Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Win 8: Probleme mit Installationen und sehr langsam

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 27.11.2014, 18:04   #1
Feline
 
Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Hallo,

leider hab ich seit ein paar Tagen Probleme mit meinem Netbook.

Ich hab blöderweise mit den Updates für G-Data, Adobe Reader und Java geschlampt und als ich sie dann letzte Woche endlich mal installieren wollte, ging es einfach nicht. Also auf Installieren geklickt, aber es ist nichts passiert.
Heute beim erneuten Versuch hat es dann auf einmal wieder funktioniert, aber das Netbook ist teilweise sehr langsam und der Lüfter dreht immer so hoch.

Jedenfalls hab ich jetzt ein ganz blödes Gefühl, zumal ich auch meinen Bankkram hier rüber abwickele. Kann sich das bitte mal jemand anschauen?

Ich hab erstmal die Anweisungen aus dem "Für alle Hilfesuchenden"-Thread befolgt und hänge die Logs mal hier an.


Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 17:42 on 27/11/2014 (Désirée)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
         

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Désirée (administrator) on FELICA on 27-11-2014 17:43:07
Running from C:\Users\Désirée\Desktop
Loaded Profile: Désirée (Available profiles: Désirée)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Opera Software) C:\Program Files (x86)\Opera\opera.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Phishing - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\{bae4e2d9-a9ac-4f2c-a844-ff576912bcef} [2014-03-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R3 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R3 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2683760 2014-05-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-11-27] (G Data Software AG)
S3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-11-27] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-11-27] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-11-27] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2014-11-27] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-07-13] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-11-27] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [13696 2012-09-17] (ASUSTek Computer Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-12-12] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-27 17:43 - 2014-11-27 17:43 - 00013215 _____ () C:\Users\Désirée\Desktop\FRST.txt
2014-11-27 17:42 - 2014-11-27 17:43 - 00000000 ____D () C:\FRST
2014-11-27 17:42 - 2014-11-27 17:42 - 02117632 _____ (Farbar) C:\Users\Désirée\Desktop\FRST64.exe
2014-11-27 17:42 - 2014-11-27 17:42 - 00000476 _____ () C:\Users\Désirée\Desktop\defogger_disable.log
2014-11-27 17:42 - 2014-11-27 17:42 - 00000000 _____ () C:\Users\Désirée\defogger_reenable
2014-11-27 17:39 - 2014-11-27 17:39 - 00050477 _____ () C:\Users\Désirée\Desktop\Defogger.exe
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieUserList
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieSiteList
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieBrowserModeList
2014-11-27 16:18 - 2014-11-27 16:18 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2014-11-27 16:18 - 2014-11-27 16:18 - 00002000 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2014-11-27 16:18 - 2014-11-27 16:18 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2014-11-27 16:18 - 2014-11-27 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2014-11-27 14:47 - 2014-11-27 14:47 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-27 14:47 - 2014-11-27 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-27 14:47 - 2014-11-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-19 18:10 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-19 18:10 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-19 18:10 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-19 18:10 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-19 18:10 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-19 18:10 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-19 18:10 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-19 18:10 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-19 18:10 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-19 18:10 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-19 18:10 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-19 18:10 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-19 18:10 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-19 18:10 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-19 18:10 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-19 18:10 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-19 18:10 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-19 18:10 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-19 18:09 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-19 18:09 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-19 18:09 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-19 18:09 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-19 18:09 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-19 18:09 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-19 18:09 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-19 18:09 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-19 18:09 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-19 18:09 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-19 18:09 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-19 18:09 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-19 18:09 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-19 18:09 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-19 18:09 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-19 18:08 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-19 18:08 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-19 18:08 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-19 18:08 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-19 18:08 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-19 18:08 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-19 18:08 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-19 18:08 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-19 18:08 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-19 18:08 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-19 18:07 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-19 18:05 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-19 18:05 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-19 18:04 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-19 18:04 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-19 18:04 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-19 18:04 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-19 18:04 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-19 18:04 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-19 18:04 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-19 18:04 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-19 18:04 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-19 18:04 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-19 18:04 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-19 18:04 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-19 18:04 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-19 18:04 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-19 18:04 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-19 18:04 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-19 18:04 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-19 18:04 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-19 18:04 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-19 18:04 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-19 18:04 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-19 18:04 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-19 18:04 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-19 18:04 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-19 18:04 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-19 18:04 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-19 18:04 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-19 18:04 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-19 18:04 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-19 18:04 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-19 18:04 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-19 18:04 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-19 18:04 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-19 18:04 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-19 18:04 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-19 18:04 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-19 18:04 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-19 18:04 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-19 18:04 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-19 18:04 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-19 18:04 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-19 18:04 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-19 18:04 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-19 18:04 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-19 18:04 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-19 18:04 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-19 18:04 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-19 18:04 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-19 18:04 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-19 18:04 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-19 18:04 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-19 18:04 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-19 18:04 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-19 18:04 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-19 18:04 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-19 18:04 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-19 18:04 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-19 18:04 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-19 18:04 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-19 18:04 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-19 18:04 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-19 18:04 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-19 18:04 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-19 18:04 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-19 18:03 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-19 18:03 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-19 18:03 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-19 18:03 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-19 18:03 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-19 18:03 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-19 18:03 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-19 18:03 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-19 18:03 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-19 18:03 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-19 18:03 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-19 18:03 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-19 18:03 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-19 18:03 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-19 18:03 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-19 18:03 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-19 18:03 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-19 18:03 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-19 18:03 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-19 18:03 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-19 18:03 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-19 18:02 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 18:02 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 18:02 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 18:02 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 18:02 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-19 18:02 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-19 18:02 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-19 18:02 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-19 18:02 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-19 18:02 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-19 18:02 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-19 18:02 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-19 18:02 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-19 18:02 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-19 18:02 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-19 18:02 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-19 18:02 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-19 18:02 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-19 18:02 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-19 18:02 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-19 18:02 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-19 18:02 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-19 18:02 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-19 18:02 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-19 18:02 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-19 18:02 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-19 18:02 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-19 18:02 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-19 18:02 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-19 18:02 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-19 18:02 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-19 18:02 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-19 18:02 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-19 18:02 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-19 18:02 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-19 18:02 - 2014-08-31 01:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-19 18:02 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-19 18:02 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-19 18:02 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-19 18:02 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-19 18:02 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-19 18:02 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-19 18:02 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-19 18:02 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-19 18:02 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-19 18:02 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-19 18:02 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-19 18:02 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-19 18:02 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-19 18:02 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-19 18:02 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-08 09:07 - 2014-11-08 09:07 - 00003472 _____ () C:\Users\Désirée\AppData\Local\recently-used.xbel

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-27 17:42 - 2014-02-06 16:10 - 00000000 ____D () C:\Users\Désirée
2014-11-27 17:41 - 2013-01-06 04:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2274478751-3046789010-2582509646-1001
2014-11-27 17:38 - 2013-09-05 09:22 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\FileZilla
2014-11-27 17:36 - 2013-09-05 09:22 - 00002018 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-11-27 17:36 - 2013-09-05 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-27 17:36 - 2013-09-05 09:22 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-27 17:27 - 2014-02-06 16:28 - 01796665 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-27 17:06 - 2013-08-19 20:11 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-27 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-27 16:39 - 2013-03-31 15:29 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-11-27 16:39 - 2013-01-06 23:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-27 16:18 - 2013-08-22 15:46 - 00292179 _____ () C:\WINDOWS\setupact.log
2014-11-27 16:18 - 2013-01-06 22:38 - 00142336 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00068608 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00064000 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00061440 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00055808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-11-27 16:18 - 2013-01-06 22:37 - 00000000 ____D () C:\ProgramData\G DATA
2014-11-27 16:17 - 2012-11-30 09:22 - 00040408 _____ () C:\WINDOWS\DPINST.LOG
2014-11-27 14:47 - 2014-02-20 10:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-27 14:40 - 2013-08-19 20:11 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-27 14:40 - 2013-08-19 20:11 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-27 14:40 - 2012-11-30 09:32 - 00003052 _____ () C:\WINDOWS\System32\Tasks\ASUS P4G
2014-11-27 14:40 - 2012-11-30 09:30 - 00003024 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2014-11-27 14:40 - 2012-11-30 09:29 - 00003114 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update
2014-11-27 14:39 - 2013-01-06 04:21 - 00000401 _____ () C:\Users\Désirée\AppData\Roaming\sp_data.sys
2014-11-26 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-26 17:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-26 17:42 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 17:20 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-26 17:20 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-26 17:20 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-24 07:41 - 2012-11-30 10:12 - 00002991 _____ () C:\WINDOWS\system32\ServiceFilter.ini
2014-11-24 07:39 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-24 07:39 - 2013-08-22 15:44 - 00510968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-23 22:10 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-23 20:55 - 2013-07-13 15:30 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Opera Software
2014-11-23 20:55 - 2013-07-13 15:30 - 00000000 ____D () C:\Users\Désirée\AppData\Local\Opera Software
2014-11-23 16:05 - 2014-10-16 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-23 14:58 - 2013-01-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-23 14:47 - 2013-09-11 20:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-23 14:42 - 2013-01-07 12:58 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-22 11:32 - 2013-01-18 20:28 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\vlc
2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 22:01 - 2013-08-19 20:11 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 12:48 - 2013-05-28 20:47 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Skype
2014-11-08 20:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-08 09:09 - 2013-07-12 12:30 - 00000000 ____D () C:\Users\Désirée\.gimp-2.8
2014-11-08 09:07 - 2013-07-12 12:41 - 00000000 ____D () C:\Users\Désirée\AppData\Local\gtk-2.0
2014-11-08 08:26 - 2013-11-13 23:18 - 00010828 _____ () C:\WINDOWS\PFRO.log

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Désirée\AppData\Local\Temp\eauninstall.exe
C:\Users\Désirée\AppData\Local\Temp\GLB1A2B.EXE
C:\Users\Désirée\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Désirée\AppData\Local\Temp\The Sims 2_uninst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-26 17:35

==================== End Of Log ============================
         


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Désirée at 2014-11-27 17:45:16
Running from C:\Users\Désirée\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity 2014 (Disabled - Up to date) {39B780B4-63C2-05B0-3B40-8F7A21E4F496}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G Data InternetSecurity 2014 (Disabled - Up to date) {82D66150-45F8-0A3E-01F0-B4085A63BE2B}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
FW: G Data Personal Firewall (Disabled) {018C0191-29AD-04E8-101F-264FDF37B3ED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.1 - ASUS)
ASUS Product Demo Movie  (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.3 - G DATA Software AG)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6754 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

06-11-2014 19:49:33 Geplanter Prüfpunkt
23-11-2014 13:39:51 Windows Update
26-11-2014 16:35:33 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A677E1D-1161-4E69-99ED-C2F529368CB2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {0DF96126-12FE-44DB-BA82-9B6806C7B8FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1EBBCFB0-EE71-4B50-8D13-EF6E2AE2FF90} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3F66D249-4BD3-4D25-B319-3E935EC059F4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-23] (Microsoft Corporation)
Task: {98AFFFE1-8277-47A3-9C89-B2C74617FA63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {D9FA70F8-A179-4611-8767-B9995832321B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {DA12C581-7FE6-45C7-A973-BF50AAB073AD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {DBDB9779-A45D-4626-952A-EFD1D2EE149C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {EF424FF7-A632-4FA9-ABC3-4753005AC4B9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-09-17] (ASUS)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2012-09-17 16:05 - 2012-09-17 16:05 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-09-17 16:05 - 2012-09-17 16:05 - 00028544 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-30 09:20 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-12 23:36 - 2013-12-12 23:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00835584 _____ () C:\Program Files (x86)\Opera\gstreamer\gstreamer.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00093696 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioconvert.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00094208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstaudioresample.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00057344 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstautodetect.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00096256 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstcoreplugins.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00062976 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdecodebin2.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00067072 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstdirectsound.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00158208 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstffmpegcolorspace.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00312832 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstoggdec.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00038912 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwaveform.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00073728 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwavparse.dll
2013-07-13 17:27 - 2014-11-23 20:52 - 00101888 _____ () C:\Program Files (x86)\Opera\gstreamer\plugins\gstwebmdec.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2011-02-18 10:04 - 2011-02-18 10:04 - 00196448 _____ () C:\Program Files (x86)\Microsoft Office\Office14\IEAWSDC.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUSQuickGesture(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
MSCONFIG\startupreg: ASUSQuickGesture(x86) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
MSCONFIG\startupreg: ASUSTPLoader(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: G Data AntiVirus Tray => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: G Data AntiVirus Tray Application => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
MSCONFIG\startupreg: PowerSkin => c:\windows\temp\PowerSkin\PowerSkin.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2274478751-3046789010-2582509646-500 - Administrator - Disabled)
Désirée (S-1-5-21-2274478751-3046789010-2582509646-1001 - Administrator - Enabled) => C:\Users\Désirée
Gast (S-1-5-21-2274478751-3046789010-2582509646-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/26/2014 05:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKTray.exe, Version: 24.0.13081.244, Zeitstempel: 0x514bca2d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x1268
Startzeit der fehlerhaften Anwendung: 0xAVKTray.exe0
Pfad der fehlerhaften Anwendung: AVKTray.exe1
Pfad des fehlerhaften Moduls: AVKTray.exe2
Berichtskennung: AVKTray.exe3
Vollständiger Name des fehlerhaften Pakets: AVKTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKTray.exe5

Error: (11/26/2014 05:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKTray.exe, Version: 24.0.13081.244, Zeitstempel: 0x514bca2d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0x904
Startzeit der fehlerhaften Anwendung: 0xAVKTray.exe0
Pfad der fehlerhaften Anwendung: AVKTray.exe1
Pfad des fehlerhaften Moduls: AVKTray.exe2
Berichtskennung: AVKTray.exe3
Vollständiger Name des fehlerhaften Pakets: AVKTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKTray.exe5

Error: (11/26/2014 05:18:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 207250156

Error: (11/26/2014 05:18:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 207250156

Error: (11/26/2014 05:18:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/22/2014 11:28:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 85895469

Error: (11/22/2014 11:28:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 85895469

Error: (11/22/2014 11:28:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/16/2014 05:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKTray.exe, Version: 24.0.13081.244, Zeitstempel: 0x514bca2d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.3.9600.17278, Zeitstempel: 0x53eeb4a3
Ausnahmecode: 0xc0000142
Fehleroffset: 0x00098f05
ID des fehlerhaften Prozesses: 0xa1c
Startzeit der fehlerhaften Anwendung: 0xAVKTray.exe0
Pfad der fehlerhaften Anwendung: AVKTray.exe1
Pfad des fehlerhaften Moduls: AVKTray.exe2
Berichtskennung: AVKTray.exe3
Vollständiger Name des fehlerhaften Pakets: AVKTray.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKTray.exe5

Error: (11/16/2014 05:23:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20622515


System errors:
=============
Error: (11/27/2014 02:51:44 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/26/2014 09:20:30 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x7800000002b041. Der Name der Datei ist "\Windows\WinSxS".

Error: (11/26/2014 09:20:30 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x3000000048cbc. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>".

Error: (11/26/2014 09:19:56 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x4000000024bf5. Der Name der Datei ist "\Windows\System32\DriverStore\FileRepository\1394.inf_amd64_ab3552a66c5b80fd". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".

Error: (11/26/2014 09:19:41 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x35000000024344. Der Name der Datei ist "\Windows\System32\config". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".

Error: (11/26/2014 07:21:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/26/2014 06:29:58 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (11/26/2014 06:19:07 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/26/2014 05:36:08 PM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/26/2014 05:35:38 PM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (11/26/2014 05:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKTray.exe24.0.13081.244514bca2dKERNELBASE.dll6.3.9600.1727853eeb4a3c000014200098f05126801d00994cb545302C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exeKERNELBASE.dll0920c921-7588-11e4-befb-08606e50ab28

Error: (11/26/2014 05:19:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKTray.exe24.0.13081.244514bca2dKERNELBASE.dll6.3.9600.1727853eeb4a3c000014200098f0590401d00994c99cee20C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exeKERNELBASE.dll08d85661-7588-11e4-befb-08606e50ab28

Error: (11/26/2014 05:18:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 207250156

Error: (11/26/2014 05:18:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 207250156

Error: (11/26/2014 05:18:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/22/2014 11:28:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 85895469

Error: (11/22/2014 11:28:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 85895469

Error: (11/22/2014 11:28:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/16/2014 05:24:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKTray.exe24.0.13081.244514bca2dKERNELBASE.dll6.3.9600.1727853eeb4a3c000014200098f05a1c01d001b9d653e41fC:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exeKERNELBASE.dll1477b06e-6dad-11e4-befa-08606e50ab28

Error: (11/16/2014 05:23:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20622515


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 847 @ 1.10GHz
Percentage of memory in use: 38%
Total physical RAM: 3979.62 MB
Available physical RAM: 2447.49 MB
Total Pagefile: 4683.62 MB
Available Pagefile: 2608.74 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:134.34 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:241.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B)

Partition: GPT Partition Type.

==================== End Of Log ============================
         


Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-11-27 17:52:32
Windows 6.2.9200  x64 \Device\Harddisk0\DR0 -> \Device\0000002e ST500LT012-9WS142 rev.0001SDM1 465,76GB
Running: 699loxvp.exe; Driver: C:\Users\DSIRE~1\AppData\Local\Temp\pwldypod.sys


---- Kernel code sections - GMER 2.1 ----

.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                             fffff960000e1200 15 bytes [00, 28, F6, 01, 80, 1C, 6C, ...]
.text   C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                                        fffff960000e1210 11 bytes [00, 0E, FC, FF, 00, 05, C4, ...]

---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe[568] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506  00007ffa2843169a 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe[568] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514  00007ffa284316a2 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe[568] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118     00007ffa2843181a 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe[568] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142     00007ffa28431832 4 bytes [43, 28, FA, 7F]
.text   C:\WINDOWS\system32\igfxpers.exe[4352] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                               00007ffa2843169a 4 bytes [43, 28, FA, 7F]
.text   C:\WINDOWS\system32\igfxpers.exe[4352] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                               00007ffa284316a2 4 bytes [43, 28, FA, 7F]
.text   C:\WINDOWS\system32\igfxpers.exe[4352] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                  00007ffa2843181a 4 bytes [43, 28, FA, 7F]
.text   C:\WINDOWS\system32\igfxpers.exe[4352] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                  00007ffa28431832 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe[3180] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506              00007ffa2843169a 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe[3180] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514              00007ffa284316a2 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe[3180] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                 00007ffa2843181a 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe[3180] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                 00007ffa28431832 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe[1328] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506         00007ffa2843169a 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe[1328] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514         00007ffa284316a2 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe[1328] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118            00007ffa2843181a 4 bytes [43, 28, FA, 7F]
.text   C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe[1328] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142            00007ffa28431832 4 bytes [43, 28, FA, 7F]

---- Threads - GMER 2.1 ----

Thread  C:\WINDOWS\system32\csrss.exe [6124:5604]                                                                                                   fffff960009bcb90

---- Disk sectors - GMER 2.1 ----

Disk    \Device\Harddisk0\DR0                                                                                                                       unknown MBR code

---- EOF - GMER 2.1 ----
         

Alt 27.11.2014, 18:51   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________

__________________

Alt 27.11.2014, 19:09   #3
Feline
 
Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Hallo schrauber,

vielen Dank für deine Hilfe.
Hier das Logfile:


Code:
ATTFilter
19:04:30.0543 0x0ecc  TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
19:04:30.0543 0x0ecc  UEFI system
19:04:35.0536 0x0ecc  ============================================================
19:04:35.0536 0x0ecc  Current date / time: 2014/11/27 19:04:35.0536
19:04:35.0536 0x0ecc  SystemInfo:
19:04:35.0536 0x0ecc  
19:04:35.0536 0x0ecc  OS Version: 6.3.9600 ServicePack: 0.0
19:04:35.0536 0x0ecc  Product type: Workstation
19:04:35.0536 0x0ecc  ComputerName: FELICA
19:04:35.0536 0x0ecc  UserName: Désirée
19:04:35.0536 0x0ecc  Windows directory: C:\WINDOWS
19:04:35.0536 0x0ecc  System windows directory: C:\WINDOWS
19:04:35.0536 0x0ecc  Running under WOW64
19:04:35.0536 0x0ecc  Processor architecture: Intel x64
19:04:35.0536 0x0ecc  Number of processors: 2
19:04:35.0536 0x0ecc  Page size: 0x1000
19:04:35.0536 0x0ecc  Boot type: Normal boot
19:04:35.0536 0x0ecc  ============================================================
19:04:35.0896 0x0ecc  KLMD registered as C:\WINDOWS\system32\drivers\16869126.sys
19:04:39.0106 0x0ecc  System UUID: {9E119F97-091D-7D9D-6D25-DFCD518AA615}
19:04:42.0484 0x0ecc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:04:42.0499 0x0ecc  ============================================================
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0:
19:04:42.0499 0x0ecc  GPT partitions:
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2825BE3C-A830-413A-B913-334F17389C83}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5975917D-3891-4E85-83F2-FC6400BC7ED7}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AA7229B7-5630-4FE3-8774-19B93251FF33}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {89794D6E-B731-4E38-A031-27B0734916FC}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x173ED000
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {18A0E14D-12B4-4B18-B60D-A69CAE2E8AAD}, Name: , StartLBA 0x17685800, BlocksNum 0xAF000
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {52B90836-DC99-4C81-911A-540B85A280FD}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
19:04:42.0499 0x0ecc  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3E8FC2A2-1158-442D-BC49-1EF339F1F09C}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
19:04:42.0499 0x0ecc  MBR partitions:
19:04:42.0499 0x0ecc  ============================================================
19:04:42.0531 0x0ecc  C: <-> \Device\Harddisk0\DR0\Partition4
19:04:42.0562 0x0ecc  D: <-> \Device\Harddisk0\DR0\Partition6
19:04:42.0562 0x0ecc  ============================================================
19:04:42.0562 0x0ecc  Initialize success
19:04:42.0562 0x0ecc  ============================================================
19:05:34.0236 0x1180  ============================================================
19:05:34.0236 0x1180  Scan started
19:05:34.0236 0x1180  Mode: Manual; SigCheck; TDLFS; 
19:05:34.0236 0x1180  ============================================================
19:05:34.0236 0x1180  KSN ping started
19:06:02.0250 0x1180  KSN ping finished: false
19:06:04.0907 0x1180  ================ Scan system memory ========================
19:06:04.0907 0x1180  System memory - ok
19:06:04.0907 0x1180  ================ Scan services =============================
19:06:05.0079 0x1180  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
19:06:05.0220 0x1180  1394ohci - ok
19:06:05.0251 0x1180  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
19:06:05.0282 0x1180  3ware - ok
19:06:05.0345 0x1180  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
19:06:05.0407 0x1180  ACPI - ok
19:06:05.0439 0x1180  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
19:06:05.0470 0x1180  acpiex - ok
19:06:05.0501 0x1180  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
19:06:05.0532 0x1180  acpipagr - ok
19:06:05.0564 0x1180  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
19:06:05.0626 0x1180  AcpiPmi - ok
19:06:05.0642 0x1180  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
19:06:05.0673 0x1180  acpitime - ok
19:06:05.0720 0x1180  [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock          C:\WINDOWS\system32\DRIVERS\acsock64.sys
19:06:05.0767 0x1180  acsock - ok
19:06:05.0829 0x1180  [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:06:05.0845 0x1180  AdobeARMservice - ok
19:06:05.0923 0x1180  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:06:06.0001 0x1180  ADP80XX - ok
19:06:06.0032 0x1180  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
19:06:06.0095 0x1180  AeLookupSvc - ok
19:06:06.0175 0x1180  [ 9AF53908184E6CBAA9D5F741EE2CDCF4, EC58B54F3651C9CFD08E0506A31FDFCE5B2A571B51EF4470BC87A337B94C19CD ] AFBAgent        C:\Windows\system32\FBAgent.exe
19:06:06.0269 0x1180  AFBAgent - ok
19:06:06.0331 0x1180  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
19:06:06.0409 0x1180  AFD - ok
19:06:06.0440 0x1180  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
19:06:06.0472 0x1180  agp440 - ok
19:06:06.0503 0x1180  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:06:06.0550 0x1180  ahcache - ok
19:06:06.0565 0x1180  [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
19:06:06.0581 0x1180  AiCharger - ok
19:06:06.0628 0x1180  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
19:06:06.0690 0x1180  ALG - ok
19:06:06.0722 0x1180  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
19:06:06.0784 0x1180  AmdK8 - ok
19:06:06.0800 0x1180  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
19:06:06.0831 0x1180  AmdPPM - ok
19:06:06.0847 0x1180  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
19:06:06.0878 0x1180  amdsata - ok
19:06:06.0909 0x1180  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
19:06:06.0956 0x1180  amdsbs - ok
19:06:06.0987 0x1180  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
19:06:07.0003 0x1180  amdxata - ok
19:06:07.0034 0x1180  [ C7BE7FBB9B6BDE11E12A0F204384C1D6, 36A6387B90DFB2488ABF135198F0F9E19EE29F7A521818DF92E64B36A0BE0245 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
19:06:07.0066 0x1180  AmUStor - ok
19:06:07.0081 0x1180  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
19:06:07.0144 0x1180  AppID - ok
19:06:07.0191 0x1180  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
19:06:07.0222 0x1180  AppIDSvc - ok
19:06:07.0253 0x1180  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
19:06:07.0378 0x1180  Appinfo - ok
19:06:07.0425 0x1180  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:06:07.0441 0x1180  Apple Mobile Device - ok
19:06:07.0487 0x1180  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
19:06:07.0566 0x1180  AppReadiness - ok
19:06:07.0659 0x1180  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
19:06:07.0784 0x1180  AppXSvc - ok
19:06:07.0831 0x1180  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
19:06:07.0878 0x1180  arcsas - ok
19:06:07.0941 0x1180  [ D01D1B40EEF27F64B45165CE0ACDE6CD, E6A9200A66806A2477D5D846D9B48A7087DBC6E99892213E99AB4F030ECB04FE ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
19:06:07.0956 0x1180  ASLDRService - ok
19:06:07.0972 0x1180  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:06:08.0003 0x1180  ASMMAP64 - ok
19:06:08.0034 0x1180  [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn  C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
19:06:08.0066 0x1180  ASUS InstantOn - ok
19:06:08.0097 0x1180  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
19:06:08.0144 0x1180  atapi - ok
19:06:08.0363 0x1180  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
19:06:08.0675 0x1180  athr - ok
19:06:08.0706 0x1180  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
19:06:08.0722 0x1180  ATKGFNEXSrv - ok
19:06:08.0738 0x1180  [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:06:08.0753 0x1180  ATKWMIACPIIO - ok
19:06:08.0800 0x1180  [ 0BDBEF18C7FFC64E8C12705265F2DBD9, F5751C62AD28608F4577D6EA2A905A334D831873F6AB96E176C17AE0F85302E5 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
19:06:08.0816 0x1180  ATP - ok
19:06:08.0863 0x1180  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:06:09.0160 0x1180  AudioEndpointBuilder - ok
19:06:09.0238 0x1180  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
19:06:09.0472 0x1180  Audiosrv - ok
19:06:09.0644 0x1180  [ 8DFC779658F5227019615CDF54748652, 5FFA2E04002C9C9888D4FE85179DD8FEA4C999DD66791B15325E933B24AA4AE3 ] AVKProxy        C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
19:06:09.0785 0x1180  AVKProxy - ok
19:06:09.0894 0x1180  [ 56C6F2D7F1D515B4B534217443D3B67F, CB9E94EE515EE7C426B34EC40DFDEF27893C3379C011B2FF6EEF318A34BCF482 ] AVKService      C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
19:06:09.0972 0x1180  AVKService - ok
19:06:10.0191 0x1180  [ 258B9C230D2A904349CDF18CAD6B22BE, A270FF5D58C516272C248E22FD5ED3C4F279D0348154D56E13E88D05820E9246 ] AVKWCtl         C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
19:06:10.0363 0x1180  AVKWCtl - ok
19:06:10.0503 0x1180  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
19:06:10.0582 0x1180  AxInstSV - ok
19:06:10.0644 0x1180  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
19:06:10.0722 0x1180  b06bdrv - ok
19:06:10.0738 0x1180  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:06:10.0785 0x1180  BasicDisplay - ok
19:06:10.0832 0x1180  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
19:06:10.0878 0x1180  BasicRender - ok
19:06:10.0910 0x1180  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
19:06:10.0941 0x1180  bcmfn2 - ok
19:06:10.0988 0x1180  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
19:06:11.0066 0x1180  BDESVC - ok
19:06:11.0097 0x1180  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:06:11.0128 0x1180  Beep - ok
19:06:11.0191 0x1180  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
19:06:11.0285 0x1180  BFE - ok
19:06:11.0363 0x1180  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
19:06:11.0472 0x1180  BITS - ok
19:06:11.0566 0x1180  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:06:11.0597 0x1180  Bonjour Service - ok
19:06:11.0660 0x1180  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
19:06:11.0738 0x1180  bowser - ok
19:06:11.0769 0x1180  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:06:11.0832 0x1180  BrokerInfrastructure - ok
19:06:11.0863 0x1180  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
19:06:11.0910 0x1180  Browser - ok
19:06:11.0925 0x1180  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:06:11.0957 0x1180  BthAvrcpTg - ok
19:06:11.0988 0x1180  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
19:06:12.0035 0x1180  BthHFEnum - ok
19:06:12.0035 0x1180  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
19:06:12.0066 0x1180  bthhfhid - ok
19:06:12.0097 0x1180  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
19:06:12.0128 0x1180  BTHMODEM - ok
19:06:12.0176 0x1180  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
19:06:12.0207 0x1180  bthserv - ok
19:06:12.0223 0x1180  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:06:12.0254 0x1180  cdfs - ok
19:06:12.0286 0x1180  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
19:06:12.0317 0x1180  cdrom - ok
19:06:12.0332 0x1180  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
19:06:12.0411 0x1180  CertPropSvc - ok
19:06:12.0426 0x1180  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
19:06:12.0473 0x1180  circlass - ok
19:06:12.0520 0x1180  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
19:06:12.0567 0x1180  CLFS - ok
19:06:12.0629 0x1180  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
19:06:12.0661 0x1180  CmBatt - ok
19:06:12.0708 0x1180  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
19:06:12.0973 0x1180  CNG - ok
19:06:13.0004 0x1180  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
19:06:13.0051 0x1180  CompositeBus - ok
19:06:13.0067 0x1180  COMSysApp - ok
19:06:13.0098 0x1180  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
19:06:13.0129 0x1180  condrv - ok
19:06:13.0223 0x1180  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:06:13.0270 0x1180  cphs - ok
19:06:13.0317 0x1180  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
19:06:13.0364 0x1180  CryptSvc - ok
19:06:13.0379 0x1180  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
19:06:13.0395 0x1180  dam - ok
19:06:13.0473 0x1180  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:06:13.0551 0x1180  DcomLaunch - ok
19:06:13.0598 0x1180  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
19:06:13.0661 0x1180  defragsvc - ok
19:06:13.0708 0x1180  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:06:13.0801 0x1180  DeviceAssociationService - ok
19:06:13.0833 0x1180  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
19:06:13.0911 0x1180  DeviceInstall - ok
19:06:13.0942 0x1180  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
19:06:13.0989 0x1180  Dfsc - ok
19:06:14.0036 0x1180  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
19:06:14.0114 0x1180  Dhcp - ok
19:06:14.0161 0x1180  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
19:06:14.0192 0x1180  disk - ok
19:06:14.0223 0x1180  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
19:06:14.0254 0x1180  dmvsc - ok
19:06:14.0301 0x1180  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:06:14.0364 0x1180  Dnscache - ok
19:06:14.0411 0x1180  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:06:14.0458 0x1180  dot3svc - ok
19:06:14.0504 0x1180  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
19:06:14.0551 0x1180  DPS - ok
19:06:14.0598 0x1180  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:06:14.0629 0x1180  drmkaud - ok
19:06:14.0645 0x1180  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
19:06:14.0692 0x1180  DsmSvc - ok
19:06:14.0817 0x1180  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:06:15.0005 0x1180  DXGKrnl - ok
19:06:15.0036 0x1180  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
19:06:15.0067 0x1180  Eaphost - ok
19:06:15.0270 0x1180  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
19:06:15.0567 0x1180  ebdrv - ok
19:06:15.0614 0x1180  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
19:06:15.0630 0x1180  EFS - ok
19:06:15.0645 0x1180  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
19:06:15.0677 0x1180  EhStorClass - ok
19:06:15.0708 0x1180  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:06:15.0739 0x1180  EhStorTcgDrv - ok
19:06:15.0755 0x1180  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
19:06:15.0802 0x1180  ErrDev - ok
19:06:15.0864 0x1180  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
19:06:15.0927 0x1180  EventSystem - ok
19:06:15.0958 0x1180  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
19:06:16.0005 0x1180  exfat - ok
19:06:16.0036 0x1180  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
19:06:16.0067 0x1180  fastfat - ok
19:06:16.0130 0x1180  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
19:06:16.0208 0x1180  Fax - ok
19:06:16.0239 0x1180  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
19:06:16.0255 0x1180  fdc - ok
19:06:16.0302 0x1180  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
19:06:16.0333 0x1180  fdPHost - ok
19:06:16.0349 0x1180  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
19:06:16.0395 0x1180  FDResPub - ok
19:06:16.0411 0x1180  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
19:06:16.0458 0x1180  fhsvc - ok
19:06:16.0474 0x1180  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
19:06:16.0505 0x1180  FileInfo - ok
19:06:16.0536 0x1180  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
19:06:16.0583 0x1180  Filetrace - ok
19:06:16.0599 0x1180  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
19:06:16.0614 0x1180  flpydisk - ok
19:06:16.0661 0x1180  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:06:16.0708 0x1180  FltMgr - ok
19:06:16.0802 0x1180  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
19:06:16.0942 0x1180  FontCache - ok
19:06:17.0052 0x1180  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:06:17.0083 0x1180  FontCache3.0.0.0 - ok
19:06:17.0130 0x1180  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
19:06:17.0145 0x1180  FsDepends - ok
19:06:17.0177 0x1180  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:06:17.0192 0x1180  Fs_Rec - ok
19:06:17.0255 0x1180  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:06:17.0324 0x1180  fvevol - ok
19:06:17.0339 0x1180  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
19:06:17.0371 0x1180  FxPPM - ok
19:06:17.0386 0x1180  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
19:06:17.0402 0x1180  gagp30kx - ok
19:06:17.0433 0x1180  [ A90A90714221E50856FC009545E9A5CB, 67A39F9FD9BB6CDF467D820C4749B6064D19594D5A5B94B0D17CC257CB19AA21 ] GDBehave        C:\WINDOWS\system32\drivers\GDBehave.sys
19:06:17.0574 0x1180  GDBehave - ok
19:06:17.0808 0x1180  [ 56F6E95D62AFC30FD0250D031E5AA480, 3CEC162DD346F1F93A3F0066E310958996556C9E74052456E0974B29A01E91A2 ] GDFwSvc         C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
19:06:18.0011 0x1180  GDFwSvc - ok
19:06:18.0214 0x1180  [ 3AEF393C011738ADDF09057E221EE7D8, 52D3C51D0206C3C082C2AB9958325070A54BC0FD78FF974C69020B424229A18A ] GDKBFlt         C:\WINDOWS\system32\drivers\GDKBFlt64.sys
19:06:18.0324 0x1180  GDKBFlt - ok
19:06:18.0371 0x1180  [ F5A571A95A3E22877D0CBC60F7D66E05, D0D785C5D9F60414FCF01B9C1949661975BD49A93B4556D8D1045895531E457A ] GDMnIcpt        C:\Windows\system32\drivers\MiniIcpt.sys
19:06:18.0667 0x1180  GDMnIcpt - ok
19:06:18.0699 0x1180  [ 383FA07DC3CBD2B084BB90E9A9A4A87B, B0B6483C9C6AAD9926498110857555B2A4519ABC565809F6787D181B917C7C74 ] GDPkIcpt        C:\Windows\system32\drivers\PktIcpt.sys
19:06:18.0777 0x1180  GDPkIcpt - ok
19:06:18.0886 0x1180  [ CC88D7254787D15B84377137BF739F90, F01BF995EDB533C7E6F2A5B9591DA0B4F8F4E79CC45C2DA73198F4B4A8624F0B ] GDScan          C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
19:06:18.0949 0x1180  GDScan - ok
19:06:18.0980 0x1180  [ 0313E2A2B18A2AF40F3C9445653FDE9A, 8A7219B8A2B3FB9C401CCDF0349C48052F5D46400AC5C2D1E2B5BD5DE6E34B7E ] gdwfpcd         C:\WINDOWS\system32\drivers\gdwfpcd64.sys
19:06:19.0027 0x1180  gdwfpcd - ok
19:06:19.0058 0x1180  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:06:19.0074 0x1180  GEARAspiWDM - ok
19:06:19.0105 0x1180  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
19:06:19.0136 0x1180  gencounter - ok
19:06:19.0168 0x1180  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:06:19.0215 0x1180  GPIOClx0101 - ok
19:06:19.0293 0x1180  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
19:06:19.0433 0x1180  gpsvc - ok
19:06:19.0465 0x1180  [ 21134D22597F061EDF12CD3315C881EA, FAF705393861402BD786B16980A4D11FDDFC21081553AAB15D151BEEF4BE6339 ] GRD             C:\Windows\system32\drivers\GRD.sys
19:06:19.0496 0x1180  GRD - ok
19:06:19.0543 0x1180  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:06:19.0574 0x1180  gupdate - ok
19:06:19.0574 0x1180  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:06:19.0605 0x1180  gupdatem - ok
19:06:19.0652 0x1180  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
19:06:19.0683 0x1180  HDAudBus - ok
19:06:19.0715 0x1180  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
19:06:19.0762 0x1180  HidBatt - ok
19:06:19.0793 0x1180  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
19:06:19.0824 0x1180  HidBth - ok
19:06:19.0855 0x1180  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
19:06:19.0887 0x1180  hidi2c - ok
19:06:19.0902 0x1180  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
19:06:19.0949 0x1180  HidIr - ok
19:06:19.0965 0x1180  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
19:06:19.0996 0x1180  hidserv - ok
19:06:20.0058 0x1180  [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
19:06:20.0074 0x1180  HIDSwitch - ok
19:06:20.0105 0x1180  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
19:06:20.0137 0x1180  HidUsb - ok
19:06:20.0183 0x1180  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
19:06:20.0215 0x1180  hkmsvc - ok
19:06:20.0246 0x1180  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:06:20.0308 0x1180  HomeGroupListener - ok
19:06:20.0371 0x1180  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:06:20.0480 0x1180  HomeGroupProvider - ok
19:06:20.0496 0x1180  [ EB6EB3DCC2AD18236EEC42B2FC7BD806, A1334E802997FA2DF34B3C2860731BE03ADB5D1908DDBBCB4A46761ACC568573 ] HookCentre      C:\Windows\system32\drivers\HookCentre.sys
19:06:20.0652 0x1180  HookCentre - ok
19:06:20.0683 0x1180  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
19:06:20.0715 0x1180  HpSAMD - ok
19:06:20.0793 0x1180  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
19:06:20.0887 0x1180  HTTP - ok
19:06:20.0918 0x1180  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
19:06:20.0949 0x1180  hwpolicy - ok
19:06:20.0949 0x1180  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
19:06:20.0996 0x1180  hyperkbd - ok
19:06:21.0012 0x1180  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:06:21.0059 0x1180  HyperVideo - ok
19:06:21.0090 0x1180  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
19:06:21.0137 0x1180  i8042prt - ok
19:06:21.0152 0x1180  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:06:21.0184 0x1180  iaLPSSi_GPIO - ok
19:06:21.0199 0x1180  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:06:21.0231 0x1180  iaLPSSi_I2C - ok
19:06:21.0293 0x1180  [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
19:06:21.0340 0x1180  iaStorA - ok
19:06:21.0402 0x1180  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
19:06:21.0465 0x1180  iaStorAV - ok
19:06:21.0512 0x1180  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
19:06:21.0559 0x1180  iaStorV - ok
19:06:21.0574 0x1180  IEEtwCollectorService - ok
19:06:21.0856 0x1180  [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:06:22.0262 0x1180  igfx - ok
19:06:22.0371 0x1180  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
19:06:22.0481 0x1180  IKEEXT - ok
19:06:22.0731 0x1180  [ CCDD9D55E9BD0806DAD6BAB4EE8DA1D0, 5D64D8231B17873F8D666EDF630595E2E4CEB34AD1E3ED467DDE0F86FC6EE098 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:06:23.0043 0x1180  IntcAzAudAddService - ok
19:06:23.0106 0x1180  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:06:23.0153 0x1180  IntcDAud - ok
19:06:23.0246 0x1180  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:06:23.0309 0x1180  Intel(R) Capability Licensing Service Interface - ok
19:06:23.0356 0x1180  [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:06:23.0387 0x1180  Intel(R) ME Service - ok
19:06:23.0418 0x1180  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
19:06:23.0449 0x1180  intelide - ok
19:06:23.0496 0x1180  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
19:06:23.0528 0x1180  intelpep - ok
19:06:23.0559 0x1180  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
19:06:23.0590 0x1180  intelppm - ok
19:06:23.0606 0x1180  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:06:23.0653 0x1180  IpFilterDriver - ok
19:06:23.0715 0x1180  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
19:06:23.0809 0x1180  iphlpsvc - ok
19:06:23.0840 0x1180  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:06:23.0887 0x1180  IPMIDRV - ok
19:06:23.0918 0x1180  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
19:06:23.0965 0x1180  IPNAT - ok
19:06:24.0012 0x1180  [ 3CBF73052CE14F1455779FE501BCDA38, C762741F2FE38C27701579C39D8C3A4D83E887FF1AC9E7A49FF3209554B96AE1 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:06:24.0075 0x1180  iPod Service - ok
19:06:24.0106 0x1180  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
19:06:24.0137 0x1180  IRENUM - ok
19:06:24.0200 0x1180  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
19:06:24.0231 0x1180  isapnp - ok
19:06:24.0293 0x1180  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
19:06:24.0340 0x1180  iScsiPrt - ok
19:06:24.0387 0x1180  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:06:24.0418 0x1180  jhi_service - ok
19:06:24.0434 0x1180  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
19:06:24.0465 0x1180  kbdclass - ok
19:06:24.0496 0x1180  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
19:06:24.0528 0x1180  kbdhid - ok
19:06:24.0575 0x1180  [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr         C:\WINDOWS\System32\drivers\kbfiltr.sys
19:06:24.0590 0x1180  kbfiltr - ok
19:06:24.0590 0x1180  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:06:24.0637 0x1180  kdnic - ok
19:06:24.0668 0x1180  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
19:06:24.0684 0x1180  KeyIso - ok
19:06:24.0731 0x1180  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
19:06:24.0762 0x1180  KSecDD - ok
19:06:24.0793 0x1180  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:06:24.0965 0x1180  KSecPkg - ok
19:06:24.0996 0x1180  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
19:06:25.0028 0x1180  ksthunk - ok
19:06:25.0075 0x1180  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
19:06:25.0121 0x1180  KtmRm - ok
19:06:25.0176 0x1180  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
19:06:25.0222 0x1180  L1C - ok
19:06:25.0254 0x1180  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
19:06:25.0332 0x1180  LanmanServer - ok
19:06:25.0379 0x1180  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:06:25.0426 0x1180  LanmanWorkstation - ok
19:06:25.0488 0x1180  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
19:06:25.0551 0x1180  lfsvc - ok
19:06:25.0597 0x1180  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:06:25.0629 0x1180  lltdio - ok
19:06:25.0676 0x1180  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
19:06:25.0722 0x1180  lltdsvc - ok
19:06:25.0754 0x1180  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
19:06:25.0785 0x1180  lmhosts - ok
19:06:25.0816 0x1180  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:06:25.0847 0x1180  LMS - ok
19:06:25.0894 0x1180  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
19:06:25.0926 0x1180  LSI_SAS - ok
19:06:25.0957 0x1180  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:06:25.0988 0x1180  LSI_SAS2 - ok
19:06:26.0004 0x1180  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:06:26.0035 0x1180  LSI_SAS3 - ok
19:06:26.0066 0x1180  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
19:06:26.0082 0x1180  LSI_SSS - ok
19:06:26.0144 0x1180  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
19:06:26.0238 0x1180  LSM - ok
19:06:26.0269 0x1180  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
19:06:26.0301 0x1180  luafv - ok
19:06:26.0316 0x1180  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
19:06:26.0363 0x1180  megasas - ok
19:06:26.0394 0x1180  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
19:06:26.0473 0x1180  megasr - ok
19:06:26.0504 0x1180  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
19:06:26.0519 0x1180  MEIx64 - ok
19:06:26.0566 0x1180  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
19:06:26.0598 0x1180  MMCSS - ok
19:06:26.0644 0x1180  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
19:06:26.0676 0x1180  Modem - ok
19:06:26.0707 0x1180  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
19:06:26.0738 0x1180  monitor - ok
19:06:26.0754 0x1180  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
19:06:26.0785 0x1180  mouclass - ok
19:06:26.0816 0x1180  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
19:06:26.0832 0x1180  mouhid - ok
19:06:26.0848 0x1180  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
19:06:26.0894 0x1180  mountmgr - ok
19:06:26.0941 0x1180  [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:06:26.0973 0x1180  MozillaMaintenance - ok
19:06:26.0988 0x1180  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
19:06:27.0019 0x1180  mpsdrv - ok
19:06:27.0113 0x1180  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
19:06:27.0192 0x1180  MpsSvc - ok
19:06:27.0239 0x1180  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
19:06:27.0301 0x1180  MRxDAV - ok
19:06:27.0348 0x1180  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:06:27.0426 0x1180  mrxsmb - ok
19:06:27.0458 0x1180  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:06:27.0505 0x1180  mrxsmb10 - ok
19:06:27.0536 0x1180  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:06:27.0583 0x1180  mrxsmb20 - ok
19:06:27.0614 0x1180  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
19:06:27.0676 0x1180  MsBridge - ok
19:06:27.0708 0x1180  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:06:27.0755 0x1180  MSDTC - ok
19:06:27.0801 0x1180  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:06:27.0817 0x1180  Msfs - ok
19:06:27.0864 0x1180  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:06:27.0911 0x1180  msgpiowin32 - ok
19:06:27.0958 0x1180  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:06:27.0973 0x1180  mshidkmdf - ok
19:06:28.0005 0x1180  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
19:06:28.0051 0x1180  mshidumdf - ok
19:06:28.0098 0x1180  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
19:06:28.0130 0x1180  msisadrv - ok
19:06:28.0177 0x1180  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
19:06:28.0223 0x1180  MSiSCSI - ok
19:06:28.0223 0x1180  msiserver - ok
19:06:28.0270 0x1180  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:06:28.0317 0x1180  MSKSSRV - ok
19:06:28.0333 0x1180  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:06:28.0395 0x1180  MsLldp - ok
19:06:28.0411 0x1180  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:06:28.0442 0x1180  MSPCLOCK - ok
19:06:28.0458 0x1180  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:06:28.0489 0x1180  MSPQM - ok
19:06:28.0520 0x1180  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
19:06:28.0567 0x1180  MsRPC - ok
19:06:28.0598 0x1180  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
19:06:28.0645 0x1180  mssmbios - ok
19:06:28.0661 0x1180  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:06:28.0692 0x1180  MSTEE - ok
19:06:28.0708 0x1180  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
19:06:28.0739 0x1180  MTConfig - ok
19:06:28.0755 0x1180  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
19:06:28.0802 0x1180  Mup - ok
19:06:28.0833 0x1180  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
19:06:28.0864 0x1180  mvumis - ok
19:06:28.0927 0x1180  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
19:06:28.0989 0x1180  napagent - ok
19:06:29.0052 0x1180  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:06:29.0098 0x1180  NativeWifiP - ok
19:06:29.0177 0x1180  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
19:06:29.0208 0x1180  NcaSvc - ok
19:06:29.0239 0x1180  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
19:06:29.0302 0x1180  NcbService - ok
19:06:29.0317 0x1180  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
19:06:29.0380 0x1180  NcdAutoSetup - ok
19:06:29.0489 0x1180  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
19:06:29.0583 0x1180  NDIS - ok
19:06:29.0630 0x1180  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:06:29.0677 0x1180  NdisCap - ok
19:06:29.0708 0x1180  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:06:29.0771 0x1180  NdisImPlatform - ok
19:06:29.0817 0x1180  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:06:29.0864 0x1180  NdisTapi - ok
19:06:29.0880 0x1180  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:06:29.0911 0x1180  Ndisuio - ok
19:06:29.0927 0x1180  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:06:29.0958 0x1180  NdisVirtualBus - ok
19:06:29.0989 0x1180  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:06:30.0036 0x1180  NdisWan - ok
19:06:30.0067 0x1180  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:06:30.0099 0x1180  NdisWanLegacy - ok
19:06:30.0114 0x1180  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:06:30.0161 0x1180  NDProxy - ok
19:06:30.0192 0x1180  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
19:06:30.0224 0x1180  Ndu - ok
19:06:30.0239 0x1180  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:06:30.0286 0x1180  NetBIOS - ok
19:06:30.0317 0x1180  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:06:30.0380 0x1180  NetBT - ok
19:06:30.0396 0x1180  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:06:30.0427 0x1180  Netlogon - ok
19:06:30.0474 0x1180  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
19:06:30.0521 0x1180  Netman - ok
19:06:30.0599 0x1180  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
19:06:30.0661 0x1180  netprofm - ok
19:06:30.0724 0x1180  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:06:30.0802 0x1180  NetTcpPortSharing - ok
19:06:30.0833 0x1180  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
19:06:30.0864 0x1180  netvsc - ok
19:06:30.0927 0x1180  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
19:06:30.0989 0x1180  NlaSvc - ok
19:06:31.0005 0x1180  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:06:31.0036 0x1180  Npfs - ok
19:06:31.0067 0x1180  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
19:06:31.0130 0x1180  npsvctrig - ok
19:06:31.0130 0x1180  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
19:06:31.0161 0x1180  nsi - ok
19:06:31.0177 0x1180  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
19:06:31.0208 0x1180  nsiproxy - ok
19:06:31.0349 0x1180  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:06:31.0521 0x1180  Ntfs - ok
19:06:31.0552 0x1180  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:06:31.0583 0x1180  Null - ok
19:06:31.0615 0x1180  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
19:06:31.0646 0x1180  nvraid - ok
19:06:31.0677 0x1180  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
19:06:31.0708 0x1180  nvstor - ok
19:06:31.0740 0x1180  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
19:06:31.0771 0x1180  nv_agp - ok
19:06:31.0818 0x1180  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:06:31.0849 0x1180  ose - ok
19:06:32.0146 0x1180  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:06:32.0443 0x1180  osppsvc - ok
19:06:32.0537 0x1180  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
19:06:32.0615 0x1180  p2pimsvc - ok
19:06:32.0677 0x1180  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
19:06:32.0740 0x1180  p2psvc - ok
19:06:32.0755 0x1180  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
19:06:32.0787 0x1180  Parport - ok
19:06:32.0818 0x1180  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
19:06:32.0865 0x1180  partmgr - ok
19:06:32.0896 0x1180  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
19:06:32.0974 0x1180  PcaSvc - ok
19:06:33.0037 0x1180  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
19:06:33.0083 0x1180  pci - ok
19:06:33.0099 0x1180  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
19:06:33.0130 0x1180  pciide - ok
19:06:33.0162 0x1180  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
19:06:33.0193 0x1180  pcmcia - ok
19:06:33.0208 0x1180  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
19:06:33.0255 0x1180  pcw - ok
19:06:33.0271 0x1180  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
19:06:33.0302 0x1180  pdc - ok
19:06:33.0365 0x1180  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
19:06:33.0458 0x1180  PEAUTH - ok
19:06:33.0537 0x1180  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
19:06:33.0552 0x1180  PerfHost - ok
19:06:33.0677 0x1180  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
19:06:33.0818 0x1180  pla - ok
19:06:33.0849 0x1180  [ 6A5BC1C37D62C9ABD4B1CB6754B74246, 860F9697E75200AE63C8E96142424A34B347CA7EF3F6276CEF04C0B835EDB4F3 ] plctrl          C:\Program Files\ASUS\P4G\plctrl.sys
19:06:33.0865 0x1180  plctrl - ok
19:06:33.0896 0x1180  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
19:06:33.0927 0x1180  PlugPlay - ok
19:06:33.0943 0x1180  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
19:06:33.0974 0x1180  PNRPAutoReg - ok
19:06:34.0021 0x1180  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
19:06:34.0068 0x1180  PNRPsvc - ok
19:06:34.0130 0x1180  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
19:06:34.0177 0x1180  PolicyAgent - ok
19:06:34.0224 0x1180  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
19:06:34.0271 0x1180  Power - ok
19:06:34.0505 0x1180  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:06:34.0943 0x1180  PrintNotify - ok
19:06:34.0990 0x1180  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
19:06:35.0052 0x1180  Processor - ok
19:06:35.0099 0x1180  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
19:06:35.0178 0x1180  ProfSvc - ok
19:06:35.0209 0x1180  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
19:06:35.0240 0x1180  Psched - ok
19:06:35.0287 0x1180  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
19:06:35.0350 0x1180  QWAVE - ok
19:06:35.0350 0x1180  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
19:06:35.0381 0x1180  QWAVEdrv - ok
19:06:35.0412 0x1180  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:06:35.0459 0x1180  RasAcd - ok
19:06:35.0490 0x1180  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:06:35.0537 0x1180  RasAuto - ok
19:06:35.0584 0x1180  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:06:35.0693 0x1180  RasMan - ok
19:06:35.0709 0x1180  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:06:35.0756 0x1180  RasPppoe - ok
19:06:35.0803 0x1180  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:06:35.0881 0x1180  rdbss - ok
19:06:35.0896 0x1180  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
19:06:35.0943 0x1180  rdpbus - ok
19:06:35.0990 0x1180  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
19:06:36.0053 0x1180  RDPDR - ok
19:06:36.0100 0x1180  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:06:36.0271 0x1180  RdpVideoMiniport - ok
19:06:36.0318 0x1180  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
19:06:36.0365 0x1180  rdyboost - ok
19:06:36.0443 0x1180  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
19:06:36.0537 0x1180  ReFS - ok
19:06:36.0584 0x1180  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:06:36.0631 0x1180  RemoteAccess - ok
19:06:36.0662 0x1180  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:06:36.0709 0x1180  RemoteRegistry - ok
19:06:36.0756 0x1180  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
19:06:36.0787 0x1180  RpcEptMapper - ok
19:06:36.0818 0x1180  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
19:06:36.0850 0x1180  RpcLocator - ok
19:06:36.0912 0x1180  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
19:06:36.0975 0x1180  RpcSs - ok
19:06:37.0022 0x1180  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:06:37.0053 0x1180  rspndr - ok
19:06:37.0068 0x1180  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
19:06:37.0100 0x1180  s3cap - ok
19:06:37.0131 0x1180  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:06:37.0147 0x1180  SamSs - ok
19:06:37.0193 0x1180  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
19:06:37.0256 0x1180  sbp2port - ok
19:06:37.0303 0x1180  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
19:06:37.0350 0x1180  SCardSvr - ok
19:06:37.0381 0x1180  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
19:06:37.0428 0x1180  ScDeviceEnum - ok
19:06:37.0459 0x1180  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:06:37.0506 0x1180  scfilter - ok
19:06:37.0615 0x1180  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:06:37.0772 0x1180  Schedule - ok
19:06:37.0818 0x1180  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
19:06:37.0865 0x1180  SCPolicySvc - ok
19:06:37.0928 0x1180  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
19:06:37.0975 0x1180  sdbus - ok
19:06:38.0037 0x1180  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
19:06:38.0084 0x1180  sdstor - ok
19:06:38.0131 0x1180  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
19:06:38.0179 0x1180  secdrv - ok
19:06:38.0226 0x1180  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
19:06:38.0257 0x1180  seclogon - ok
19:06:38.0289 0x1180  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
19:06:38.0335 0x1180  SENS - ok
19:06:38.0382 0x1180  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
19:06:38.0460 0x1180  SensrSvc - ok
19:06:38.0507 0x1180  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
19:06:38.0523 0x1180  SerCx - ok
19:06:38.0585 0x1180  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
19:06:38.0617 0x1180  SerCx2 - ok
19:06:38.0648 0x1180  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
19:06:38.0679 0x1180  Serenum - ok
19:06:38.0710 0x1180  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
19:06:38.0742 0x1180  Serial - ok
19:06:38.0757 0x1180  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
19:06:38.0851 0x1180  sermouse - ok
19:06:38.0960 0x1180  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
19:06:39.0070 0x1180  SessionEnv - ok
19:06:39.0085 0x1180  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
19:06:39.0132 0x1180  sfloppy - ok
19:06:39.0179 0x1180  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:06:39.0273 0x1180  SharedAccess - ok
19:06:39.0335 0x1180  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:06:39.0414 0x1180  ShellHWDetection - ok
19:06:39.0460 0x1180  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:06:39.0492 0x1180  SiSRaid2 - ok
19:06:39.0523 0x1180  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
19:06:39.0554 0x1180  SiSRaid4 - ok
19:06:39.0617 0x1180  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:06:40.0492 0x1180  SkypeUpdate - ok
19:06:40.0523 0x1180  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
19:06:40.0586 0x1180  smphost - ok
19:06:40.0617 0x1180  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
19:06:40.0648 0x1180  SNMPTRAP - ok
19:06:40.0711 0x1180  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
19:06:40.0758 0x1180  spaceport - ok
19:06:40.0789 0x1180  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
19:06:40.0820 0x1180  SpbCx - ok
19:06:40.0867 0x1180  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
19:06:40.0961 0x1180  Spooler - ok
19:06:41.0305 0x1180  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
19:06:41.0867 0x1180  sppsvc - ok
19:06:41.0976 0x1180  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:06:42.0055 0x1180  srv - ok
19:06:42.0117 0x1180  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
19:06:42.0180 0x1180  srv2 - ok
19:06:42.0227 0x1180  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:06:42.0273 0x1180  srvnet - ok
19:06:42.0336 0x1180  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:06:42.0383 0x1180  SSDPSRV - ok
19:06:42.0430 0x1180  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
19:06:42.0461 0x1180  SstpSvc - ok
19:06:42.0492 0x1180  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
19:06:42.0523 0x1180  stexstor - ok
19:06:42.0586 0x1180  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
19:06:42.0758 0x1180  stisvc - ok
19:06:42.0774 0x1180  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
19:06:42.0820 0x1180  storahci - ok
19:06:42.0852 0x1180  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
19:06:42.0883 0x1180  storflt - ok
19:06:42.0914 0x1180  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
19:06:42.0961 0x1180  stornvme - ok
19:06:42.0977 0x1180  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
19:06:43.0024 0x1180  StorSvc - ok
19:06:43.0055 0x1180  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
19:06:43.0086 0x1180  storvsc - ok
19:06:43.0133 0x1180  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
19:06:43.0186 0x1180  svsvc - ok
19:06:43.0218 0x1180  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
19:06:43.0264 0x1180  swenum - ok
19:06:43.0327 0x1180  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
19:06:43.0421 0x1180  swprv - ok
19:06:43.0514 0x1180  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
19:06:43.0655 0x1180  SysMain - ok
19:06:43.0702 0x1180  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:06:43.0780 0x1180  SystemEventsBroker - ok
19:06:43.0811 0x1180  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:06:43.0858 0x1180  TabletInputService - ok
19:06:43.0874 0x1180  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:06:43.0952 0x1180  TapiSrv - ok
19:06:44.0108 0x1180  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
19:06:44.0296 0x1180  Tcpip - ok
19:06:44.0436 0x1180  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:06:44.0655 0x1180  TCPIP6 - ok
19:06:44.0811 0x1180  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
19:06:44.0874 0x1180  tcpipreg - ok
19:06:44.0905 0x1180  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
19:06:44.0952 0x1180  tdx - ok
19:06:44.0999 0x1180  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
19:06:45.0015 0x1180  terminpt - ok
19:06:45.0124 0x1180  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
19:06:45.0265 0x1180  TermService - ok
19:06:45.0296 0x1180  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
19:06:45.0343 0x1180  Themes - ok
19:06:45.0358 0x1180  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
19:06:45.0390 0x1180  THREADORDER - ok
19:06:45.0405 0x1180  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
19:06:45.0468 0x1180  TimeBroker - ok
19:06:45.0515 0x1180  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
19:06:45.0562 0x1180  TPM - ok
19:06:45.0577 0x1180  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
19:06:45.0609 0x1180  TrkWks - ok
19:06:45.0655 0x1180  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:06:45.0702 0x1180  TrustedInstaller - ok
19:06:45.0734 0x1180  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
19:06:45.0796 0x1180  TsUsbFlt - ok
19:06:45.0812 0x1180  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:06:45.0843 0x1180  TsUsbGD - ok
19:06:45.0890 0x1180  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:06:45.0937 0x1180  tunnel - ok
19:06:45.0952 0x1180  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
19:06:45.0999 0x1180  uagp35 - ok
19:06:46.0030 0x1180  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
19:06:46.0062 0x1180  UASPStor - ok
19:06:46.0109 0x1180  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
19:06:46.0140 0x1180  UCX01000 - ok
19:06:46.0187 0x1180  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
19:06:46.0265 0x1180  udfs - ok
19:06:46.0280 0x1180  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
19:06:46.0312 0x1180  UEFI - ok
19:06:46.0359 0x1180  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
19:06:46.0390 0x1180  UI0Detect - ok
19:06:46.0421 0x1180  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
19:06:46.0452 0x1180  uliagpkx - ok
19:06:46.0484 0x1180  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
19:06:46.0515 0x1180  umbus - ok
19:06:46.0546 0x1180  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
19:06:46.0577 0x1180  UmPass - ok
19:06:46.0624 0x1180  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
19:06:46.0671 0x1180  UmRdpService - ok
19:06:46.0780 0x1180  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:06:46.0812 0x1180  UNS - ok
19:06:46.0859 0x1180  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:06:46.0921 0x1180  upnphost - ok
19:06:46.0968 0x1180  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:06:47.0030 0x1180  USBAAPL64 - ok
19:06:47.0062 0x1180  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
19:06:47.0093 0x1180  usbccgp - ok
19:06:47.0155 0x1180  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
19:06:47.0187 0x1180  usbcir - ok
19:06:47.0218 0x1180  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
19:06:47.0249 0x1180  usbehci - ok
19:06:47.0312 0x1180  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
19:06:47.0390 0x1180  usbhub - ok
19:06:47.0437 0x1180  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
19:06:47.0515 0x1180  USBHUB3 - ok
19:06:47.0562 0x1180  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
19:06:47.0609 0x1180  usbohci - ok
19:06:47.0655 0x1180  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
19:06:47.0718 0x1180  usbprint - ok
19:06:47.0749 0x1180  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:06:47.0796 0x1180  usbscan - ok
19:06:47.0827 0x1180  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:06:47.0999 0x1180  USBSTOR - ok
19:06:48.0031 0x1180  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
19:06:48.0109 0x1180  usbuhci - ok
19:06:48.0172 0x1180  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
19:06:48.0219 0x1180  usbvideo - ok
19:06:48.0297 0x1180  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:06:48.0344 0x1180  USBXHCI - ok
19:06:48.0359 0x1180  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
19:06:48.0391 0x1180  VaultSvc - ok
19:06:48.0438 0x1180  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
19:06:48.0469 0x1180  vdrvroot - ok
19:06:48.0562 0x1180  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
19:06:48.0734 0x1180  vds - ok
19:06:48.0797 0x1180  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
19:06:48.0828 0x1180  VerifierExt - ok
19:06:48.0891 0x1180  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
19:06:48.0969 0x1180  vhdmp - ok
19:06:49.0016 0x1180  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
19:06:49.0031 0x1180  viaide - ok
19:06:49.0047 0x1180  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
19:06:49.0094 0x1180  vmbus - ok
19:06:49.0109 0x1180  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
19:06:49.0141 0x1180  VMBusHID - ok
19:06:49.0203 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:06:49.0266 0x1180  vmicguestinterface - ok
19:06:49.0297 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
19:06:49.0344 0x1180  vmicheartbeat - ok
19:06:49.0375 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:06:49.0438 0x1180  vmickvpexchange - ok
19:06:49.0469 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
19:06:49.0516 0x1180  vmicrdv - ok
19:06:49.0563 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
19:06:49.0609 0x1180  vmicshutdown - ok
19:06:49.0641 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
19:06:49.0703 0x1180  vmictimesync - ok
19:06:49.0734 0x1180  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
19:06:49.0781 0x1180  vmicvss - ok
19:06:49.0813 0x1180  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
19:06:49.0859 0x1180  volmgr - ok
19:06:49.0891 0x1180  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
19:06:49.0953 0x1180  volmgrx - ok
19:06:50.0000 0x1180  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
19:06:50.0047 0x1180  volsnap - ok
19:06:50.0094 0x1180  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
19:06:50.0125 0x1180  vpci - ok
19:06:50.0203 0x1180  [ 0B0772247B85FC844A06498386E32F59, 47FBF825649C78E52A13EBD06336209C15414293A414757CF424E4B4490319BA ] vpnagent        C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
19:06:50.0250 0x1180  vpnagent - ok
19:06:50.0282 0x1180  [ 5932B2999AEF21C4599A792599F28D89, 78B2842BA71F9DAB5BB64BA4AB97BD19DEEFB075F83D735244906D046E78B2DC ] vpnva           C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
19:06:50.0328 0x1180  vpnva - ok
19:06:50.0360 0x1180  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
19:06:50.0407 0x1180  vsmraid - ok
19:06:50.0516 0x1180  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
19:06:50.0641 0x1180  VSS - ok
19:06:50.0672 0x1180  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
19:06:50.0719 0x1180  VSTXRAID - ok
19:06:50.0766 0x1180  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
19:06:50.0828 0x1180  vwifibus - ok
19:06:50.0860 0x1180  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
19:06:50.0907 0x1180  vwififlt - ok
19:06:50.0938 0x1180  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
19:06:50.0969 0x1180  vwifimp - ok
19:06:51.0032 0x1180  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
19:06:51.0078 0x1180  W32Time - ok
19:06:51.0094 0x1180  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
19:06:51.0125 0x1180  WacomPen - ok
19:06:51.0235 0x1180  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
19:06:51.0422 0x1180  wbengine - ok
19:06:51.0469 0x1180  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
19:06:51.0563 0x1180  WbioSrvc - ok
19:06:51.0594 0x1180  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
19:06:51.0672 0x1180  Wcmsvc - ok
19:06:51.0735 0x1180  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
19:06:51.0813 0x1180  wcncsvc - ok
19:06:51.0829 0x1180  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:06:51.0875 0x1180  WcsPlugInService - ok
19:06:51.0907 0x1180  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
19:06:52.0079 0x1180  WdBoot - ok
19:06:52.0157 0x1180  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
19:06:52.0235 0x1180  Wdf01000 - ok
19:06:52.0282 0x1180  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
19:06:52.0407 0x1180  WdFilter - ok
19:06:52.0422 0x1180  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
19:06:52.0469 0x1180  WdiServiceHost - ok
19:06:52.0485 0x1180  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
19:06:52.0532 0x1180  WdiSystemHost - ok
19:06:52.0547 0x1180  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:06:52.0625 0x1180  WdNisDrv - ok
19:06:52.0657 0x1180  WdNisSvc - ok
19:06:52.0672 0x1180  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:06:52.0750 0x1180  WebClient - ok
19:06:52.0797 0x1180  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
19:06:52.0844 0x1180  Wecsvc - ok
19:06:52.0860 0x1180  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
19:06:52.0891 0x1180  WEPHOSTSVC - ok
19:06:52.0922 0x1180  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
19:06:52.0969 0x1180  wercplsupport - ok
19:06:53.0000 0x1180  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
19:06:53.0032 0x1180  WerSvc - ok
19:06:53.0063 0x1180  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:06:53.0110 0x1180  WFPLWFS - ok
19:06:53.0157 0x1180  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
19:06:53.0179 0x1180  WiaRpc - ok
19:06:53.0211 0x1180  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
19:06:53.0242 0x1180  WIMMount - ok
19:06:53.0242 0x1180  WinDefend - ok
19:06:53.0336 0x1180  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:06:53.0414 0x1180  WinHttpAutoProxySvc - ok
19:06:53.0461 0x1180  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:06:53.0492 0x1180  Winmgmt - ok
19:06:53.0648 0x1180  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:06:54.0054 0x1180  WinRM - ok
19:06:54.0117 0x1180  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
19:06:54.0164 0x1180  WinUsb - ok
19:06:54.0273 0x1180  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
19:06:54.0414 0x1180  WlanSvc - ok
19:06:54.0523 0x1180  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
19:06:54.0711 0x1180  wlidsvc - ok
19:06:54.0742 0x1180  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
19:06:54.0789 0x1180  WmiAcpi - ok
19:06:54.0820 0x1180  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:06:54.0867 0x1180  wmiApSrv - ok
19:06:54.0914 0x1180  WMPNetworkSvc - ok
19:06:54.0929 0x1180  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
19:06:54.0976 0x1180  Wof - ok
19:06:55.0086 0x1180  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
19:06:55.0274 0x1180  workfolderssvc - ok
19:06:55.0305 0x1180  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:06:55.0352 0x1180  wpcfltr - ok
19:06:55.0399 0x1180  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
19:06:55.0446 0x1180  WPCSvc - ok
19:06:55.0477 0x1180  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
19:06:55.0524 0x1180  WPDBusEnum - ok
19:06:55.0555 0x1180  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:06:55.0602 0x1180  WpdUpFltr - ok
19:06:55.0618 0x1180  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:06:55.0665 0x1180  ws2ifsl - ok
19:06:55.0696 0x1180  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
19:06:55.0774 0x1180  wscsvc - ok
19:06:55.0774 0x1180  WSearch - ok
19:06:55.0977 0x1180  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
19:06:56.0290 0x1180  WSService - ok
19:06:56.0508 0x1180  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
19:06:56.0852 0x1180  wuauserv - ok
19:06:56.0899 0x1180  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
19:06:56.0962 0x1180  WudfPf - ok
19:06:56.0993 0x1180  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
19:06:57.0040 0x1180  WUDFRd - ok
19:06:57.0040 0x1180  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
19:06:57.0071 0x1180  wudfsvc - ok
19:06:57.0102 0x1180  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:06:57.0133 0x1180  WUDFWpdFs - ok
19:06:57.0149 0x1180  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
19:06:57.0180 0x1180  WUDFWpdMtp - ok
19:06:57.0241 0x1180  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
19:06:57.0303 0x1180  WwanSvc - ok
19:06:57.0319 0x1180  ================ Scan global ===============================
19:06:57.0366 0x1180  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
19:06:57.0397 0x1180  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
19:06:57.0475 0x1180  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
19:06:57.0506 0x1180  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
19:06:57.0537 0x1180  [ Global ] - ok
19:06:57.0537 0x1180  ================ Scan MBR ==================================
19:06:57.0553 0x1180  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:06:57.0678 0x1180  \Device\Harddisk0\DR0 - ok
19:06:57.0678 0x1180  ================ Scan VBR ==================================
19:06:57.0709 0x1180  [ BE269661C5B3BD04BE6684D39C9133A1 ] \Device\Harddisk0\DR0\Partition1
19:06:57.0725 0x1180  \Device\Harddisk0\DR0\Partition1 - ok
19:06:57.0741 0x1180  [ 5E9F0C57291ECEFEB967DDC0F2209601 ] \Device\Harddisk0\DR0\Partition2
19:06:57.0756 0x1180  \Device\Harddisk0\DR0\Partition2 - ok
19:06:57.0772 0x1180  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
19:06:57.0772 0x1180  \Device\Harddisk0\DR0\Partition3 - ok
19:06:57.0787 0x1180  [ DAB2444D5DBD52180C106B8F69EFD282 ] \Device\Harddisk0\DR0\Partition4
19:06:57.0819 0x1180  \Device\Harddisk0\DR0\Partition4 - ok
19:06:57.0834 0x1180  [ D5B5023B835D25510C369F7FA4105AF4 ] \Device\Harddisk0\DR0\Partition5
19:06:57.0850 0x1180  \Device\Harddisk0\DR0\Partition5 - ok
19:06:57.0866 0x1180  [ BF957E5AF69932A807B2DAC1AC8FE7E9 ] \Device\Harddisk0\DR0\Partition6
19:06:57.0881 0x1180  \Device\Harddisk0\DR0\Partition6 - ok
19:06:57.0912 0x1180  [ 7315884CC3C30CD71B6D2AEBA85492B8 ] \Device\Harddisk0\DR0\Partition7
19:06:57.0928 0x1180  \Device\Harddisk0\DR0\Partition7 - ok
19:06:57.0928 0x1180  ================ Scan generic autorun ======================
19:06:57.0975 0x1180  AV detected via SS2: G Data InternetSecurity 2014, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.0.0.0 ), 0x40000 ( disabled : updated )
19:06:58.0147 0x1180  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
19:06:58.0147 0x1180  FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe ( 1.0.0.0 ), 0x41010 ( enabled )
19:06:58.0147 0x1180  FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe ( 1.0.0.0 ), 0x40010 ( disabled )
19:06:58.0147 0x1180  ============================================================
19:06:58.0147 0x1180  Scan finished
19:06:58.0147 0x1180  ============================================================
19:06:58.0162 0x00b8  Detected object count: 0
19:06:58.0162 0x00b8  Actual detected object count: 0
19:08:46.0722 0x163c  Deinitialize success
         
__________________

Alt 28.11.2014, 17:41   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 28.11.2014, 19:03   #5
Feline
 
Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Hallo,

danke!! Hier die Logfiles.
Ich habe noch eine Frage: Ich benutze immer noch die Opera Version 12.17, da ich mich mit der ganz neuen nicht anfreunden kann.
Kann ich die weiterhin benutzen oder ist das sicherheitstechnisch eher bedenklich?




Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 28.11.2014
Suchlauf-Zeit: 18:02:34
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.28.06
Rootkit Datenbank: v2014.11.22.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Désirée

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 329483
Verstrichene Zeit: 25 Min, 54 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.DigitalSites.A, HKU\S-1-5-21-2274478751-3046789010-2582509646-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DSiteProducts, In Quarantäne, [36f057ea384495a149d8ba04659ff40c], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 0
(Keine schädliche Elemente erkannt)

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         


Code:
ATTFilter
# AdwCleaner v4.102 - Bericht erstellt am 28/11/2014 um 18:36:49
# Aktualisiert 23/11/2014 von Xplode
# Database : 2014-11-27.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Désirée - FELICA
# Gestartet von : C:\Users\Désirée\Desktop\AdwCleaner_4.102.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Allmyapps
Ordner Gelöscht : C:\Users\Désirée\AppData\Local\CrashRpt

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.0.3 (x86 de)


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [1058 octets] - [28/11/2014 18:33:08]
AdwCleaner[S0].txt - [981 octets] - [28/11/2014 18:36:49]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1040 octets] ##########
         



Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 8.1 x64
Ran by D‚sir‚e on 28.11.2014 at 18:41:14,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.11.2014 at 18:54:17,82
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Désirée (administrator) on FELICA on 28-11-2014 18:54:58
Running from C:\Users\Désirée\Desktop
Loaded Profile: Désirée (Available profiles: Désirée)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Phishing - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\{bae4e2d9-a9ac-4f2c-a844-ff576912bcef} [2014-03-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R3 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R3 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2683760 2014-05-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R3 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-11-27] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-11-27] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-11-27] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-11-27] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2014-11-27] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-07-13] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-11-27] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [13696 2012-09-17] (ASUSTek Computer Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-12-12] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-28 18:54 - 2014-11-28 18:54 - 00000616 _____ () C:\Users\Désirée\Desktop\JRT.txt
2014-11-28 18:40 - 2014-11-28 18:40 - 01707532 _____ (Thisisu) C:\Users\Désirée\Desktop\JRT.exe
2014-11-28 18:39 - 2014-11-28 18:39 - 00001120 _____ () C:\Users\Désirée\Desktop\AdwCleaner[S0].txt
2014-11-28 18:33 - 2014-11-28 18:36 - 00000000 ____D () C:\AdwCleaner
2014-11-28 18:32 - 2014-11-28 18:32 - 02148864 _____ () C:\Users\Désirée\Desktop\AdwCleaner_4.102.exe
2014-11-28 18:29 - 2014-11-28 18:29 - 00001350 _____ () C:\Users\Désirée\Desktop\mbam.txt
2014-11-28 18:01 - 2014-11-28 18:38 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-28 18:00 - 2014-11-28 18:00 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-28 18:00 - 2014-11-28 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-28 17:59 - 2014-11-28 18:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-28 17:59 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-28 17:59 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-28 17:58 - 2014-11-28 17:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Désirée\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-27 19:03 - 2014-11-27 19:03 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Désirée\Desktop\tdsskiller.exe
2014-11-27 18:12 - 2014-11-27 18:12 - 00000017 _____ () C:\Users\Désirée\AppData\Local\resmon.resmoncfg
2014-11-27 17:52 - 2014-11-27 17:52 - 00004259 _____ () C:\Users\Désirée\Desktop\gmer.txt
2014-11-27 17:46 - 2014-11-27 17:46 - 00380416 _____ () C:\Users\Désirée\Desktop\699loxvp.exe
2014-11-27 17:45 - 2014-11-27 17:46 - 00025899 _____ () C:\Users\Désirée\Desktop\Addition.txt
2014-11-27 17:43 - 2014-11-28 18:55 - 00014056 _____ () C:\Users\Désirée\Desktop\FRST.txt
2014-11-27 17:42 - 2014-11-28 18:55 - 00000000 ____D () C:\FRST
2014-11-27 17:42 - 2014-11-27 17:42 - 02117632 _____ (Farbar) C:\Users\Désirée\Desktop\FRST64.exe
2014-11-27 17:42 - 2014-11-27 17:42 - 00000476 _____ () C:\Users\Désirée\Desktop\defogger_disable.log
2014-11-27 17:42 - 2014-11-27 17:42 - 00000000 _____ () C:\Users\Désirée\defogger_reenable
2014-11-27 17:39 - 2014-11-27 17:39 - 00050477 _____ () C:\Users\Désirée\Desktop\Defogger.exe
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieUserList
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieSiteList
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieBrowserModeList
2014-11-27 16:18 - 2014-11-27 16:18 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2014-11-27 16:18 - 2014-11-27 16:18 - 00002000 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2014-11-27 16:18 - 2014-11-27 16:18 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2014-11-27 16:18 - 2014-11-27 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2014-11-27 14:47 - 2014-11-27 14:47 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-27 14:47 - 2014-11-27 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-27 14:47 - 2014-11-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-23 16:05 - 2014-11-23 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-19 18:10 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-19 18:10 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-19 18:10 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-19 18:10 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-19 18:10 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-19 18:10 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-19 18:10 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-19 18:10 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-19 18:10 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-19 18:10 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-19 18:10 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-19 18:10 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-19 18:10 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-19 18:10 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-19 18:10 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-19 18:10 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-19 18:10 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-19 18:10 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-19 18:09 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-19 18:09 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-19 18:09 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-19 18:09 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-19 18:09 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-19 18:09 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-19 18:09 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-19 18:09 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-19 18:09 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-19 18:09 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-19 18:09 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-19 18:09 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-19 18:09 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-19 18:09 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-19 18:09 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-19 18:08 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-19 18:08 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-19 18:08 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-19 18:08 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-19 18:08 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-19 18:08 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-19 18:08 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-19 18:08 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-19 18:08 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-19 18:08 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-19 18:07 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-19 18:05 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-19 18:05 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-19 18:04 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-19 18:04 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-19 18:04 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-19 18:04 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-19 18:04 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-19 18:04 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-19 18:04 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-19 18:04 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-19 18:04 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-19 18:04 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-19 18:04 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-19 18:04 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-19 18:04 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-19 18:04 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-19 18:04 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-19 18:04 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-19 18:04 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-19 18:04 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-19 18:04 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-19 18:04 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-19 18:04 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-19 18:04 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-19 18:04 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-19 18:04 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-19 18:04 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-19 18:04 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-19 18:04 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-19 18:04 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-19 18:04 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-19 18:04 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-19 18:04 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-19 18:04 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-19 18:04 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-19 18:04 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-19 18:04 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-19 18:04 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-19 18:04 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-19 18:04 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-19 18:04 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-19 18:04 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-19 18:04 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-19 18:04 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-19 18:04 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-19 18:04 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-19 18:04 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-19 18:04 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-19 18:04 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-19 18:04 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-19 18:04 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-19 18:04 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-19 18:04 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-19 18:04 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-19 18:04 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-19 18:04 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-19 18:04 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-19 18:04 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-19 18:04 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-19 18:04 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-19 18:04 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-19 18:04 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-19 18:04 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-19 18:04 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-19 18:04 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-19 18:04 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-19 18:03 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-19 18:03 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-19 18:03 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-19 18:03 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-19 18:03 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-19 18:03 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-19 18:03 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-19 18:03 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-19 18:03 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-19 18:03 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-19 18:03 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-19 18:03 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-19 18:03 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-19 18:03 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-19 18:03 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-19 18:03 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-19 18:03 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-19 18:03 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-19 18:03 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-19 18:03 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-19 18:03 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-19 18:02 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 18:02 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 18:02 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 18:02 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 18:02 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-19 18:02 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-19 18:02 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-19 18:02 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-19 18:02 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-19 18:02 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-19 18:02 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-19 18:02 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-19 18:02 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-19 18:02 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-19 18:02 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-19 18:02 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-19 18:02 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-19 18:02 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-19 18:02 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-19 18:02 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-19 18:02 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-19 18:02 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-19 18:02 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-19 18:02 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-19 18:02 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-19 18:02 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-19 18:02 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-19 18:02 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-19 18:02 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-19 18:02 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-19 18:02 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-19 18:02 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-19 18:02 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-19 18:02 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-19 18:02 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-19 18:02 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-19 18:02 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-19 18:02 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-19 18:02 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-19 18:02 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-19 18:02 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-19 18:02 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-19 18:02 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-19 18:02 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-19 18:02 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-19 18:02 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-19 18:02 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-19 18:02 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-19 18:02 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-19 18:02 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-19 18:02 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-08 09:07 - 2014-11-08 09:07 - 00003472 _____ () C:\Users\Désirée\AppData\Local\recently-used.xbel

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-28 18:39 - 2013-08-19 20:11 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-28 18:39 - 2013-08-19 20:11 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-28 18:39 - 2012-11-30 10:12 - 00003017 _____ () C:\WINDOWS\system32\ServiceFilter.ini
2014-11-28 18:39 - 2012-11-30 09:32 - 00003052 _____ () C:\WINDOWS\System32\Tasks\ASUS P4G
2014-11-28 18:39 - 2012-11-30 09:30 - 00003024 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2014-11-28 18:39 - 2012-11-30 09:29 - 00003114 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update
2014-11-28 18:38 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-28 18:38 - 2013-01-06 04:21 - 00000401 _____ () C:\Users\Désirée\AppData\Roaming\sp_data.sys
2014-11-28 18:37 - 2013-11-13 23:18 - 00015248 _____ () C:\WINDOWS\PFRO.log
2014-11-28 18:21 - 2013-01-06 04:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2274478751-3046789010-2582509646-1001
2014-11-28 18:06 - 2013-08-19 20:11 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-28 18:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-28 18:00 - 2013-08-18 14:53 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Malwarebytes
2014-11-28 18:00 - 2013-08-18 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-28 17:42 - 2014-02-06 16:28 - 01905094 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-28 12:00 - 2013-09-27 15:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-28 12:00 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-28 09:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-27 18:10 - 2013-01-06 04:20 - 00000000 ____D () C:\Users\Désirée\AppData\Local\Packages
2014-11-27 17:42 - 2014-02-06 16:10 - 00000000 ____D () C:\Users\Désirée
2014-11-27 17:38 - 2013-09-05 09:22 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\FileZilla
2014-11-27 17:36 - 2013-09-05 09:22 - 00002018 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-11-27 17:36 - 2013-09-05 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-27 17:36 - 2013-09-05 09:22 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-27 16:39 - 2013-03-31 15:29 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-11-27 16:39 - 2013-01-06 23:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-27 16:18 - 2013-08-22 15:46 - 00292179 _____ () C:\WINDOWS\setupact.log
2014-11-27 16:18 - 2013-01-06 22:38 - 00142336 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00068608 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00064000 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00061440 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00055808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-11-27 16:18 - 2013-01-06 22:37 - 00000000 ____D () C:\ProgramData\G DATA
2014-11-27 16:17 - 2012-11-30 09:22 - 00040408 _____ () C:\WINDOWS\DPINST.LOG
2014-11-27 14:47 - 2014-02-20 10:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-26 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-26 17:42 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 17:20 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-26 17:20 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-26 17:20 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-24 07:39 - 2013-08-22 15:44 - 00510968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-23 20:55 - 2013-07-13 15:30 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Opera Software
2014-11-23 20:55 - 2013-07-13 15:30 - 00000000 ____D () C:\Users\Désirée\AppData\Local\Opera Software
2014-11-23 14:58 - 2013-01-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-23 14:47 - 2013-09-11 20:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-23 14:42 - 2013-01-07 12:58 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-22 11:32 - 2013-01-18 20:28 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\vlc
2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 22:01 - 2013-08-19 20:11 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 12:48 - 2013-05-28 20:47 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Skype
2014-11-08 20:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-08 09:09 - 2013-07-12 12:30 - 00000000 ____D () C:\Users\Désirée\.gimp-2.8
2014-11-08 09:07 - 2013-07-12 12:41 - 00000000 ____D () C:\Users\Désirée\AppData\Local\gtk-2.0

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Désirée\AppData\Local\Temp\eauninstall.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\Quarantine.exe
C:\Users\Désirée\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Désirée\AppData\Local\Temp\sqlite3.dll
C:\Users\Désirée\AppData\Local\Temp\The Sims 2_uninst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-28 13:56

==================== End Of Log ============================
         
--- --- ---

--- --- ---




Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Désirée at 2014-11-28 18:56:17
Running from C:\Users\Désirée\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G DATA INTERNET SECURITY (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.1 - ASUS)
ASUS Product Demo Movie  (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.3 - G DATA Software AG)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6754 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

06-11-2014 19:49:33 Geplanter Prüfpunkt
23-11-2014 13:39:51 Windows Update
26-11-2014 16:35:33 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A677E1D-1161-4E69-99ED-C2F529368CB2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {0DF96126-12FE-44DB-BA82-9B6806C7B8FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1EBBCFB0-EE71-4B50-8D13-EF6E2AE2FF90} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {92DA0DF0-2BE8-4AB4-9E16-38B7A1B87A58} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-23] (Microsoft Corporation)
Task: {98AFFFE1-8277-47A3-9C89-B2C74617FA63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {D9FA70F8-A179-4611-8767-B9995832321B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {DA12C581-7FE6-45C7-A973-BF50AAB073AD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {DBDB9779-A45D-4626-952A-EFD1D2EE149C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {EF424FF7-A632-4FA9-ABC3-4753005AC4B9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-09-17] (ASUS)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2012-09-17 16:05 - 2012-09-17 16:05 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-09-17 16:05 - 2012-09-17 16:05 - 00028544 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-30 09:20 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-12 23:36 - 2013-12-12 23:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUSQuickGesture(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
MSCONFIG\startupreg: ASUSQuickGesture(x86) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
MSCONFIG\startupreg: ASUSTPLoader(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: G Data AntiVirus Tray => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: G Data AntiVirus Tray Application => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
MSCONFIG\startupreg: PowerSkin => c:\windows\temp\PowerSkin\PowerSkin.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2274478751-3046789010-2582509646-500 - Administrator - Disabled)
Désirée (S-1-5-21-2274478751-3046789010-2582509646-1001 - Administrator - Enabled) => C:\Users\Désirée
Gast (S-1-5-21-2274478751-3046789010-2582509646-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 847 @ 1.10GHz
Percentage of memory in use: 29%
Total physical RAM: 3979.62 MB
Available physical RAM: 2789.9 MB
Total Pagefile: 4683.62 MB
Available Pagefile: 2769.4 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:133.71 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:241.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B)

Partition: GPT Partition Type.

==================== End Of Log ============================
         


Alt 29.11.2014, 18:29   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Win 8: Probleme mit Installationen und sehr langsam

Alt 30.11.2014, 15:09   #7
Feline
 
Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Hallo,
hier die Logfiles.

Also Probleme aktuell keine mehr. Aber nach wie vor die Frage nach Opera, kannst du mir dazu vielleicht etwas sagen?

Und was war mit diesem „PUP.Optional.DigitalSites.A“ Registrierungsschlüssel, den Malwarebytes gefunden hat? Der wurde ja in Quarantäne geschoben, aber nicht gelöscht. Kann das so bleiben?
Und schlussendlich, kann ich mit dem PC wieder online Banking machen? Und ich hab am WE noch mit Paypal bezahlt, war irgendeine der Dateien da gefährlich? =/

Danke für deine Hilfe.




Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=932fcb10f11aac41ab4a588a1714dd34
# engine=21332
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-30 11:56:13
# local_time=2014-11-30 12:56:13 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 575270 42229866 0 0
# scanned=221088
# found=0
# cleaned=0
# scan_time=6838
         



Code:
ATTFilter
 Results of screen317's Security Check version 0.99.91  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
G DATA INTERNET SECURITY   
Windows Defender           
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 2.0.3.1025  
 Java 7 Update 71  
 Adobe Flash Player 	15.0.0.223  
 Adobe Reader 10.1.12 Adobe Reader out of Date!  
 Mozilla Firefox (33.0.3) 
 Google Chrome (39.0.2171.65) 
 Google Chrome (39.0.2171.71) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 G Data InternetSecurity Firewall GDFwSvcx64.exe 
 G Data InternetSecurity Firewall GDFirewallTray.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Ups, ich hab das FRST Log vergessen. Hier:


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Désirée (administrator) on FELICA on 30-11-2014 15:06:07
Running from C:\Users\Désirée\Desktop
Loaded Profile: Désirée (Available profiles: Désirée)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1756792 2014-05-20] (G Data Software AG)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll (ASUS Cloud Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Anti-Phishing - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\{bae4e2d9-a9ac-4f2c-a844-ff576912bcef} [2014-03-20]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2250360 2014-10-14] (G Data Software AG)
R3 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R3 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [2683760 2014-05-20] (G Data Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3228136 2014-08-21] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700536 2014-05-20] (G Data Software AG)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [55808 2014-11-27] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2014-11-27] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [142336 2014-11-27] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [64000 2014-11-27] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2014-11-27] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [107128 2013-07-13] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [61440 2014-11-27] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [13696 2012-09-17] (ASUSTek Computer Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52080 2013-12-12] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 13:01 - 2014-11-30 13:01 - 00852490 _____ () C:\Users\Désirée\Desktop\SecurityCheck.exe
2014-11-30 10:59 - 2014-11-30 10:59 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-30 10:58 - 2014-11-30 10:58 - 02347384 _____ (ESET) C:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe
2014-11-28 18:54 - 2014-11-28 18:54 - 00000616 _____ () C:\Users\Désirée\Desktop\JRT.txt
2014-11-28 18:40 - 2014-11-28 18:40 - 01707532 _____ (Thisisu) C:\Users\Désirée\Desktop\JRT.exe
2014-11-28 18:39 - 2014-11-28 18:39 - 00001120 _____ () C:\Users\Désirée\Desktop\AdwCleaner[S0].txt
2014-11-28 18:33 - 2014-11-28 18:36 - 00000000 ____D () C:\AdwCleaner
2014-11-28 18:32 - 2014-11-28 18:32 - 02148864 _____ () C:\Users\Désirée\Desktop\AdwCleaner_4.102.exe
2014-11-28 18:29 - 2014-11-28 18:29 - 00001350 _____ () C:\Users\Désirée\Desktop\mbam.txt
2014-11-28 18:01 - 2014-11-30 11:04 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-28 18:00 - 2014-11-28 18:00 - 00001120 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-28 18:00 - 2014-11-28 18:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-28 17:59 - 2014-11-28 18:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-28 17:59 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-11-28 17:59 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-11-28 17:58 - 2014-11-28 17:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Désirée\Desktop\mbam-setup-2.0.3.1025.exe
2014-11-27 19:03 - 2014-11-27 19:03 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Désirée\Desktop\tdsskiller.exe
2014-11-27 18:12 - 2014-11-27 18:12 - 00000017 _____ () C:\Users\Désirée\AppData\Local\resmon.resmoncfg
2014-11-27 17:52 - 2014-11-27 17:52 - 00004259 _____ () C:\Users\Désirée\Desktop\gmer.txt
2014-11-27 17:46 - 2014-11-27 17:46 - 00380416 _____ () C:\Users\Désirée\Desktop\699loxvp.exe
2014-11-27 17:45 - 2014-11-28 18:56 - 00015948 _____ () C:\Users\Désirée\Desktop\Addition.txt
2014-11-27 17:43 - 2014-11-30 15:06 - 00014381 _____ () C:\Users\Désirée\Desktop\FRST.txt
2014-11-27 17:42 - 2014-11-30 15:06 - 00000000 ____D () C:\FRST
2014-11-27 17:42 - 2014-11-27 17:42 - 02117632 _____ (Farbar) C:\Users\Désirée\Desktop\FRST64.exe
2014-11-27 17:42 - 2014-11-27 17:42 - 00000476 _____ () C:\Users\Désirée\Desktop\defogger_disable.log
2014-11-27 17:42 - 2014-11-27 17:42 - 00000000 _____ () C:\Users\Désirée\defogger_reenable
2014-11-27 17:39 - 2014-11-27 17:39 - 00050477 _____ () C:\Users\Désirée\Desktop\Defogger.exe
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieUserList
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieSiteList
2014-11-27 16:39 - 2014-11-27 16:39 - 00000000 __SHD () C:\Users\Désirée\AppData\Local\EmieBrowserModeList
2014-11-27 16:18 - 2014-11-27 16:18 - 00020992 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2014-11-27 16:18 - 2014-11-27 16:18 - 00002000 _____ () C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2014-11-27 16:18 - 2014-11-27 16:18 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_Kernel_GDKBFlt64_01007.Wdf
2014-11-27 16:18 - 2014-11-27 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2014-11-27 14:47 - 2014-11-27 14:47 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-27 14:47 - 2014-11-27 14:47 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-27 14:47 - 2014-11-27 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-27 14:47 - 2014-11-27 14:47 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-23 16:05 - 2014-11-23 16:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-19 18:10 - 2014-10-10 02:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-19 18:10 - 2014-10-10 02:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-19 18:10 - 2014-10-10 02:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-19 18:10 - 2014-10-08 08:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-19 18:10 - 2014-10-08 08:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-19 18:10 - 2014-10-08 08:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-19 18:10 - 2014-10-08 08:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-19 18:10 - 2014-10-08 07:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-19 18:10 - 2014-10-08 07:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-19 18:10 - 2014-10-08 07:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-19 18:10 - 2014-10-08 07:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-19 18:10 - 2014-10-08 07:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-19 18:10 - 2014-10-08 06:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-19 18:10 - 2014-09-27 08:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-19 18:10 - 2014-09-27 06:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-19 18:10 - 2014-09-27 04:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-19 18:10 - 2014-09-27 04:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-19 18:10 - 2014-09-27 04:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-19 18:09 - 2014-10-13 03:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-19 18:09 - 2014-10-11 01:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-19 18:09 - 2014-10-11 01:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-19 18:09 - 2014-10-08 08:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-19 18:09 - 2014-10-08 08:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-19 18:09 - 2014-10-08 07:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-19 18:09 - 2014-10-08 06:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-19 18:09 - 2014-10-08 06:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-19 18:09 - 2014-09-22 05:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-19 18:09 - 2014-09-22 04:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-19 18:09 - 2014-09-22 04:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-19 18:09 - 2014-09-22 03:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-19 18:09 - 2014-09-19 01:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-19 18:09 - 2014-09-02 23:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-19 18:09 - 2014-09-02 23:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-19 18:08 - 2014-10-31 06:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-19 18:08 - 2014-10-07 07:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-19 18:08 - 2014-10-07 07:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-19 18:08 - 2014-10-07 07:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-19 18:08 - 2014-10-07 04:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-19 18:08 - 2014-10-07 04:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-19 18:08 - 2014-10-07 04:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-19 18:08 - 2014-10-07 02:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-19 18:08 - 2014-10-07 02:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-19 18:08 - 2014-08-23 06:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-19 18:08 - 2014-08-23 06:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-19 18:07 - 2014-10-31 04:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-19 18:05 - 2014-10-31 04:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-19 18:05 - 2014-10-31 03:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-19 18:04 - 2014-10-31 06:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-19 18:04 - 2014-10-31 06:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-19 18:04 - 2014-10-31 06:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-19 18:04 - 2014-10-31 06:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-19 18:04 - 2014-10-31 06:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-19 18:04 - 2014-10-31 05:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-19 18:04 - 2014-10-31 05:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-19 18:04 - 2014-10-31 05:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-19 18:04 - 2014-10-31 05:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-19 18:04 - 2014-10-31 05:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-19 18:04 - 2014-10-31 05:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-19 18:04 - 2014-10-31 05:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-19 18:04 - 2014-10-31 05:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-19 18:04 - 2014-10-31 05:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-19 18:04 - 2014-10-31 05:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-19 18:04 - 2014-10-31 05:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-19 18:04 - 2014-10-31 05:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-19 18:04 - 2014-10-31 05:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-19 18:04 - 2014-10-31 05:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-19 18:04 - 2014-10-31 05:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-19 18:04 - 2014-10-31 05:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-19 18:04 - 2014-10-31 05:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-19 18:04 - 2014-10-31 05:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-19 18:04 - 2014-10-31 05:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-19 18:04 - 2014-10-31 05:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-19 18:04 - 2014-10-31 05:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-19 18:04 - 2014-10-31 05:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-19 18:04 - 2014-10-31 05:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-19 18:04 - 2014-10-31 05:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-19 18:04 - 2014-10-31 05:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-19 18:04 - 2014-10-31 04:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-19 18:04 - 2014-10-31 04:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-19 18:04 - 2014-10-31 04:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-19 18:04 - 2014-10-31 04:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-19 18:04 - 2014-10-31 04:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-19 18:04 - 2014-10-31 04:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-19 18:04 - 2014-10-31 04:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-19 18:04 - 2014-10-31 04:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-19 18:04 - 2014-10-31 04:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-19 18:04 - 2014-10-31 04:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-19 18:04 - 2014-10-31 04:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-19 18:04 - 2014-10-31 04:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-19 18:04 - 2014-10-31 04:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-19 18:04 - 2014-10-31 04:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-19 18:04 - 2014-10-31 04:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-19 18:04 - 2014-10-31 04:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-19 18:04 - 2014-10-31 03:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-19 18:04 - 2014-10-31 03:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-19 18:04 - 2014-10-31 03:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-19 18:04 - 2014-10-31 03:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-19 18:04 - 2014-10-31 03:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-19 18:04 - 2014-10-31 03:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-19 18:04 - 2014-10-31 03:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-19 18:04 - 2014-10-31 03:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-19 18:04 - 2014-10-31 03:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-19 18:04 - 2014-10-31 03:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-19 18:04 - 2014-10-31 03:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-19 18:04 - 2014-10-31 03:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-19 18:04 - 2014-10-31 03:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-19 18:04 - 2014-10-31 03:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-19 18:04 - 2014-10-31 03:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-19 18:04 - 2014-10-31 03:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-19 18:04 - 2014-10-31 03:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-19 18:04 - 2014-10-31 03:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-19 18:04 - 2014-10-31 03:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-19 18:03 - 2014-10-31 06:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-19 18:03 - 2014-10-31 06:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-19 18:03 - 2014-10-31 06:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-19 18:03 - 2014-10-31 06:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-19 18:03 - 2014-10-31 06:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-19 18:03 - 2014-10-31 06:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-19 18:03 - 2014-10-31 06:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-19 18:03 - 2014-10-31 05:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-19 18:03 - 2014-10-31 05:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-19 18:03 - 2014-10-31 05:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-19 18:03 - 2014-10-31 04:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-19 18:03 - 2014-10-31 04:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-19 18:03 - 2014-10-31 04:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-19 18:03 - 2014-10-31 04:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-19 18:03 - 2014-10-31 04:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-19 18:03 - 2014-10-31 04:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-19 18:03 - 2014-10-31 04:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-19 18:03 - 2014-10-31 04:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-19 18:03 - 2014-10-31 04:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-19 18:03 - 2014-10-31 04:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-19 18:03 - 2014-10-31 04:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-19 18:02 - 2014-11-10 00:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-19 18:02 - 2014-11-10 00:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-19 18:02 - 2014-11-10 00:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-19 18:02 - 2014-11-10 00:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-19 18:02 - 2014-10-23 06:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-19 18:02 - 2014-10-23 06:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-19 18:02 - 2014-10-18 10:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-19 18:02 - 2014-10-18 09:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-19 18:02 - 2014-10-18 09:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-19 18:02 - 2014-10-18 08:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-19 18:02 - 2014-10-18 07:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-19 18:02 - 2014-10-18 07:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-19 18:02 - 2014-10-18 07:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-19 18:02 - 2014-10-18 07:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-19 18:02 - 2014-10-18 07:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-19 18:02 - 2014-10-18 07:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-19 18:02 - 2014-10-18 07:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-19 18:02 - 2014-10-18 07:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-19 18:02 - 2014-10-18 07:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-19 18:02 - 2014-10-18 07:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-19 18:02 - 2014-10-18 07:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-19 18:02 - 2014-10-18 07:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-19 18:02 - 2014-10-17 08:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-19 18:02 - 2014-10-17 07:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-19 18:02 - 2014-10-07 04:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-19 18:02 - 2014-09-10 07:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-19 18:02 - 2014-09-08 04:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-19 18:02 - 2014-09-08 04:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-19 18:02 - 2014-09-07 23:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-19 18:02 - 2014-09-04 23:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-19 18:02 - 2014-09-04 23:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-19 18:02 - 2014-09-04 04:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-19 18:02 - 2014-09-04 03:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-19 18:02 - 2014-09-04 02:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-19 18:02 - 2014-09-04 01:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-19 18:02 - 2014-08-31 01:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-19 18:02 - 2014-08-31 01:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-19 18:02 - 2014-08-30 23:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-19 18:02 - 2014-08-30 23:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-19 18:02 - 2014-08-30 22:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-19 18:02 - 2014-08-30 22:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-19 18:02 - 2014-08-30 21:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-19 18:02 - 2014-08-30 21:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-19 18:02 - 2014-08-28 03:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-19 18:02 - 2014-08-28 01:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-19 18:02 - 2014-08-28 01:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-19 18:02 - 2014-08-23 06:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-19 18:02 - 2014-08-23 06:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-19 18:02 - 2014-08-23 05:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-19 18:02 - 2014-08-02 01:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-19 18:02 - 2014-08-02 01:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-08 09:07 - 2014-11-08 09:07 - 00003472 _____ () C:\Users\Désirée\AppData\Local\recently-used.xbel

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-30 15:06 - 2013-08-19 20:11 - 00001132 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-30 15:05 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-30 11:05 - 2014-02-06 16:28 - 01995725 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-29 09:18 - 2013-08-19 20:11 - 00003870 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-29 09:18 - 2013-08-19 20:11 - 00001128 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-29 09:18 - 2012-11-30 09:30 - 00003024 _____ () C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2014-11-29 09:17 - 2013-01-06 04:21 - 00000401 _____ () C:\Users\Désirée\AppData\Roaming\sp_data.sys
2014-11-29 09:17 - 2012-11-30 09:32 - 00003052 _____ () C:\WINDOWS\System32\Tasks\ASUS P4G
2014-11-29 09:17 - 2012-11-30 09:29 - 00003114 _____ () C:\WINDOWS\System32\Tasks\ASUS Live Update
2014-11-28 18:39 - 2012-11-30 10:12 - 00003017 _____ () C:\WINDOWS\system32\ServiceFilter.ini
2014-11-28 18:38 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-28 18:37 - 2013-11-13 23:18 - 00015248 _____ () C:\WINDOWS\PFRO.log
2014-11-28 18:21 - 2013-01-06 04:31 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2274478751-3046789010-2582509646-1001
2014-11-28 18:00 - 2013-08-18 14:53 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Malwarebytes
2014-11-28 18:00 - 2013-08-18 14:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-28 12:00 - 2013-09-27 15:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-28 12:00 - 2013-08-22 14:25 - 00786432 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-28 09:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-27 18:10 - 2013-01-06 04:20 - 00000000 ____D () C:\Users\Désirée\AppData\Local\Packages
2014-11-27 17:42 - 2014-02-06 16:10 - 00000000 ____D () C:\Users\Désirée
2014-11-27 17:38 - 2013-09-05 09:22 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\FileZilla
2014-11-27 17:36 - 2013-09-05 09:22 - 00002018 _____ () C:\Users\Public\Desktop\FileZilla Client.lnk
2014-11-27 17:36 - 2013-09-05 09:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-11-27 17:36 - 2013-09-05 09:22 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-11-27 16:39 - 2013-03-31 15:29 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JoWooD
2014-11-27 16:39 - 2013-01-06 23:11 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-11-27 16:18 - 2013-08-22 15:46 - 00292179 _____ () C:\WINDOWS\setupact.log
2014-11-27 16:18 - 2013-01-06 22:38 - 00142336 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00068608 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00064000 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00061440 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-11-27 16:18 - 2013-01-06 22:38 - 00055808 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-11-27 16:18 - 2013-01-06 22:37 - 00000000 ____D () C:\ProgramData\G DATA
2014-11-27 16:17 - 2012-11-30 09:22 - 00040408 _____ () C:\WINDOWS\DPINST.LOG
2014-11-27 14:47 - 2014-02-20 10:19 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-26 21:23 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-26 17:42 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-26 17:20 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-26 17:20 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-11-26 17:20 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-11-24 07:39 - 2013-08-22 15:44 - 00510968 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-23 22:08 - 2013-08-22 16:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-23 20:55 - 2013-07-13 15:30 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Opera Software
2014-11-23 20:55 - 2013-07-13 15:30 - 00000000 ____D () C:\Users\Désirée\AppData\Local\Opera Software
2014-11-23 14:58 - 2013-01-06 23:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-23 14:47 - 2013-09-11 20:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-23 14:42 - 2013-01-07 12:58 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-22 11:32 - 2013-01-18 20:28 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\vlc
2014-11-20 21:51 - 2013-08-22 16:38 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-11-20 21:51 - 2013-08-22 16:38 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-16 22:01 - 2013-08-19 20:11 - 00004104 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-09 12:48 - 2013-05-28 20:47 - 00000000 ____D () C:\Users\Désirée\AppData\Roaming\Skype
2014-11-08 20:49 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-08 09:09 - 2013-07-12 12:30 - 00000000 ____D () C:\Users\Désirée\.gimp-2.8
2014-11-08 09:07 - 2013-07-12 12:41 - 00000000 ____D () C:\Users\Désirée\AppData\Local\gtk-2.0

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe


Some content of TEMP:
====================
C:\Users\Désirée\AppData\Local\Temp\eauninstall.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\Quarantine.exe
C:\Users\Désirée\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Désirée\AppData\Local\Temp\sqlite3.dll
C:\Users\Désirée\AppData\Local\Temp\The Sims 2_uninst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-28 19:53

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Désirée at 2014-11-30 15:07:50
Running from C:\Users\Désirée\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G DATA INTERNET SECURITY (Disabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Disabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Disabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.1 - ASUS)
ASUS Product Demo Movie  (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version:  - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05152 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05152 - Cisco Systems, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
G DATA INTERNET SECURITY (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.2.3 - G DATA Software AG)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{37D0157F-45C6-4DB2-9AE5-489DD98CE169}) (Version: 11.1.2.31 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6754 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

06-11-2014 19:49:33 Geplanter Prüfpunkt
23-11-2014 13:39:51 Windows Update
26-11-2014 16:35:33 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A677E1D-1161-4E69-99ED-C2F529368CB2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {0DF96126-12FE-44DB-BA82-9B6806C7B8FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {1EBBCFB0-EE71-4B50-8D13-EF6E2AE2FF90} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {98AFFFE1-8277-47A3-9C89-B2C74617FA63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {D9FA70F8-A179-4611-8767-B9995832321B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {DA12C581-7FE6-45C7-A973-BF50AAB073AD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {DBDB9779-A45D-4626-952A-EFD1D2EE149C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {DC8C18BB-E678-4646-BB97-7F6920C1440F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-23] (Microsoft Corporation)
Task: {EF424FF7-A632-4FA9-ABC3-4753005AC4B9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-09-17] (ASUS)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-20 02:38 - 2014-05-20 02:38 - 00340088 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-01-29 23:02 - 2014-01-29 23:02 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2012-09-17 16:05 - 2012-09-17 16:05 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-09-17 16:05 - 2012-09-17 16:05 - 00028544 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-30 09:20 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-12-12 23:36 - 2013-12-12 23:36 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-08-24 18:17 - 2012-08-24 18:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUSQuickGesture(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
MSCONFIG\startupreg: ASUSQuickGesture(x86) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
MSCONFIG\startupreg: ASUSTPLoader(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: G Data AntiVirus Tray => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: G Data AntiVirus Tray Application => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
MSCONFIG\startupreg: PowerSkin => c:\windows\temp\PowerSkin\PowerSkin.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3 
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2274478751-3046789010-2582509646-500 - Administrator - Disabled)
Désirée (S-1-5-21-2274478751-3046789010-2582509646-1001 - Administrator - Enabled) => C:\Users\Désirée
Gast (S-1-5-21-2274478751-3046789010-2582509646-501 - Limited - Disabled)

==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (11/30/2014 00:59:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/30/2014 10:59:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/30/2014 10:59:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/30/2014 10:59:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/30/2014 10:59:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (11/30/2014 10:58:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (11/30/2014 01:07:37 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/30/2014 00:57:17 PM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/29/2014 00:20:40 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/29/2014 10:56:17 AM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz. Die Dateireferenznummer ist 0x7800000002b041. Der Name der Datei ist "\Windows\WinSxS".

Error: (11/29/2014 10:56:17 AM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x6000000022865. Der Name der Datei ist "\Users\Default". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".

Error: (11/29/2014 10:55:37 AM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "OS" wurde eine Beschädigung erkannt.

In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x35000000024344. Der Name der Datei ist "\Windows\System32\config". Das Attribut des beschädigten Indexes ist ":$I30:$INDEX_ALLOCATION".

Error: (11/29/2014 09:50:06 AM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/28/2014 08:20:50 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/28/2014 08:02:21 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (11/28/2014 07:54:08 PM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (11/30/2014 00:59:38 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (11/30/2014 10:59:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe

Error: (11/30/2014 10:59:38 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe

Error: (11/30/2014 10:59:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe

Error: (11/30/2014 10:59:34 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe

Error: (11/30/2014 10:58:45 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe


==================== Memory info =========================== 

Processor: Intel(R) Celeron(R) CPU 847 @ 1.10GHz
Percentage of memory in use: 42%
Total physical RAM: 3979.62 MB
Available physical RAM: 2296.54 MB
Total Pagefile: 4683.62 MB
Available Pagefile: 2401.57 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:133.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:241.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 30.11.2014, 22:18   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Die Quarantäne ist ja extra dafür da, also können die Funde da bleiben .

Adobe updaten.

Veraltete Versionen sind immer ein Sicherheitsrisiko.


Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.11.2014, 23:05   #9
Feline
 
Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Hallo,

super, danke!
DelFix funktioniert irgendwie nicht, da kommt nur die Meldung, dass die App auf diesem Computer nicht ausgeführt werden kann und ich mich an den Softwarehersteller wenden soll. Aber ich deinstalliere die Tools dann einfach so.

Alt 01.12.2014, 20:45   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Schalte mal dein AV Programm ab und versuch Delfix nochmal
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.12.2014, 09:56   #11
Feline
 
Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Jetzt hats funktioniert. Vielen Dank!

Alt 03.12.2014, 08:31   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Win 8: Probleme mit Installationen und sehr langsam - Standard

Win 8: Probleme mit Installationen und sehr langsam



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Win 8: Probleme mit Installationen und sehr langsam
beschädigung, bonjour, browser, computer, defender, fehlercode 0xc0000142, fehlercode 10, fehlercode 22, flash player, g-data, installation, langsam, mozilla, pup.optional.digitalsites.a, registry, services.exe, software, svchost.exe, this device is disabled. (code 22), updates, warnung, windows



Ähnliche Themen: Win 8: Probleme mit Installationen und sehr langsam


  1. Windows bzw. ganzer Rechner läuft sehr sehr langsam.....
    Plagegeister aller Art und deren Bekämpfung - 28.09.2015 (11)
  2. Windows 8: Browser sehr langsam, Probleme mit dem wlan
    Plagegeister aller Art und deren Bekämpfung - 17.07.2015 (23)
  3. Mein Notebook arbeitet sehr sehr langsam evtl. virus?
    Plagegeister aller Art und deren Bekämpfung - 09.02.2015 (13)
  4. Browser bauen Websites sehr langsam auf. Das Internet ist aber ohne Probleme!
    Plagegeister aller Art und deren Bekämpfung - 03.05.2014 (13)
  5. Probleme bei Downloads und Installationen
    Plagegeister aller Art und deren Bekämpfung - 08.04.2014 (18)
  6. Windows Vista fährt nur sehr langsam hoch und braucht sehr lange um Befehle auszufuehren.
    Log-Analyse und Auswertung - 22.11.2013 (1)
  7. Der Rechner startet sehr langsam und es gibt Probleme mit Viren bzw. Adware
    Log-Analyse und Auswertung - 11.11.2013 (3)
  8. Programme starten sehr langsam / Windows allg. sehr lahm
    Log-Analyse und Auswertung - 18.05.2013 (2)
  9. Mehrfach Probleme bei Installationen von Programmen
    Plagegeister aller Art und deren Bekämpfung - 10.02.2013 (26)
  10. Pc wird sehr sehr langsam, Virenscanner schlägt ständig Alarm
    Log-Analyse und Auswertung - 05.06.2012 (4)
  11. viele Internetseiten nicht mehr erreichbar oder sehr sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 25.05.2012 (13)
  12. PC sehr langsam und Programme öffnen sich sehr langsam...
    Log-Analyse und Auswertung - 01.05.2012 (5)
  13. Prozesse doppelt, PC sehr sehr langsam, hängt sich auf, noch zu retten?
    Log-Analyse und Auswertung - 30.06.2010 (2)
  14. Probleme mit Installationen
    Plagegeister aller Art und deren Bekämpfung - 25.06.2010 (1)
  15. Windows XP Sehr Langsam und Probleme mit der "Senden an" Funktion
    Log-Analyse und Auswertung - 10.07.2009 (0)
  16. Mein rechner ist seit eine viren attake sehr sehr langsam
    Log-Analyse und Auswertung - 10.02.2009 (0)
  17. Log + Problembescheibung (PC sehr langsam und weitere Probleme)
    Log-Analyse und Auswertung - 22.10.2007 (1)

Zum Thema Win 8: Probleme mit Installationen und sehr langsam - Hallo, leider hab ich seit ein paar Tagen Probleme mit meinem Netbook. Ich hab blöderweise mit den Updates für G-Data, Adobe Reader und Java geschlampt und als ich sie dann - Win 8: Probleme mit Installationen und sehr langsam...
Archiv
Du betrachtest: Win 8: Probleme mit Installationen und sehr langsam auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.