0x1384  vwifimp - ok
12:03:53.0487 0x1384  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
12:03:53.0522 0x1384  W32Time - ok
12:03:53.0598 0x1384  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
12:03:53.0606 0x1384  w3logsvc - ok
12:03:53.0644 0x1384  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
12:03:53.0650 0x1384  WacomPen - ok
12:03:53.0671 0x1384  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:53.0679 0x1384  Wanarp - ok
12:03:53.0692 0x1384  [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:53.0700 0x1384  Wanarpv6 - ok
12:03:53.0760 0x1384  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:03:53.0793 0x1384  WAS - ok
12:03:53.0893 0x1384  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
12:03:54.0024 0x1384  wbengine - ok
12:03:54.0093 0x1384  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
12:03:54.0132 0x1384  WbioSrvc - ok
12:03:54.0169 0x1384  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
12:03:54.0202 0x1384  Wcmsvc - ok
12:03:54.0263 0x1384  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
12:03:54.0302 0x1384  wcncsvc - ok
12:03:54.0320 0x1384  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:03:54.0337 0x1384  WcsPlugInService - ok
12:03:54.0353 0x1384  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
12:03:54.0358 0x1384  WdBoot - ok
12:03:54.0436 0x1384  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
12:03:54.0482 0x1384  Wdf01000 - ok
12:03:54.0515 0x1384  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
12:03:54.0532 0x1384  WdFilter - ok
12:03:54.0559 0x1384  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
12:03:54.0579 0x1384  WdiServiceHost - ok
12:03:54.0594 0x1384  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
12:03:54.0612 0x1384  WdiSystemHost - ok
12:03:54.0641 0x1384  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:03:54.0651 0x1384  WdNisDrv - ok
12:03:54.0677 0x1384  WdNisSvc - ok
12:03:54.0717 0x1384  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:03:54.0743 0x1384  WebClient - ok
12:03:54.0778 0x1384  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
12:03:54.0805 0x1384  Wecsvc - ok
12:03:54.0820 0x1384  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
12:03:54.0836 0x1384  WEPHOSTSVC - ok
12:03:54.0855 0x1384  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
12:03:54.0874 0x1384  wercplsupport - ok
12:03:54.0895 0x1384  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
12:03:54.0915 0x1384  WerSvc - ok
12:03:54.0938 0x1384  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:03:54.0948 0x1384  WFPLWFS - ok
12:03:54.0970 0x1384  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
12:03:54.0989 0x1384  WiaRpc - ok
12:03:55.0011 0x1384  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
12:03:55.0017 0x1384  WIMMount - ok
12:03:55.0028 0x1384  WinDefend - ok
12:03:55.0115 0x1384  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:03:55.0171 0x1384  WinHttpAutoProxySvc - ok
12:03:55.0228 0x1384  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:03:55.0244 0x1384  Winmgmt - ok
12:03:55.0415 0x1384  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:03:55.0580 0x1384  WinRM - ok
12:03:55.0711 0x1384  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
12:03:55.0811 0x1384  WlanSvc - ok
12:03:55.0931 0x1384  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
12:03:56.0031 0x1384  wlidsvc - ok
12:03:56.0086 0x1384  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
12:03:56.0091 0x1384  WmiAcpi - ok
12:03:56.0134 0x1384  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:03:56.0148 0x1384  wmiApSrv - ok
12:03:56.0193 0x1384  WMPNetworkSvc - ok
12:03:56.0222 0x1384  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
12:03:56.0234 0x1384  Wof - ok
12:03:56.0381 0x1384  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
12:03:56.0486 0x1384  workfolderssvc - ok
12:03:56.0526 0x1384  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:03:56.0534 0x1384  wpcfltr - ok
12:03:56.0559 0x1384  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
12:03:56.0577 0x1384  WPCSvc - ok
12:03:56.0607 0x1384  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
12:03:56.0627 0x1384  WPDBusEnum - ok
12:03:56.0642 0x1384  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:03:56.0647 0x1384  WpdUpFltr - ok
12:03:56.0673 0x1384  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:03:56.0679 0x1384  ws2ifsl - ok
12:03:56.0717 0x1384  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
12:03:56.0740 0x1384  wscsvc - ok
12:03:56.0753 0x1384  WSearch - ok
12:03:57.0008 0x1384  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
12:03:57.0229 0x1384  WSService - ok
12:03:57.0479 0x1384  [ 9FDD8CD31F3FBA88F050318F32D640E2, BBCAFDA420E11D43BAD5D87D47607F4ADF0D817C1BF86D6389582B56EDD7C246 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
12:03:57.0694 0x1384  wuauserv - ok
12:03:57.0748 0x1384  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
12:03:57.0758 0x1384  WudfPf - ok
12:03:57.0796 0x1384  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
12:03:57.0811 0x1384  WUDFRd - ok
12:03:57.0843 0x1384  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
12:03:57.0866 0x1384  wudfsvc - ok
12:03:57.0891 0x1384  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:03:57.0905 0x1384  WUDFWpdFs - ok
12:03:57.0965 0x1384  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
12:03:58.0007 0x1384  WwanSvc - ok
12:03:58.0047 0x1384  ================ Scan global ===============================
12:03:58.0092 0x1384  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
12:03:58.0140 0x1384  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
12:03:58.0206 0x1384  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
12:03:58.0256 0x1384  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
12:03:58.0290 0x1384  [ Global ] - ok
12:03:58.0291 0x1384  ================ Scan MBR ==================================
12:03:58.0304 0x1384  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:03:58.0322 0x1384  \Device\Harddisk0\DR0 - ok
12:03:58.0323 0x1384  ================ Scan VBR ==================================
12:03:58.0334 0x1384  [ D4D0D5115062C4E3B9403A0AF9619392 ] \Device\Harddisk0\DR0\Partition1
12:03:58.0402 0x1384  \Device\Harddisk0\DR0\Partition1 - ok
12:03:58.0417 0x1384  [ 50F556C832B6F33B23E0CEA6935A0980 ] \Device\Harddisk0\DR0\Partition2
12:03:58.0464 0x1384  \Device\Harddisk0\DR0\Partition2 - ok
12:03:58.0488 0x1384  [ 113753BCD72FAD254692A52E235370E7 ] \Device\Harddisk0\DR0\Partition3
12:03:58.0496 0x1384  \Device\Harddisk0\DR0\Partition3 - ok
12:03:58.0510 0x1384  [ DF7F43F70D2BCF4AFB0BBBB77D50965F ] \Device\Harddisk0\DR0\Partition4
12:03:58.0547 0x1384  \Device\Harddisk0\DR0\Partition4 - ok
12:03:58.0580 0x1384  [ 524A4DE876D34834D6D17131EF6109F2 ] \Device\Harddisk0\DR0\Partition5
12:03:58.0584 0x1384  \Device\Harddisk0\DR0\Partition5 - ok
12:03:58.0601 0x1384  [ A4EFEE4B858E3FD3AAD9337A6958AA39 ] \Device\Harddisk0\DR0\Partition6
12:03:58.0609 0x1384  \Device\Harddisk0\DR0\Partition6 - ok
12:03:58.0611 0x1384  ================ Scan generic autorun ======================
12:03:59.0097 0x1384  [ D066F5D95B5AC708CD39AD4AB64A244C, B7817CFC3AC33B6C8C0295E0F809E3AC4E33CFDC341524B73C853A15F605D96B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:03:59.0485 0x1384  RTHDVCPL - ok
12:03:59.0631 0x1384  [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe
12:03:59.0634 0x1384  NCPluginUpdater - ok
12:04:00.0011 0x1384  [ 03F7027B0AFB0155956B6C6282C9C4AD, 02141463B6E8E533DA859FDFF9661B81A1BEB364506A0F80220D63D6A03A0EFB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:04:00.0304 0x1384  AvastUI.exe - ok
12:04:00.0339 0x1384  Skype - ok
12:04:00.0507 0x1384  [ AD039BD721859550F23064D42E7DDA44, 918812F078D796ADFE12A67CA802E9DA9D5FD48629A69E479009B9BABC099175 ] C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe
12:04:00.0560 0x1384  uTorrent - ok
12:04:00.0566 0x1384  Waiting for KSN requests completion. In queue: 85
12:04:01.0567 0x1384  Waiting for KSN requests completion. In queue: 85
12:04:02.0583 0x1384  Waiting for KSN requests completion. In queue: 85
12:04:03.0598 0x1384  Waiting for KSN requests completion. In queue: 85
12:04:04.0770 0x1384  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
12:04:04.0786 0x1384  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2206.692 ), 0x42000 ( disabled : updated )
12:04:04.0786 0x1384  Win FW state via NFP2: enabled
12:04:07.0239 0x1384  ============================================================
12:04:07.0239 0x1384  Scan finished
12:04:07.0239 0x1384  ============================================================
12:04:07.0254 0x06b0  Detected object count: 0
12:04:07.0254 0x06b0  Actual detected object count: 0
12:04:31.0377 0x0f6c  Deinitialize success
         
__________________

Alt 25.10.2014, 11:11   #4
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam



Schritt 1
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.






Schritt 2
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 25.10.2014, 11:21   #5
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



Code:
ATTFilter
# AdwCleaner v4.001 - Bericht erstellt am 25/10/2014 um 12:12:20
# Aktualisiert 20/10/2014 von Xplode
# Datenbank : 2014-10-23.2
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Katharina - HEIM
# Gestartet von : C:\Users\Katharina\Desktop\erste hilfe 2\2 ADW cleaner\AdwCleaner_4.001.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Google Chrome v38.0.2125.104


*************************

AdwCleaner[R0].txt - [6251 octets] - [25/10/2014 09:59:57]
AdwCleaner[R1].txt - [698 octets] - [25/10/2014 12:12:20]
AdwCleaner[S0].txt - [6304 octets] - [25/10/2014 10:21:32]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [817 octets] ##########
         
rest kommt.


Alt 25.10.2014, 11:23   #6
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam



Zitat:
Zitat von Akusmin Beitrag anzeigen

rest kommt.
ok
__________________
--> Internet sehr langsam

Alt 25.10.2014, 11:53   #7
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



JRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8.1 x64
Ran by Katharina on 25.10.2014 at 12:23:08,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.10.2014 at 12:39:01,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---


MBAM dauert noch


Code:
ATTFilter
Suchlauf Datum: 25.10.2014
Suchlauf-Zeit: 12:14:17
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.10.25.02
Rootkit Datenbank: v2014.10.22.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Katharina

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332890
Verstrichene Zeit: 30 Min, 50 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Katharina (administrator) on HEIM on 25-10-2014 12:47:54
Running from C:\Users\Katharina\Desktop
Loaded Profile: Katharina (Available profiles: Katharina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteWMPMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2012-11-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-25] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [uTorrent] => C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe [1045072 2014-10-16] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-25]

Chrome: 
=======
CHR HomePage: Default -> file:///C:/Users/Nina/Desktop/Meine%20Seite/Meine%20Seite%203.4/Alex%20ich%20liebe%20Dich.html
CHR StartupUrls: Default -> "file:///C:/Users/Katharina/Desktop/mama/Katharina/Desktop/Meine%20Seite%203.4/ti%20durak,%20alex.html"
CHR Profile: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-16]
CHR Extension: (Google Docs) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-16]
CHR Extension: (YouTube) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-16]
CHR Extension: (Adblock Plus) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-16]
CHR Extension: (Google-Suche) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-16]
CHR Extension: (Google Tabellen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-16]
CHR Extension: (Uhr) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-10-16]
CHR Extension: (Avast Online Security) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-16]
CHR Extension: (IP-Adresse) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-16]
CHR Extension: (Google Mail) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-25] (AVAST Software)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-23] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-25] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-25] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-25] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 12:47 - 2014-10-25 12:50 - 00012783 _____ () C:\Users\Katharina\Desktop\FRST.txt
2014-10-25 12:47 - 2014-10-25 12:47 - 00000000 ____D () C:\Users\Katharina\Desktop\FRST-OlderVersion
2014-10-25 12:46 - 2014-10-25 12:46 - 00001192 _____ () C:\Users\Katharina\Desktop\mbam.txt
2014-10-25 12:39 - 2014-10-25 12:39 - 00000618 _____ () C:\Users\Katharina\Desktop\JRT.txt
2014-10-25 12:23 - 2014-10-25 12:23 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-25 12:22 - 2014-10-25 12:22 - 01706144 _____ (Thisisu) C:\Users\Katharina\Downloads\JRT.exe
2014-10-25 12:02 - 2014-10-25 12:02 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Katharina\Downloads\tdsskiller.exe
2014-10-25 11:45 - 2014-10-25 12:00 - 00000000 ____D () C:\Users\Katharina\Desktop\text
2014-10-25 11:44 - 2014-10-25 11:44 - 00009216 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-10-25 11:02 - 2014-10-25 11:02 - 00001982 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-25 11:02 - 2014-10-25 11:02 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AVAST Software
2014-10-25 11:02 - 2014-10-25 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-25 11:01 - 2014-10-25 11:02 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-25 11:01 - 2014-10-25 11:01 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-25 11:01 - 2014-10-25 11:01 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00082768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-25 11:01 - 2014-10-25 11:01 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-25 11:01 - 2014-10-25 11:00 - 01049920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-10-25 10:59 - 2014-10-25 10:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-25 10:58 - 2014-10-25 10:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-25 10:57 - 2014-10-25 10:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-25 10:56 - 2014-10-25 10:58 - 131078000 _____ (AVAST Software) C:\Users\Katharina\Downloads\avast_free_antivirus_setup.exe
2014-10-25 10:52 - 2014-09-30 00:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-25 10:52 - 2014-09-30 00:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-25 10:49 - 2014-10-25 10:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-10-25 10:26 - 2014-10-25 10:26 - 00001282 _____ () C:\Users\Katharina\Desktop\Revo Uninstaller.lnk
2014-10-25 10:26 - 2014-10-25 10:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-25 10:23 - 2014-10-25 10:25 - 00000000 ____D () C:\Users\Katharina\Desktop\Neuer Ordner
2014-10-25 10:14 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-25 10:14 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-25 10:14 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-25 10:14 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-25 10:14 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-25 10:14 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-25 10:14 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-25 10:13 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-25 10:13 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-25 09:59 - 2014-10-25 12:20 - 00000000 ____D () C:\AdwCleaner
2014-10-25 09:58 - 2014-10-25 12:14 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-25 09:58 - 2014-10-25 09:58 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-25 09:58 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-25 09:58 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-25 09:58 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-25 09:48 - 2014-10-25 12:47 - 00000000 ____D () C:\FRST
2014-10-25 09:47 - 2014-10-25 12:47 - 02112512 _____ (Farbar) C:\Users\Katharina\Desktop\FRST64.exe
2014-10-25 09:47 - 2014-10-25 09:48 - 00000000 ____D () C:\Users\Katharina\Desktop\erste hilfe 2
2014-10-25 09:46 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-25 09:46 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-25 09:46 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-25 09:46 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-25 09:46 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-25 09:45 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-25 09:45 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-25 09:44 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-25 09:44 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-25 09:43 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-25 09:43 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-25 09:43 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-25 09:43 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-25 09:43 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-25 09:43 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-25 09:43 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-25 09:43 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-25 09:43 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-25 09:43 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-25 09:43 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-25 09:43 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-25 09:43 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-25 09:43 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-25 09:43 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-25 09:43 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-25 09:43 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-25 09:43 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-25 09:43 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 09:43 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-25 09:43 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-25 09:43 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-25 09:43 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 09:43 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-25 09:43 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-25 09:43 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-25 09:43 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-25 09:43 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-25 09:43 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-25 09:43 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-25 09:43 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-25 09:43 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-25 09:43 - 2014-08-01 01:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-25 09:43 - 2014-07-10 06:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-25 09:42 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-25 09:42 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-25 09:42 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-25 09:42 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-25 09:42 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-25 09:42 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-25 09:42 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-25 09:42 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-25 09:42 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-25 09:42 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-25 09:42 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-25 09:42 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-25 09:42 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-25 09:42 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-25 09:42 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-25 09:42 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-25 09:42 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-25 09:42 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-25 09:42 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-25 09:42 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-25 09:42 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-25 09:42 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-25 09:42 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-25 09:42 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-25 09:42 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-25 09:42 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-25 09:42 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-25 09:42 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-25 09:42 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-25 09:42 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-25 09:41 - 2014-10-10 00:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-25 09:41 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-25 09:41 - 2014-09-19 03:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-25 09:41 - 2014-09-05 04:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-25 09:41 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-25 09:41 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-25 09:41 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-25 09:41 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-25 09:41 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-25 09:41 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-25 09:41 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-25 09:41 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-25 09:40 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-24 21:06 - 2014-10-24 21:06 - 00011633 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264153.torrent
2014-10-24 20:57 - 2014-10-24 20:57 - 00015409 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264305.torrent
2014-10-24 20:55 - 2014-10-24 20:55 - 00014485 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id553857.torrent
2014-10-24 19:03 - 2014-10-25 11:08 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-10-24 19:02 - 2014-10-25 11:05 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-23 11:19 - 2014-10-23 11:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-23 10:49 - 2014-10-25 08:25 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 10:49 - 2014-10-23 10:49 - 00000000 __SHD () C:\Recovery
2014-10-23 10:48 - 2014-10-23 10:48 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00000000 ____D () C:\Windows.old
2014-10-23 10:47 - 2014-10-23 10:47 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-23 10:47 - 2014-10-23 10:47 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-23 10:47 - 2014-10-23 10:47 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-23 10:46 - 2014-10-23 10:46 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-23 10:44 - 2014-10-23 10:44 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\inetpub
2014-10-23 10:40 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:23 - 2014-10-23 10:23 - 00001452 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-23 10:23 - 2014-10-23 10:23 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-10-23 10:17 - 2014-10-25 10:48 - 01189066 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-10-23 10:16 - 2014-10-23 10:16 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-23 10:07 - 2014-10-23 10:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-10-23 10:02 - 2014-10-23 10:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-23 10:01 - 2014-10-23 10:23 - 00000000 ____D () C:\Users\Katharina
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-10-23 09:55 - 2014-10-23 10:02 - 00012096 _____ () C:\WINDOWS\iis.log
2014-10-23 09:55 - 2014-10-23 09:55 - 01914374 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-23 09:52 - 2014-10-23 09:52 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\Realtek
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-10-23 08:54 - 2014-10-23 10:16 - 00006678 _____ () C:\WINDOWS\comsetup.log
2014-10-18 16:01 - 2014-06-24 09:35 - 00010450 _____ () C:\WINDOWS\system32\autoconfig.cab
2014-10-18 15:12 - 2014-10-18 15:12 - 00000000 ____D () C:\sources
2014-10-17 13:05 - 2014-10-17 13:05 - 00021532 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1159792.torrent
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56277235.txt
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56271198.txt
2014-10-17 12:55 - 2014-10-17 12:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56190140.txt
2014-10-17 12:52 - 2014-10-17 12:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56010832.txt
2014-10-17 01:11 - 2014-10-17 01:11 - 00000000 ____D () C:\ProgramData\Recovery
2014-10-16 21:14 - 2014-10-16 21:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 21:13 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 20:38 - 2014-10-16 20:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-50575.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-49951.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-48937.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-59732.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000136 _____ () C:\WINDOWS\system32\netcfg-53586.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000134 _____ () C:\WINDOWS\system32\netcfg-51698.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000128 _____ () C:\WINDOWS\system32\netcfg-60434.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-69841.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-69264.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-68016.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-76487.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-666093.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-665781.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-516300.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-513633.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-487783.txt
2014-10-16 19:44 - 2014-10-16 19:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-485053.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-363217.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-360112.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-358365.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-357367.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-352421.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-79420.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-78764.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-77563.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-89029.txt
2014-10-16 19:26 - 2014-10-16 19:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6208574.txt
2014-10-16 19:16 - 2014-10-16 19:16 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-10-16 19:09 - 2014-10-24 21:28 - 00000000 ____D () C:\Users\Katharina\Desktop\Kinozal
2014-10-16 17:54 - 2014-10-16 17:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Hewlett-Packard
2014-10-16 17:45 - 2014-10-16 17:57 - 00000000 ____D () C:\Users\Katharina\Downloads\Top 25 Country Songs of Faith (2014) MP3
2014-10-16 17:30 - 2014-10-16 17:30 - 00020545 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1263336.torrent
2014-10-16 17:27 - 2014-10-16 17:27 - 00000905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-16 17:27 - 2014-10-16 17:27 - 00000881 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-10-16 17:26 - 2014-10-25 12:08 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\uTorrent
2014-10-16 17:24 - 2014-10-24 20:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\tor
2014-10-16 17:16 - 2014-10-23 10:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-16 17:16 - 2014-10-16 17:16 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-10-16 17:15 - 2014-10-16 17:15 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-10-16 17:12 - 2014-10-16 17:12 - 00000000 ____D () C:\Users\Katharina\Desktop\OpenOffice 4.1.1 (de) Installation Files
2014-10-16 17:09 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-10-16 17:09 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-10-16 17:08 - 2014-10-16 17:08 - 164858324 _____ () C:\Users\Katharina\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-10-16 17:03 - 2014-10-25 12:39 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Skype
2014-10-16 17:03 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 17:02 - 2014-10-16 17:02 - 01677920 _____ (Skype Technologies S.A.) C:\Users\Katharina\Downloads\SkypeSetup.exe
2014-10-16 16:24 - 2014-10-16 16:24 - 00000088 _____ () C:\WINDOWS\system32\netcfg-3215726.txt
2014-10-16 16:23 - 2014-10-16 16:23 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3206241.txt
2014-10-16 16:15 - 2014-10-23 10:14 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 16:15 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 16:14 - 2014-10-25 12:19 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:14 - 2014-10-25 10:52 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Google
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-16 16:14 - 2014-10-16 16:14 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-16 16:14 - 2014-10-16 16:14 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 16:13 - 2014-10-16 16:13 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Apps\2.0
2014-10-16 15:53 - 2014-10-16 15:53 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-10-16 15:50 - 2013-06-14 19:08 - 01045072 _____ (BitTorrent Inc.) C:\Users\Katharina\Desktop\utorrent.exe
2014-10-16 15:50 - 2011-02-25 00:05 - 02180096 _____ () C:\Users\Katharina\Desktop\tor.exe
2014-10-16 15:47 - 2014-10-25 12:35 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-702799559-3439042313-1217037743-1001
2014-10-16 15:46 - 2014-10-16 15:46 - 00000000 ____D () C:\Users\Katharina\Desktop\mama
2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\ATI
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Local\ATI
2014-10-16 15:41 - 2014-10-16 15:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-16 15:40 - 2014-10-23 10:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-10-16 15:40 - 2013-04-13 07:27 - 00002227 _____ () C:\Users\Public\Desktop\Snapfish Fotos.lnk
2014-10-16 15:38 - 2014-10-17 13:52 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Hewlett-Packard
2014-10-16 15:38 - 2014-10-16 15:38 - 00000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-10-16 15:37 - 2014-10-25 10:52 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Power2Go8
2014-10-16 15:36 - 2014-10-23 09:31 - 01525485 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-16 15:36 - 2013-04-13 06:40 - 00000000 ___HD () C:\Users\Katharina\Documents\hp.system.package.metadata
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-326042.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-322906.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-316338.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283703.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283516.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-280271.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-279226.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275528.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275372.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-274468.txt
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Dokumente und Einstellungen

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-25 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-25 10:58 - 2014-09-24 08:17 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-25 10:58 - 2014-09-24 07:43 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-25 10:58 - 2014-09-24 07:43 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-25 10:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-25 10:52 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-25 10:49 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-25 10:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-25 10:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-25 10:48 - 2014-09-23 23:06 - 00419730 _____ () C:\WINDOWS\PFRO.log
2014-10-25 10:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-25 10:48 - 2013-04-13 07:30 - 00000000 ____D () C:\ProgramData\Norton
2014-10-25 10:48 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-25 10:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-25 10:29 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-25 09:47 - 2013-08-22 16:46 - 00292174 _____ () C:\WINDOWS\setupact.log
2014-10-24 19:02 - 2013-04-13 06:43 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-24 19:02 - 2013-04-13 06:40 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-23 11:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-23 10:48 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-23 10:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-23 10:41 - 2013-08-22 13:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-10-23 10:41 - 2013-08-22 13:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-10-23 10:41 - 2013-08-22 13:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 12:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-10-23 10:41 - 2013-08-22 05:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-10-23 10:41 - 2013-08-22 05:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-10-23 10:41 - 2013-08-22 05:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 04:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-10-23 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 10:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-23 10:17 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-10-23 10:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-23 10:10 - 2013-08-22 16:44 - 00377408 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-23 10:09 - 2013-04-13 07:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-10-23 10:09 - 2013-04-13 07:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-10-23 10:09 - 2013-04-13 06:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-23 10:07 - 2013-08-22 17:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-23 10:07 - 2013-04-13 06:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-23 10:07 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-23 10:06 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-23 10:06 - 2012-08-10 17:06 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-23 10:05 - 2013-04-13 06:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-10-23 10:05 - 2013-04-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-10-23 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-23 09:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-23 08:49 - 2014-09-24 17:19 - 00000000 ___HD () C:\$Windows.~BT
2014-10-23 08:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-16 15:40 - 2013-04-13 07:27 - 00000000 ___RD () C:\Program Files\Online Services
2014-10-16 15:40 - 2013-04-13 06:55 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-10-16 15:40 - 2012-12-03 19:57 - 00000000 _RSHD () C:\hp
2014-10-16 15:40 - 2012-10-12 05:24 - 00000000 ____D () C:\SWSETUP
2014-10-16 15:40 - 2012-10-12 05:21 - 00000000 _RSHD () C:\SYSTEM.SAV

Some content of TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-23 09:50

==================== End Of Log ============================
         
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-10-2014
Ran by Katharina at 2014-10-25 12:52:00
Running from C:\Users\Katharina\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29677 - BitTorrent Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{069BB058-4ED8-D4FC-CA8D-9B44344E8338}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5630 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4605 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.7.4605 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

23-10-2014 09:18:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
25-10-2014 08:27:31 Revo Uninstaller's restore point - Norton Internet Security

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {025FA17A-3460-4390-928E-CA99E27F8462} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1A79384A-5E3C-4D63-B40E-260059B0BEEB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {302DB300-7136-4FC0-8182-C41205F89CDD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D0E6EEE-FE26-4CF2-9F34-4B013DE165FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D3CE21F-A31B-4A60-9CC6-8D69E7067F4D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {50F5C122-831C-4B7D-AEAD-F52A776322AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {61FAF8BC-AD04-4419-B99B-4A057F43EAA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AE3D893-F562-4D35-867D-64E033EA04FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {6B049B28-BEB3-4D06-A582-838FFC44CFD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77BF4E9F-9F08-406E-845D-BD362148A6F6} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {80BFB5FE-82F5-4AC4-BF04-90D1EE7BAEBE} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA92F3D7-61AE-48B7-B473-6355CE8CE948} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-25] (AVAST Software)
Task: {B2D1A9F9-6572-41F2-85C6-90C141D67E01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C8E9F645-8C5E-44CC-ABB3-FFFAFEEEC078} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D420007B-EC18-4DC3-ABFA-54BB1BC6B844} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB30CB6B-8CBD-437D-8961-63EE0FDDB8A1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FE551AA5-05F0-4767-95CE-44B986671F13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-10-12 18:22 - 2012-10-12 18:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-10-23 10:24 - 2014-10-23 10:24 - 00120224 _____ () C:\Users\Katharina\AppData\Local\assembly\dl3\3ZDAHY8O.NYV\9D19EPBL.HEK\0e9880cb\004b58b8_95a8cd01\HPItunesModule.DLL
2013-04-13 07:05 - 2012-06-08 05:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-25 11:03 - 2014-10-25 11:03 - 02896896 _____ () C:\Program Files\AVAST Software\Avast\defs\14102401\algo.dll
2014-10-25 11:01 - 2014-10-25 11:01 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-16 16:15 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-702799559-3439042313-1217037743-500 - Administrator - Disabled)
Gast (S-1-5-21-702799559-3439042313-1217037743-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-702799559-3439042313-1217037743-1005 - Limited - Enabled)
Katharina (S-1-5-21-702799559-3439042313-1217037743-1001 - Administrator - Enabled) => C:\Users\Katharina

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 28%
Total physical RAM: 5715.87 MB
Available physical RAM: 4089.99 MB
Total Pagefile: 6115.87 MB
Available Pagefile: 4374.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.02 GB) (Free:781.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.58 GB) (Free:1.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70FCAD0D)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---

Geändert von Akusmin (25.10.2014 um 11:47 Uhr)

Alt 25.10.2014, 11:54   #8
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam



Servus,


dann nochmal FRST bitte.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 25.10.2014, 11:56   #9
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



schon da, oben

Alt 25.10.2014, 12:00   #10
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam



Servus,



also Malware sehe ich bisher keine, wird wahrscheinlich was anderes sein.



Wir kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern.
Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg.




Schritt 1
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    ATTFilter
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
             
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).




Schritt 2
Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.






Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset






Schritt 4
Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von Zoek,
  • die Logdatei von EEK,
  • die Logdatei von ESET,
  • die Logdatei von SecurityCheck.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 25.10.2014, 12:09   #11
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



Code:
ATTFilter
Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Katharina on 25.10.2014 at 13:03:01,22.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Katharina\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

25.10.2014 13:05:05 Zoek.exe System Restore Point Created Succesfully.

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://g.uk.msn.com/HPDSK13/4"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} Amazon Suchvorschl„ge Url="hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4"

==== Reset Google Chrome ======================

C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 25.10.2014 at 13:06:26,05 ======================
         

Alt 25.10.2014, 12:14   #12
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam



ok, fehlen noch die anderen 3 Schritte.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 25.10.2014, 12:44   #13
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



ich muss jetzt weg. lasse die programmen laufen.
melde mich abends.

Alt 25.10.2014, 14:10   #14
M-K-D-B
/// TB-Ausbilder
 
Internet sehr langsam - Standard

Internet sehr langsam



Zitat:
Zitat von Akusmin Beitrag anzeigen
ich muss jetzt weg. lasse die programmen laufen.
melde mich abends.
Alles klar.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 26.10.2014, 12:16   #15
Akusmin
 
Internet sehr langsam - Standard

Internet sehr langsam



Hallo, hier sind die restliche

Code:
ATTFilter
Emsisoft Emergency Kit - Version 9.0
Letztes Update: 25.10.2014 13:16:26
Benutzerkonto: Heim\Katharina

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	25.10.2014 13:17:45
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR 	gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS 	gefunden: Setting.DisableRegistryTools (A)

Gescannt	410274
Gefunden	2

Scan Ende:	25.10.2014 17:10:57
Scan Zeit:	3:53:12

Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS	Gelöscht Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR	Gelöscht Setting.DisableTaskMgr (A)

Gelöscht	2
         

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.89  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome 38.0.2125.104  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5467692026146b4d8d28f33d8992d288
# engine=20774
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-25 10:13:00
# local_time=2014-10-25 12:13:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2687371 39113273 0 0
# scanned=70717
# found=0
# cleaned=0
# scan_time=3988
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5467692026146b4d8d28f33d8992d288
# engine=20777
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-25 06:30:19
# local_time=2014-10-25 08:30:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 34136 34278 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2717210 39143112 0 0
# scanned=348562
# found=7
# cleaned=0
# scan_time=11562
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe"
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\utorrent.exe"
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\AppData\Roaming\uTorrent\uTorrent.exe"
sh=BEAB71118A6D378F78DB2FE16E25172D8D187100 ft=1 fh=8b19bd67e1cb7d43 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\Downloads\avira_free_antivirus884_de.exe"
sh=D8A2FC234CD6C6E2568F17782DB48666FD4E38D6 ft=1 fh=844b0ef62a202621 vn="Variante von Win32/InstallCore.QB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\Downloads\FileOpenerSetup.exe"
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\Downloads\utorrent.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="${Memory}"
         

Antwort

Themen zu Internet sehr langsam
avast, bonjour, branding, converter, defender, fehlercode 0xc000000d, helper, home, installation, internet, msiexec.exe, registry, security, services.exe, setting.disableregistrytools, setting.disabletaskmgr, starten, svchost.exe, symantec, system, win32/bundled.toolbar.ask.d, win32/installcore.qb, windows



Ähnliche Themen: Internet sehr langsam


  1. Nach Download läuft alles sehr sehr langsam, Internet funktioniert nicht, Programme lassen sich nicht deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 02.09.2015 (3)
  2. Internet ist sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 29.12.2013 (9)
  3. Pc sehr langsam im Internet
    Plagegeister aller Art und deren Bekämpfung - 10.06.2013 (7)
  4. Internet ist sehr langsam
    Log-Analyse und Auswertung - 04.04.2012 (4)
  5. Internet ist sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  6. Internet sehr langsam
    Netzwerk und Hardware - 17.04.2011 (1)
  7. Internet sehr langsam
    Log-Analyse und Auswertung - 30.11.2009 (4)
  8. PC+ Internet sehr langsam
    Log-Analyse und Auswertung - 28.10.2009 (1)
  9. Internet und PC sehr langsam
    Log-Analyse und Auswertung - 22.01.2009 (1)
  10. Internet sehr sehr langsam
    Mülltonne - 03.12.2008 (0)
  11. Internet sehr langsam
    Log-Analyse und Auswertung - 18.11.2008 (12)
  12. Internet sehr langsam
    Log-Analyse und Auswertung - 10.06.2008 (4)
  13. Internet sehr langsam
    Mülltonne - 09.04.2008 (0)
  14. Internet ist sehr langsam!!
    Log-Analyse und Auswertung - 23.03.2008 (2)
  15. Internet sehr langsam!!
    Log-Analyse und Auswertung - 14.03.2008 (2)
  16. Internet sehr langsam
    Log-Analyse und Auswertung - 05.07.2007 (1)
  17. Internet sehr sehr langsam..-> log
    Log-Analyse und Auswertung - 05.04.2005 (1)

Zum Thema Internet sehr langsam - Hallo, mein Internet ist manchmal ziemlcih langsam. Es werden nichtmal die Youtube Videos geladen. Ich habe eine 16k Leitung. Hoffe ihr könnt mir helfen Danke shconmal im vorraus. Code: Alles - Internet sehr langsam...
Archiv
Du betrachtest: Internet sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.