Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: CPU sark beansprucht! Lüfter laut!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 05.03.2015, 14:27   #1
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Hallo zusammen,

der Lüfter meines Laptops läuft ständig, auch wenn ich nur ein Programm, wie Word, geöffnet habe.

Mein Betriebssytem ist Windows 7 64-bit.

Den Anweisungen zu Folge habe ich log Dateien von FRST und GMER, sowie von Spybot an dieses Post gehängt.

Kann mir da jemand helfen?

Vielen Dank im Voraus!

Ben



FRST log:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Stephan Blank (administrator) on STEPHANBLANK-PC on 05-03-2015 13:28:38
Running from C:\Users\Stephan Blank\Downloads
Loaded Profiles: Stephan Blank (Available profiles: Stephan Blank)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {00490a07-9cac-11e4-bf34-001e101f859f} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {6e697069-a002-11e4-ab98-3859f9ee31e8} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310d93-a189-11e4-9379-3859f9ee31e8} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310dbd-a189-11e4-9379-3859f9ee31e8} - F:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb29f-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb4ac-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7ef47728-97fd-11e4-899c-f0bf9768a697} - F:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {91b7f05d-a172-11e4-b755-001e101f4da1} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {9352db18-9cf9-11e4-9e18-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e16dc10a-a260-11e4-9ab7-3859f9ee31e8} - G:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e31f1bce-9fc2-11e4-8d44-f0bf9768a697} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {eff3f5c1-9a74-11e4-a959-001e101f8aaa} - F:\Startme.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{8F209CFD-1138-4000-B708-6117B200EA23}: [NameServer] 213.94.78.17 213.94.78.16
Tcpip\..\Interfaces\{BD5E0201-A624-4C66-8AE3-0E68D7A650AA}: [NameServer] 213.94.78.16 213.94.78.17

FireFox:
========
FF ProfilePath: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3493849748-3862360928-3587676368-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-maps.xml
FF Extension: Cliqz Beta - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\cliqz@cliqz.com.xpi [2015-01-15]
FF Extension: Adblock Plus - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-28]
FF HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-28] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-28] (Avast Software)
R2 BecHelperService; C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] ()
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [346832 2012-12-12] ()
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-28] ()
S2 mdvrmng; C:\Windows\SysWOW64\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed]
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-28] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-28] (Avast Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.)
S3 avchv; system32\DRIVERS\avchv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 13:21 - 2015-03-05 13:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephan Blank\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-05 11:49 - 2015-03-05 11:49 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-49-23.062-AvastVBoxSVC.exe-4648.log
2015-03-05 11:46 - 2015-03-05 11:46 - 00000056 _____ () C:\Windows\setupact.log
2015-03-05 11:46 - 2015-03-05 11:46 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-05 11:06 - 2015-03-05 11:06 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-06-25.074-AvastVBoxSVC.exe-4712.log
2015-03-04 21:19 - 2015-03-04 21:19 - 00000197 _____ () C:\Windows\system32\2015-03-04-20-19-14.018-AvastVBoxSVC.exe-3796.log
2015-03-04 10:44 - 2015-03-04 10:44 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-44-05.019-AvastVBoxSVC.exe-3184.log
2015-03-04 09:03 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-08-03-42.054-aswFe.exe-488.log
2015-03-04 08:55 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-07-55-28.024-aswFe.exe-5172.log
2015-03-04 08:55 - 2015-03-04 08:55 - 00000197 _____ () C:\Windows\system32\2015-03-04-07-55-19.052-AvastVBoxSVC.exe-5608.log
2015-03-03 21:28 - 2015-03-03 21:28 - 00000197 _____ () C:\Windows\system32\2015-03-03-20-28-47.001-AvastVBoxSVC.exe-3492.log
2015-03-03 18:04 - 2015-03-03 18:04 - 00000197 _____ () C:\Windows\system32\2015-03-03-17-04-42.022-AvastVBoxSVC.exe-4500.log
2015-03-03 17:45 - 2015-03-03 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-03-03 17:42 - 2015-03-03 17:43 - 16342352 _____ (Geek Software GmbH ) C:\Users\Stephan Blank\Downloads\pdf24-creator-6.9.2.exe
2015-03-03 17:12 - 2015-03-04 16:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-03-03 17:12 - 2015-03-03 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-03 17:12 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\system32\pdfcmnnt.dll
2015-03-03 17:12 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2015-03-03 17:12 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2015-03-03 17:12 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2015-03-03 17:12 - 1998-07-06 00:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2015-03-03 17:12 - 1998-06-24 00:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2015-03-03 15:17 - 2015-03-03 15:17 - 00000197 _____ () C:\Windows\system32\2015-03-03-14-17-43.089-AvastVBoxSVC.exe-3492.log
2015-03-03 10:54 - 2015-03-03 10:54 - 00000197 _____ () C:\Windows\system32\2015-03-03-09-54-07.085-AvastVBoxSVC.exe-3540.log
2015-03-03 08:23 - 2015-03-03 08:23 - 00000197 _____ () C:\Windows\system32\2015-03-03-07-23-09.086-AvastVBoxSVC.exe-3604.log
2015-03-03 07:31 - 2015-03-03 07:31 - 00000197 _____ () C:\Windows\system32\2015-03-03-06-31-39.003-AvastVBoxSVC.exe-3576.log
2015-03-02 23:00 - 2015-03-02 23:00 - 00000197 _____ () C:\Windows\system32\2015-03-02-22-00-48.075-AvastVBoxSVC.exe-3520.log
2015-03-02 20:05 - 2015-03-02 20:05 - 00000197 _____ () C:\Windows\system32\2015-03-02-19-05-41.014-AvastVBoxSVC.exe-4720.log
2015-03-02 12:53 - 2015-03-02 12:53 - 01728888 _____ (Microsoft Corporation) C:\Users\Stephan Blank\Downloads\proof2010-kb2553272-fullfile-x64-en-us.exe
2015-03-02 12:42 - 2015-03-02 12:42 - 00000197 _____ () C:\Windows\system32\2015-03-02-11-42-28.068-AvastVBoxSVC.exe-3480.log
2015-03-01 18:55 - 2015-03-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-03-01-17-55-48.005-AvastVBoxSVC.exe-3480.log
2015-03-01 12:49 - 2015-03-01 12:49 - 00000197 _____ () C:\Windows\system32\2015-03-01-11-49-42.010-AvastVBoxSVC.exe-4476.log
2015-03-01 00:35 - 2015-03-01 00:35 - 00000197 _____ () C:\Windows\system32\2015-02-28-23-35-52.017-AvastVBoxSVC.exe-3644.log
2015-02-28 19:29 - 2015-02-28 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-28-18-29-27.032-AvastVBoxSVC.exe-3036.log
2015-02-28 12:58 - 2015-03-03 07:44 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\CrashDumps
2015-02-28 12:47 - 2015-02-28 12:47 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-28 12:47 - 2015-02-28 12:47 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-28 12:01 - 2015-02-28 12:01 - 01388274 _____ (Thisisu) C:\Users\Stephan Blank\Downloads\JRT.exe
2015-02-28 12:00 - 2015-02-28 12:01 - 15536728 _____ () C:\Users\Stephan Blank\Downloads\RogueKiller.exe
2015-02-28 11:53 - 2015-02-28 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-28-10-53-27.027-AvastVBoxSVC.exe-3548.log
2015-02-27 23:37 - 2015-02-27 23:38 - 00000197 _____ () C:\Windows\system32\2015-02-27-22-37-58.090-AvastVBoxSVC.exe-3644.log
2015-02-27 18:50 - 2015-02-27 18:50 - 00000247 _____ () C:\Windows\system32\2015-02-27-17-50-21.009-aswFe.exe-5632.log
2015-02-27 18:46 - 2015-02-27 18:46 - 00000197 _____ () C:\Windows\system32\2015-02-27-17-46-55.057-AvastVBoxSVC.exe-5832.log
2015-02-27 11:38 - 2015-02-28 12:40 - 00010661 _____ () C:\Users\Stephan Blank\Documents\Comunio_Marktwerte.xlsx
2015-02-27 11:22 - 2015-02-27 11:23 - 18687064 _____ () C:\Users\Stephan Blank\Downloads\RogueKillerX64.exe
2015-02-27 11:15 - 2015-03-03 11:05 - 00000000 ____D () C:\Sicherung_150227
2015-02-27 11:11 - 2015-03-05 11:50 - 00226783 _____ () C:\Windows\WindowsUpdate.log
2015-02-27 11:11 - 2015-02-27 11:11 - 00000197 _____ () C:\Windows\system32\2015-02-27-10-11-23.058-AvastVBoxSVC.exe-3984.log
2015-02-26 21:16 - 2015-02-26 21:16 - 00000197 _____ () C:\Windows\system32\2015-02-26-20-16-42.091-AvastVBoxSVC.exe-4460.log
2015-02-26 19:39 - 2015-02-26 19:39 - 00000000 ____D () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition
2015-02-26 19:37 - 2015-02-26 19:39 - 14086761 _____ () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition.zip
2015-02-26 18:41 - 2015-02-26 18:41 - 00000197 _____ () C:\Windows\system32\2015-02-26-17-41-36.093-AvastVBoxSVC.exe-4796.log
2015-02-26 14:27 - 2015-02-26 14:27 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-27-51.034-AvastVBoxSVC.exe-4488.log
2015-02-26 14:10 - 2015-02-26 14:10 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-10-20.086-AvastVBoxSVC.exe-3572.log
2015-02-26 12:13 - 2015-02-26 12:13 - 00009608 _____ () C:\Users\Stephan Blank\Documents\Comunio_Spieltag_punkte.xlsx
2015-02-26 12:01 - 2015-02-26 12:01 - 00000197 _____ () C:\Windows\system32\2015-02-26-11-01-19.072-AvastVBoxSVC.exe-4064.log
2015-02-26 11:53 - 2015-02-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-26-10-53-07.007-AvastVBoxSVC.exe-3964.log
2015-02-25 22:50 - 2015-02-25 22:50 - 00000197 _____ () C:\Windows\system32\2015-02-25-21-50-52.045-AvastVBoxSVC.exe-4628.log
2015-02-25 15:09 - 2015-02-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-25 13:08 - 2015-02-25 13:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-25 11:17 - 2015-02-25 11:17 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-17-47.018-AvastVBoxSVC.exe-3720.log
2015-02-25 11:07 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 11:07 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 11:00 - 2015-02-25 11:00 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-00-53.059-AvastVBoxSVC.exe-3960.log
2015-02-24 19:24 - 2015-02-24 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-24-18-24-44.078-AvastVBoxSVC.exe-4632.log
2015-02-24 10:44 - 2015-02-24 10:44 - 00000197 _____ () C:\Windows\system32\2015-02-24-09-44-33.000-AvastVBoxSVC.exe-4804.log
2015-02-23 18:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-02-23 18:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-02-23 18:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-02-23 18:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-02-23 18:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-02-23 18:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-02-23 18:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-02-23 18:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-02-23 18:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-02-23 18:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-02-23 18:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-02-23 18:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-02-23 18:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-02-23 18:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-02-23 18:21 - 2015-02-23 18:21 - 00666160 _____ () C:\Users\Stephan Blank\Downloads\tmnationsforever_setup_CB-DL-Manager.exe
2015-02-23 18:00 - 2015-02-23 18:00 - 00000197 _____ () C:\Windows\system32\2015-02-23-17-00-22.031-AvastVBoxSVC.exe-4492.log
2015-02-23 11:58 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-23 11:58 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-23 11:58 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-23 11:58 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-23 11:09 - 2015-02-23 11:09 - 00000197 _____ () C:\Windows\system32\2015-02-23-10-09-44.024-AvastVBoxSVC.exe-4888.log
2015-02-22 15:43 - 2015-02-22 15:43 - 00000197 _____ () C:\Windows\system32\2015-02-22-14-43-36.013-AvastVBoxSVC.exe-4780.log
2015-02-22 14:07 - 2015-02-22 14:07 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition2.txt
2015-02-22 13:55 - 2015-02-22 13:56 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition.txt
2015-02-22 13:54 - 2015-03-05 13:28 - 00017436 _____ () C:\Users\Stephan Blank\Downloads\FRST.txt
2015-02-22 13:54 - 2015-03-05 13:28 - 00000000 ____D () C:\FRST
2015-02-22 13:49 - 2015-03-05 13:28 - 02092544 _____ (Farbar) C:\Users\Stephan Blank\Downloads\FRST64.exe
2015-02-22 13:37 - 2015-02-23 18:51 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\dlg
2015-02-22 13:07 - 2015-02-22 13:07 - 44240384 _____ () C:\Users\Stephan Blank\Documents\Untitled.avi
2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MonkeyJam
2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonkeyJam
2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Program Files (x86)\MonkeyJam
2015-02-22 12:56 - 2005-02-27 17:11 - 00424960 _____ () C:\Windows\SysWOW64\wavdest.ax
2015-02-22 12:55 - 2015-02-22 12:55 - 00669184 _____ () C:\Users\Stephan Blank\Downloads\MonkeyJamSetup_CB-DL-Manager.exe
2015-02-22 09:57 - 2015-02-22 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-22-08-57-17.056-AvastVBoxSVC.exe-4996.log
2015-02-21 19:44 - 2015-02-21 19:44 - 00000197 _____ () C:\Windows\system32\2015-02-21-18-44-00.009-AvastVBoxSVC.exe-5136.log
2015-02-21 12:48 - 2015-02-21 12:49 - 00000197 _____ () C:\Windows\system32\2015-02-21-11-48-39.033-AvastVBoxSVC.exe-4732.log
2015-02-20 23:48 - 2015-02-20 23:48 - 00000197 _____ () C:\Windows\system32\2015-02-20-22-48-06.023-AvastVBoxSVC.exe-4808.log
2015-02-20 16:16 - 2015-02-20 16:16 - 00000000 ____D () C:\Users\Stephan Blank\Documents\EndNote
2015-02-20 14:00 - 2015-02-20 17:13 - 00000000 ____D () C:\Sicherung_150220
2015-02-20 14:00 - 2015-02-20 14:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-13-00-12.013-AvastVBoxSVC.exe-4648.log
2015-02-20 10:00 - 2015-02-20 10:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-09-00-49.026-AvastVBoxSVC.exe-4848.log
2015-02-19 19:13 - 2015-02-19 19:13 - 00000197 _____ () C:\Windows\system32\2015-02-19-18-13-41.032-AvastVBoxSVC.exe-4420.log
2015-02-19 18:59 - 2015-02-19 18:59 - 00000197 _____ () C:\Windows\system32\2015-02-19-17-59-11.035-AvastVBoxSVC.exe-4384.log
2015-02-19 11:15 - 2015-02-19 11:15 - 00000197 _____ () C:\Windows\system32\2015-02-19-10-15-44.076-AvastVBoxSVC.exe-5312.log
2015-02-19 11:00 - 2015-03-05 11:45 - 00000000 ____D () C:\AdwCleaner
2015-02-19 11:00 - 2015-03-05 11:42 - 02126848 _____ () C:\Users\Stephan Blank\Downloads\AdwCleaner.exe
2015-02-19 10:26 - 2015-02-19 10:26 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\SuperAntiSpyware - CHIP-Installer.exe
2015-02-19 09:40 - 2015-02-19 09:40 - 00000197 _____ () C:\Windows\system32\2015-02-19-08-40-12.013-AvastVBoxSVC.exe-4912.log
2015-02-19 07:44 - 2015-02-19 07:44 - 00000197 _____ () C:\Windows\system32\2015-02-19-06-44-37.007-AvastVBoxSVC.exe-4136.log
2015-02-18 21:04 - 2015-03-05 13:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-18 21:04 - 2015-02-18 22:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-18 21:01 - 2015-02-18 21:01 - 00000197 _____ () C:\Windows\system32\2015-02-18-20-01-27.016-AvastVBoxSVC.exe-4672.log
2015-02-18 10:50 - 2015-02-18 10:50 - 00000197 _____ () C:\Windows\system32\2015-02-18-09-50-38.011-AvastVBoxSVC.exe-5080.log
2015-02-17 21:54 - 2015-02-17 21:54 - 00000197 _____ () C:\Windows\system32\2015-02-17-20-54-53.062-AvastVBoxSVC.exe-3892.log
2015-02-17 20:55 - 2015-02-17 20:55 - 00000000 ____D () C:\Users\Stephan Blank\Documents\My Games
2015-02-17 19:48 - 2015-02-17 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine
2015-02-17 19:46 - 2015-02-19 19:53 - 00000000 ____D () C:\Windows\Panzer Corps
2015-02-17 19:46 - 2015-02-17 19:46 - 00000000 ____D () C:\Program Files (x86)\Slitherine
2015-02-17 18:43 - 2015-02-17 18:43 - 00000197 _____ () C:\Windows\system32\2015-02-17-17-43-17.023-AvastVBoxSVC.exe-4892.log
2015-02-17 16:58 - 2015-02-17 16:58 - 00022833 _____ () C:\Users\Stephan Blank\.recently-used.xbel
2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\Program Files\7-Zip
2015-02-17 12:15 - 2015-02-17 12:15 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\7 Zip 64 Bit - CHIP-Installer.exe
2015-02-17 09:57 - 2015-02-17 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-17-08-57-20.036-AvastVBoxSVC.exe-4472.log
2015-02-16 23:47 - 2015-02-16 23:47 - 00000197 _____ () C:\Windows\system32\2015-02-16-22-47-55.033-AvastVBoxSVC.exe-4364.log
2015-02-16 17:45 - 2015-02-16 17:45 - 00000197 _____ () C:\Windows\system32\2015-02-16-16-45-34.007-AvastVBoxSVC.exe-4508.log
2015-02-16 12:45 - 2015-03-04 16:13 - 00000000 ____D () C:\CC_Registry_Cleaner_Sicherung
2015-02-16 12:42 - 2015-02-16 12:42 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-16 12:17 - 2015-02-16 12:17 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-17-25.063-AvastVBoxSVC.exe-3792.log
2015-02-16 12:12 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-16 12:12 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-16 12:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-16 12:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-16 12:05 - 2015-02-16 12:05 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-05-03.026-AvastVBoxSVC.exe-4952.log
2015-02-13 13:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 13:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-13 13:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 13:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 13:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 13:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 13:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 13:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 13:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 13:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 13:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 13:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 13:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-13 13:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 13:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-13 13:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 13:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 13:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-13 13:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-13 13:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-13 13:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-13 13:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 13:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 13:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-13 13:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-13 13:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-13 13:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-13 13:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 13:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 13:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 13:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 13:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-13 13:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-13 13:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-13 13:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-13 13:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-13 13:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 13:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-13 13:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-13 13:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 13:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 13:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 13:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 13:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-13 13:18 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-13 13:18 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 13:18 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 13:18 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-13 13:18 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-13 13:18 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-13 13:18 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-13 13:18 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-13 13:18 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-13 13:18 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-13 13:18 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-13 13:18 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-13 13:18 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-13 13:18 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-13 13:18 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-13 13:18 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-13 13:18 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-13 13:18 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-13 13:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 13:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 13:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 13:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 13:18 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 13:18 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 13:18 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 13:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-13 13:18 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 13:18 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-13 13:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-13 13:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-13 13:17 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 13:17 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-13 13:17 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-13 13:17 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-13 13:17 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-13 13:17 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-13 13:17 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-13 13:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 13:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-13 13:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 13:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-13 13:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 13:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 13:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-13 13:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-13 13:16 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 13:16 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-13 13:16 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-13 13:16 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-13 13:16 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-13 13:15 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 11:49 - 2015-02-13 11:50 - 00000197 _____ () C:\Windows\system32\2015-02-13-10-49-27.086-AvastVBoxSVC.exe-5248.log
2015-02-12 20:04 - 2015-02-12 20:04 - 00000197 _____ () C:\Windows\system32\2015-02-12-19-04-02.036-AvastVBoxSVC.exe-5068.log
2015-02-12 09:36 - 2015-02-12 09:36 - 00000197 _____ () C:\Windows\system32\2015-02-12-08-36-53.080-AvastVBoxSVC.exe-4912.log
2015-02-11 22:02 - 2015-02-11 22:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-21-02-03.096-AvastVBoxSVC.exe-4948.log
2015-02-11 13:52 - 2015-02-11 13:52 - 00000000 ____D () C:\Users\Stephan Blank\Documents\SigmaPlot
2015-02-11 11:02 - 2015-02-11 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-02-14.025-AvastVBoxSVC.exe-5088.log
2015-02-10 22:18 - 2015-02-10 22:18 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-18-47.081-AvastVBoxSVC.exe-5508.log
2015-02-10 18:07 - 2015-02-10 18:07 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-07-34.042-AvastVBoxSVC.exe-3116.log
2015-02-10 09:47 - 2015-02-10 09:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-08-47-54.044-AvastVBoxSVC.exe-5356.log
2015-02-09 21:05 - 2015-02-09 21:05 - 00000197 _____ () C:\Windows\system32\2015-02-09-20-05-01.077-AvastVBoxSVC.exe-5312.log
2015-02-09 17:01 - 2015-02-09 16:59 - 00040262 _____ () C:\Users\Stephan Blank\Desktop\Chlorophytes_ML_500Bts_new.mts
2015-02-09 10:47 - 2015-02-09 10:47 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-47-10.007-AvastVBoxSVC.exe-5264.log
2015-02-08 12:39 - 2015-02-23 11:10 - 00003290 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3493849748-3862360928-3587676368-1000
2015-02-08 12:38 - 2015-02-08 12:38 - 00000197 _____ () C:\Windows\system32\2015-02-08-11-38-06.051-AvastVBoxSVC.exe-4388.log
2015-02-07 10:22 - 2015-02-07 10:24 - 19996360 _____ () C:\Users\Stephan Blank\Downloads\DrakensangOnlineSetup.exe
2015-02-07 10:10 - 2015-02-07 10:11 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\TuneUp Software
2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\TuneUp Software
2015-02-07 10:08 - 2015-02-07 10:10 - 28598072 _____ (TuneUp Software) C:\Users\Stephan Blank\Downloads\TuneUpUtilities2014_34de-DE.exe
2015-02-07 08:24 - 2015-02-07 08:24 - 00000197 _____ () C:\Windows\system32\2015-02-07-07-24-41.003-AvastVBoxSVC.exe-4060.log
2015-02-06 19:37 - 2015-02-06 19:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-37-22.058-AvastVBoxSVC.exe-4600.log
2015-02-06 16:44 - 2015-02-06 16:44 - 00000197 _____ () C:\Windows\system32\2015-02-06-15-44-20.081-AvastVBoxSVC.exe-5540.log
2015-02-06 09:36 - 2015-02-06 09:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-08-36-42.058-AvastVBoxSVC.exe-4864.log
2015-02-05 08:36 - 2015-02-05 08:36 - 00000197 _____ () C:\Windows\system32\2015-02-05-07-36-46.016-AvastVBoxSVC.exe-4672.log
2015-02-04 19:24 - 2015-02-04 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-24-18.086-AvastVBoxSVC.exe-4792.log
2015-02-04 09:38 - 2015-02-04 09:38 - 00000197 _____ () C:\Windows\system32\2015-02-04-08-38-47.084-AvastVBoxSVC.exe-4824.log
2015-02-04 06:03 - 2015-02-04 06:03 - 00000197 _____ () C:\Windows\system32\2015-02-04-05-03-47.086-AvastVBoxSVC.exe-4636.log
2015-02-03 21:28 - 2015-02-03 21:28 - 00000197 _____ () C:\Windows\system32\2015-02-03-20-28-56.007-AvastVBoxSVC.exe-4368.log
2015-02-03 19:44 - 2015-02-03 19:44 - 00000197 _____ () C:\Windows\system32\2015-02-03-18-44-48.043-AvastVBoxSVC.exe-4356.log
2015-02-03 10:55 - 2015-02-03 10:55 - 00000197 _____ () C:\Windows\system32\2015-02-03-09-55-11.031-AvastVBoxSVC.exe-4328.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-05 13:04 - 2015-02-01 13:04 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job
2015-03-05 13:04 - 2015-02-01 13:04 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job
2015-03-05 13:04 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-05 11:54 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-03-05 11:54 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-03-05 11:54 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-05 11:54 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 11:54 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 11:49 - 2015-01-21 17:32 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\3DataManager
2015-03-05 11:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-05 00:27 - 2015-01-15 23:27 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\vlc
2015-03-03 18:00 - 2015-01-14 13:23 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-03-03 17:41 - 2015-01-14 13:21 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\PDF24 Creator - CHIP-Installer.exe
2015-03-03 17:11 - 2015-01-14 11:35 - 00000000 ____D () C:\Software
2015-03-03 11:01 - 2015-01-12 17:41 - 00000000 ____D () C:\Biologie_Doktorat
2015-03-01 19:00 - 2015-01-28 10:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-01 01:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-26 14:14 - 2015-01-09 13:40 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Help
2015-02-26 11:58 - 2015-01-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-26 11:57 - 2015-01-08 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-26 11:56 - 2015-02-01 12:49 - 00000000 ____D () C:\Program Files (x86)\epson
2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\EPSON
2015-02-25 22:46 - 2015-01-09 14:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-02-25 15:09 - 2015-01-26 23:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak
2015-02-25 14:28 - 2015-01-27 11:49 - 00000000 ____D () C:\Program Files\Java
2015-02-24 19:28 - 2015-01-27 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422357903
2015-02-24 19:28 - 2015-01-27 12:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-23 12:01 - 2015-01-28 13:22 - 00000000 ____D () C:\ComputerPflege
2015-02-20 16:26 - 2015-01-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-02-20 16:14 - 2015-01-14 17:11 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\EndNote
2015-02-19 16:47 - 2015-01-12 17:35 - 00000000 ____D () C:\DETECTIVE_150303
2015-02-19 11:49 - 2015-01-08 18:06 - 00000218 _____ () C:\Windows\SysWOW64\grucp51.tgz
2015-02-19 11:49 - 2015-01-08 18:06 - 00000204 _____ () C:\Windows\SysWOW64\grucp51.dll
2015-02-19 11:49 - 2015-01-08 18:06 - 00000114 _____ () C:\Windows\SysWOW64\prsgrc.tgz
2015-02-19 11:49 - 2015-01-08 18:06 - 00000100 _____ () C:\Windows\SysWOW64\prsgrc.dll
2015-02-19 11:49 - 2015-01-08 18:06 - 00000086 _____ () C:\Windows\SysWOW64\ssprs.tgz
2015-02-18 22:02 - 2015-01-15 22:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-18 22:02 - 2015-01-15 22:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-17 20:30 - 2015-01-21 17:30 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Games
2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Users\Public\Documents\EndNote
2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Program Files (x86)\EndNote X7
2015-02-17 17:19 - 2015-01-14 16:59 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers
2015-02-17 17:19 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank
2015-02-17 17:01 - 2015-01-20 14:46 - 00000000 ____D () C:\Users\Stephan Blank\.gimp-2.6
2015-02-17 16:58 - 2015-01-20 15:06 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\gtk-2.0
2015-02-17 15:10 - 2015-01-27 13:50 - 00000000 ____D () C:\Windows\pss
2015-02-17 13:35 - 2015-01-19 12:16 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MEGA_Global
2015-02-16 14:19 - 2015-01-12 17:29 - 00000000 ____D () C:\SonstigesAsus
2015-02-16 12:43 - 2015-01-28 06:40 - 00000000 ____D () C:\Windows\Minidump
2015-02-16 12:43 - 2015-01-08 16:12 - 00000000 ____D () C:\Windows\Panther
2015-02-16 12:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-13 14:32 - 2009-07-14 05:45 - 00341880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 13:30 - 2015-01-09 13:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 13:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-13 13:26 - 2015-01-08 18:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 13:21 - 2015-01-08 18:56 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 10:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-08 13:16 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\VirtualStore
2015-02-07 10:09 - 2015-01-16 13:15 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\DVDVideoSoft
2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft

==================== Files in the root of some directories =======

2015-01-14 12:55 - 2015-01-14 12:55 - 0000057 _____ () C:\ProgramData\Ament.ini

Some content of TEMP:
====================
C:\Users\Stephan Blank\AppData\Local\Temp\Quarantine.exe
C:\Users\Stephan Blank\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-02-23 21:22

==================== End Of Log ============================
         
--- --- ---



GMER log:GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-03-05 13:47:10
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\STEPHA~1\AppData\Local\Temp\uwtiykoc.sys


---- User code sections - GMER 2.1 ----

.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17               00000000767b1401 2 bytes JMP 773eb21b C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                 00000000767b1419 2 bytes JMP 773eb346 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17               00000000767b1431 2 bytes JMP 77468ea9 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42               00000000767b144a 2 bytes CALL 773c48ad C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                               * 9
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                  00000000767b14dd 2 bytes JMP 774687a2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17           00000000767b14f5 2 bytes JMP 77468978 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                  00000000767b150d 2 bytes JMP 77468698 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17           00000000767b1525 2 bytes JMP 77468a62 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                 00000000767b153d 2 bytes JMP 773dfca8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                      00000000767b1555 2 bytes JMP 773e68ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17               00000000767b156d 2 bytes JMP 77468f61 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                 00000000767b1585 2 bytes JMP 77468ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                    00000000767b159d 2 bytes JMP 7746865c C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                 00000000767b15b5 2 bytes JMP 773dfd41 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17               00000000767b15cd 2 bytes JMP 773eb2dc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20           00000000767b16b2 2 bytes JMP 77468e24 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31           00000000767b16bd 2 bytes JMP 774685f1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17      00000000767b1401 2 bytes JMP 773eb21b C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17        00000000767b1419 2 bytes JMP 773eb346 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17      00000000767b1431 2 bytes JMP 77468ea9 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42      00000000767b144a 2 bytes CALL 773c48ad C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                               * 9
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17         00000000767b14dd 2 bytes JMP 774687a2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17  00000000767b14f5 2 bytes JMP 77468978 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17         00000000767b150d 2 bytes JMP 77468698 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17  00000000767b1525 2 bytes JMP 77468a62 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17        00000000767b153d 2 bytes JMP 773dfca8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17             00000000767b1555 2 bytes JMP 773e68ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17      00000000767b156d 2 bytes JMP 77468f61 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17        00000000767b1585 2 bytes JMP 77468ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17           00000000767b159d 2 bytes JMP 7746865c C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17        00000000767b15b5 2 bytes JMP 773dfd41 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17      00000000767b15cd 2 bytes JMP 773eb2dc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20  00000000767b16b2 2 bytes JMP 77468e24 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31  00000000767b16bd 2 bytes JMP 774685f1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17        00000000767b1401 2 bytes JMP 773eb21b C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17          00000000767b1419 2 bytes JMP 773eb346 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17        00000000767b1431 2 bytes JMP 77468ea9 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42        00000000767b144a 2 bytes CALL 773c48ad C:\Windows\syswow64\kernel32.dll
.text   ...                                                                                                                               * 9
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17           00000000767b14dd 2 bytes JMP 774687a2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17    00000000767b14f5 2 bytes JMP 77468978 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17           00000000767b150d 2 bytes JMP 77468698 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17    00000000767b1525 2 bytes JMP 77468a62 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17          00000000767b153d 2 bytes JMP 773dfca8 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17               00000000767b1555 2 bytes JMP 773e68ef C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17        00000000767b156d 2 bytes JMP 77468f61 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17          00000000767b1585 2 bytes JMP 77468ac2 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17             00000000767b159d 2 bytes JMP 7746865c C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17          00000000767b15b5 2 bytes JMP 773dfd41 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17        00000000767b15cd 2 bytes JMP 773eb2dc C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20    00000000767b16b2 2 bytes JMP 77468e24 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31    00000000767b16bd 2 bytes JMP 774685f1 C:\Windows\syswow64\kernel32.dll
.text   C:\Program Files\AVAST Software\Avast\avastui.exe[3588] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter              00000000773c8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\SysWOW64\DllHost.exe [3292:3708]                                                                                       000000006f4428f0

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\3859f9ee31e8                                                       
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\3859f9ee31e8 (not active ControlSet)                                   

---- EOF - GMER 2.1 ----
         
--- --- ---



spybot:
Search results from Spybot - Search & Destroy

05.03.2015 11:40:53
Scan took 00:31:36.
13 items found.

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar.sol
Properties.size=74
Properties.md5=896E6834D2D7C9E2D750A993416E7FA3
Properties.filedate=1425550538
Properties.filedatetext=2015-03-05 11:15:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar_temp.sol
Properties.size=79
Properties.md5=764EFBC25B7B434B13EEC599F272F7BF
Properties.filedate=1425550538
Properties.filedatetext=2015-03-05 11:15:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done)
C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggMCvar_1.sol
Properties.size=74
Properties.md5=CB280533C96E47084D94C734890276A8
Properties.filedate=1425550991
Properties.filedatetext=2015-03-05 11:23:10

DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: Stephan Blank (default)) (Browser: Cookie, nothing done)


Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

Cookie: [SBI $49804B54] Browser: Cookie (116) (Browser: Cookie, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) ---

2014-06-24 blindman.exe (2.4.40.151)
2014-06-24 explorer.exe (2.4.40.181)
2014-06-24 SDBootCD.exe (2.4.40.109)
2014-06-24 SDCleaner.exe (2.4.40.110)
2014-06-24 SDDelFile.exe (2.4.40.94)
2013-06-18 SDDisableProxy.exe
2014-06-24 SDFiles.exe (2.4.40.135)
2014-06-24 SDFileScanHelper.exe (2.4.40.1)
2014-06-24 SDFSSvc.exe (2.4.40.217)
2014-06-24 SDHelp.exe (2.4.40.1)
2014-04-25 SDHookHelper.exe (2.3.39.2)
2014-04-25 SDHookInst32.exe (2.3.39.2)
2014-04-25 SDHookInst64.exe (2.3.39.2)
2014-06-24 SDImmunize.exe (2.4.40.130)
2014-06-24 SDLogReport.exe (2.4.40.107)
2014-06-24 SDOnAccess.exe (2.4.40.11)
2014-06-24 SDPESetup.exe (2.4.40.3)
2014-06-24 SDPEStart.exe (2.4.40.86)
2014-06-24 SDPhoneScan.exe (2.4.40.28)
2014-06-24 SDPRE.exe (2.4.40.22)
2014-06-24 SDPrepPos.exe (2.4.40.15)
2014-06-24 SDQuarantine.exe (2.4.40.103)
2014-06-24 SDRootAlyzer.exe (2.4.40.116)
2014-06-24 SDSBIEdit.exe (2.4.40.39)
2014-06-24 SDScan.exe (2.4.40.181)
2014-06-24 SDScript.exe (2.4.40.54)
2014-06-24 SDSettings.exe (2.4.40.139)
2014-06-24 SDShell.exe (2.4.40.2)
2014-06-24 SDShred.exe (2.4.40.108)
2014-06-24 SDSysRepair.exe (2.4.40.102)
2014-06-24 SDTools.exe (2.4.40.157)
2014-06-24 SDTray.exe (2.4.40.129)
2014-06-27 SDUpdate.exe (2.4.40.94)
2014-06-27 SDUpdSvc.exe (2.4.40.77)
2014-06-24 SDWelcome.exe (2.4.40.130)
2014-04-25 SDWSCSvc.exe (2.3.39.2)
2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0)
2014-07-31 spybotsd2-translation-esx.exe
2013-06-19 spybotsd2-translation-frx.exe
2014-08-25 spybotsd2-translation-hux2.exe
2014-10-01 spybotsd2-translation-nlx2.exe
2014-11-05 spybotsd2-translation-ukx.exe
2015-01-28 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2014-04-25 NotificationSpreader.dll
2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98)
2014-04-25 SDAV.dll
2014-06-24 SDECon32.dll (2.4.40.114)
2014-06-24 SDECon64.dll (2.3.39.113)
2014-06-24 SDEvents.dll (2.4.40.2)
2014-06-24 SDFileScanLibrary.dll (2.4.40.14)
2014-04-25 SDHook32.dll (2.3.39.2)
2014-04-25 SDHook64.dll (2.3.39.2)
2014-06-24 SDImmunizeLibrary.dll (2.4.40.2)
2014-06-24 SDLicense.dll (2.4.40.0)
2014-06-24 SDLists.dll (2.4.40.4)
2014-06-24 SDResources.dll (2.4.40.7)
2014-06-24 SDScanLibrary.dll (2.4.40.131)
2014-06-24 SDTasks.dll (2.4.40.15)
2014-06-24 SDWinLogon.dll (2.4.40.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2014-06-24 Tools.dll (2.4.40.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2015-02-25 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-11-14 Includes\Dialer-000.sbi (*)
2014-11-14 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2014-01-09 Includes\Fraud-000.sbi (*)
2014-01-09 Includes\Fraud-001.sbi (*)
2014-03-31 Includes\Fraud-002.sbi (*)
2014-01-09 Includes\Fraud-003.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-11-14 Includes\Hijackers-000.sbi (*)
2014-11-14 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-11-14 Includes\Keyloggers-000.sbi (*)
2014-09-24 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-11-14 Includes\Malware-000.sbi (*)
2014-11-14 Includes\Malware-001.sbi (*)
2014-11-14 Includes\Malware-002.sbi (*)
2014-11-14 Includes\Malware-003.sbi (*)
2014-11-14 Includes\Malware-004.sbi (*)
2014-11-14 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2015-02-25 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-11-14 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2015-02-25 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-11-14 Includes\Spyware-000.sbi (*)
2014-12-10 Includes\Spyware-001.sbi (*)
2015-01-14 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-11-14 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-07-09 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-07-09 Includes\Trojans-008.sbi (*)
2014-07-09 Includes\Trojans-009.sbi (*)
2015-02-25 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)

[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Product Macromedia.FlashPlayer.Cookies
[+] 15-03-05 11:41:20 Moving into quarantine C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar.sol
[+] 15-03-05 11:41:20 Moving into quarantine C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar_temp.sol
[+] 15-03-05 11:41:20 Moving into quarantine C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggMCvar_1.sol
[+] 15-03-05 11:41:20 Successfully cleaned C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar.sol
[+] 15-03-05 11:41:20 Successfully cleaned C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar_temp.sol
[+] 15-03-05 11:41:20 Successfully cleaned C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggMCvar_1.sol
[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Product DoubleClick
[+] 15-03-05 11:41:20 Moving into quarantine Cookie (Firefox: Stephan Blank (default)).doubleclick.net/ (test_cookie)
[+] 15-03-05 11:41:20 Successfully cleaned Cookie (Firefox: Stephan Blank (default)).doubleclick.net/ (test_cookie)
[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Product Windows
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources
[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Product Windows Explorer
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs
[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Product Windows Media SDK
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID
[+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber
[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Product Cookie
[+] 15-03-05 11:41:20 Moving into quarantine Firefox (Stephan Blank (default))Cookies
[+] 15-03-05 11:41:20 Moving into quarantine Thunderbird (Stephan Blank (default))Cookies
[+] 15-03-05 11:41:20 Successfully cleaned Firefox (Stephan Blank (default))Cookies
[+] 15-03-05 11:41:20 Successfully cleaned Thunderbird (Stephan Blank (default))Cookies
[i] 15-03-05 11:41:20
[i] 15-03-05 11:41:20 Summary
[i] 15-03-05 11:41:20 Errors while cleaning 0
[i] 15-03-05 11:41:20 Files moved into quarantine 13
[i] 15-03-05 11:41:20 Files successfully cleaned 13

Alt 05.03.2015, 15:31   #2
schrauber
/// the machine
/// TB-Ausbilder
 

CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



HI,

Addition.txt fehlt noch.
__________________

__________________

Alt 05.03.2015, 16:44   #3
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Hallo,

danke für die Antwort. Leider konnte ich den Addition.txt nicht finden. Kann ich den denn irgendwo noch aufspüren?
__________________

Alt 06.03.2015, 10:12   #4
schrauber
/// the machine
/// TB-Ausbilder
 

CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.03.2015, 13:16   #5
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Hallo Schrauber,

gut dass es nochmal geht. War kein Problem.

Vielen Dank!

Gruß Stephan

Hier ist der neue FRST-logs:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01
Ran by Stephan Blank (administrator) on STEPHANBLANK-PC on 06-03-2015 12:45:06
Running from C:\Users\Stephan Blank\Downloads
Loaded Profiles: Stephan Blank (Available profiles: Stephan Blank)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
() C:\Program Files (x86)\3DataManager\WTGService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe
() C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {00490a07-9cac-11e4-bf34-001e101f859f} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {6e697069-a002-11e4-ab98-3859f9ee31e8} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310d93-a189-11e4-9379-3859f9ee31e8} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310dbd-a189-11e4-9379-3859f9ee31e8} - F:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb29f-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb4ac-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7ef47728-97fd-11e4-899c-f0bf9768a697} - F:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {91b7f05d-a172-11e4-b755-001e101f4da1} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {9352db18-9cf9-11e4-9e18-806e6f6e6963} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e16dc10a-a260-11e4-9ab7-3859f9ee31e8} - G:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e31f1bce-9fc2-11e4-8d44-f0bf9768a697} - E:\AutoRun.exe
HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {eff3f5c1-9a74-11e4-a959-001e101f8aaa} - F:\Startme.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Österreich - jetzt mit dem Hotmail-Nachfolger Outlook und Skype
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\..\Interfaces\{8F209CFD-1138-4000-B708-6117B200EA23}: [NameServer] 213.94.78.17 213.94.78.16
Tcpip\..\Interfaces\{BD5E0201-A624-4C66-8AE3-0E68D7A650AA}: [NameServer] 213.94.78.16 213.94.78.17

FireFox:
========
FF ProfilePath: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3493849748-3862360928-3587676368-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-images.xml
FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-maps.xml
FF Extension: Cliqz Beta - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\cliqz@cliqz.com.xpi [2015-01-15]
FF Extension: Adblock Plus - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-28]
FF HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\extensions\cliqz@cliqz.com

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-28] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-28] (Avast Software)
R2 BecHelperService; C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] ()
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [346832 2012-12-12] ()
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-28] ()
S2 mdvrmng; C:\Windows\SysWOW64\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed]
S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation)
S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation)
S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation)
S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation)
S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation)
S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation)
S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-28] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-28] (Avast Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.)
S3 avchv; system32\DRIVERS\avchv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-06 12:33 - 2015-03-06 12:33 - 00000197 _____ () C:\Windows\system32\2015-03-06-11-33-34.016-AvastVBoxSVC.exe-3456.log
2015-03-06 12:31 - 2015-03-06 12:31 - 00000056 _____ () C:\Windows\setupact.log
2015-03-06 12:31 - 2015-03-06 12:31 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-06 09:14 - 2015-03-06 09:14 - 00000197 _____ () C:\Windows\system32\2015-03-06-08-14-11.074-AvastVBoxSVC.exe-4788.log
2015-03-06 03:32 - 2015-03-06 03:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-06 03:08 - 2015-03-06 03:08 - 00000197 _____ () C:\Windows\system32\2015-03-06-02-08-27.065-AvastVBoxSVC.exe-3544.log
2015-03-05 19:42 - 2015-03-05 19:42 - 00000197 _____ () C:\Windows\system32\2015-03-05-18-42-20.017-AvastVBoxSVC.exe-4324.log
2015-03-05 14:45 - 2015-03-05 14:45 - 00002092 _____ () C:\Users\Stephan Blank\Desktop\Prime95 - CHIP Downloader.lnk
2015-03-05 14:44 - 2015-03-05 14:44 - 00000000 ____D () C:\Users\Stephan Blank\Downloads\p95v285.win64
2015-03-05 14:42 - 2015-03-05 14:42 - 05378177 _____ () C:\Users\Stephan Blank\Downloads\p95v285.win64.zip
2015-03-05 14:41 - 2015-03-05 14:41 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\Prime95 - CHIP-Installer.exe
2015-03-05 14:17 - 2015-03-05 11:41 - 00004442 _____ () C:\Users\Stephan Blank\Desktop\150305-110916.xml.cleaning.log
2015-03-05 14:17 - 2015-03-05 11:40 - 00009697 _____ () C:\Users\Stephan Blank\Desktop\Checks.150305-1140.txt
2015-03-05 13:57 - 2015-03-05 13:57 - 00000197 _____ () C:\Windows\system32\2015-03-05-12-57-46.087-AvastVBoxSVC.exe-3476.log
2015-03-05 13:47 - 2015-03-05 13:47 - 00012196 _____ () C:\Users\Stephan Blank\Desktop\GMER.log
2015-03-05 13:37 - 2015-03-05 13:37 - 00380416 _____ () C:\Users\Stephan Blank\Downloads\Gmer-19357.exe
2015-03-05 13:21 - 2015-03-05 13:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephan Blank\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-05 11:49 - 2015-03-05 11:49 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-49-23.062-AvastVBoxSVC.exe-4648.log
2015-03-05 11:06 - 2015-03-05 11:06 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-06-25.074-AvastVBoxSVC.exe-4712.log
2015-03-04 21:19 - 2015-03-04 21:19 - 00000197 _____ () C:\Windows\system32\2015-03-04-20-19-14.018-AvastVBoxSVC.exe-3796.log
2015-03-04 10:44 - 2015-03-04 10:44 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-44-05.019-AvastVBoxSVC.exe-3184.log
2015-03-04 09:03 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-08-03-42.054-aswFe.exe-488.log
2015-03-04 08:55 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-07-55-28.024-aswFe.exe-5172.log
2015-03-04 08:55 - 2015-03-04 08:55 - 00000197 _____ () C:\Windows\system32\2015-03-04-07-55-19.052-AvastVBoxSVC.exe-5608.log
2015-03-03 21:28 - 2015-03-03 21:28 - 00000197 _____ () C:\Windows\system32\2015-03-03-20-28-47.001-AvastVBoxSVC.exe-3492.log
2015-03-03 18:04 - 2015-03-03 18:04 - 00000197 _____ () C:\Windows\system32\2015-03-03-17-04-42.022-AvastVBoxSVC.exe-4500.log
2015-03-03 17:45 - 2015-03-03 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-03-03 17:42 - 2015-03-03 17:43 - 16342352 _____ (Geek Software GmbH ) C:\Users\Stephan Blank\Downloads\pdf24-creator-6.9.2.exe
2015-03-03 17:12 - 2015-03-04 16:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2015-03-03 17:12 - 2015-03-03 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-03-03 17:12 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\system32\pdfcmnnt.dll
2015-03-03 17:12 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2015-03-03 17:12 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2015-03-03 17:12 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL
2015-03-03 17:12 - 1998-07-06 00:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL
2015-03-03 17:12 - 1998-06-24 00:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX
2015-03-03 15:17 - 2015-03-03 15:17 - 00000197 _____ () C:\Windows\system32\2015-03-03-14-17-43.089-AvastVBoxSVC.exe-3492.log
2015-03-03 10:54 - 2015-03-03 10:54 - 00000197 _____ () C:\Windows\system32\2015-03-03-09-54-07.085-AvastVBoxSVC.exe-3540.log
2015-03-03 08:23 - 2015-03-03 08:23 - 00000197 _____ () C:\Windows\system32\2015-03-03-07-23-09.086-AvastVBoxSVC.exe-3604.log
2015-03-03 07:31 - 2015-03-03 07:31 - 00000197 _____ () C:\Windows\system32\2015-03-03-06-31-39.003-AvastVBoxSVC.exe-3576.log
2015-03-02 23:00 - 2015-03-02 23:00 - 00000197 _____ () C:\Windows\system32\2015-03-02-22-00-48.075-AvastVBoxSVC.exe-3520.log
2015-03-02 20:05 - 2015-03-02 20:05 - 00000197 _____ () C:\Windows\system32\2015-03-02-19-05-41.014-AvastVBoxSVC.exe-4720.log
2015-03-02 12:53 - 2015-03-02 12:53 - 01728888 _____ (Microsoft Corporation) C:\Users\Stephan Blank\Downloads\proof2010-kb2553272-fullfile-x64-en-us.exe
2015-03-02 12:42 - 2015-03-02 12:42 - 00000197 _____ () C:\Windows\system32\2015-03-02-11-42-28.068-AvastVBoxSVC.exe-3480.log
2015-03-01 18:55 - 2015-03-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-03-01-17-55-48.005-AvastVBoxSVC.exe-3480.log
2015-03-01 12:49 - 2015-03-01 12:49 - 00000197 _____ () C:\Windows\system32\2015-03-01-11-49-42.010-AvastVBoxSVC.exe-4476.log
2015-03-01 00:35 - 2015-03-01 00:35 - 00000197 _____ () C:\Windows\system32\2015-02-28-23-35-52.017-AvastVBoxSVC.exe-3644.log
2015-02-28 19:29 - 2015-02-28 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-28-18-29-27.032-AvastVBoxSVC.exe-3036.log
2015-02-28 12:58 - 2015-03-05 18:08 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\CrashDumps
2015-02-28 12:47 - 2015-02-28 12:47 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-28 12:47 - 2015-02-28 12:47 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-28 12:01 - 2015-02-28 12:01 - 01388274 _____ (Thisisu) C:\Users\Stephan Blank\Downloads\JRT.exe
2015-02-28 12:00 - 2015-02-28 12:01 - 15536728 _____ () C:\Users\Stephan Blank\Downloads\RogueKiller.exe
2015-02-28 11:53 - 2015-02-28 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-28-10-53-27.027-AvastVBoxSVC.exe-3548.log
2015-02-27 23:37 - 2015-02-27 23:38 - 00000197 _____ () C:\Windows\system32\2015-02-27-22-37-58.090-AvastVBoxSVC.exe-3644.log
2015-02-27 18:50 - 2015-02-27 18:50 - 00000247 _____ () C:\Windows\system32\2015-02-27-17-50-21.009-aswFe.exe-5632.log
2015-02-27 18:46 - 2015-02-27 18:46 - 00000197 _____ () C:\Windows\system32\2015-02-27-17-46-55.057-AvastVBoxSVC.exe-5832.log
2015-02-27 11:38 - 2015-03-06 11:04 - 00011800 _____ () C:\Users\Stephan Blank\Documents\Comunio_Marktwerte.xlsx
2015-02-27 11:22 - 2015-02-27 11:23 - 18687064 _____ () C:\Users\Stephan Blank\Downloads\RogueKillerX64.exe
2015-02-27 11:15 - 2015-03-03 11:05 - 00000000 ____D () C:\Sicherung_150227
2015-02-27 11:11 - 2015-03-06 12:44 - 00265772 _____ () C:\Windows\WindowsUpdate.log
2015-02-27 11:11 - 2015-02-27 11:11 - 00000197 _____ () C:\Windows\system32\2015-02-27-10-11-23.058-AvastVBoxSVC.exe-3984.log
2015-02-26 21:16 - 2015-02-26 21:16 - 00000197 _____ () C:\Windows\system32\2015-02-26-20-16-42.091-AvastVBoxSVC.exe-4460.log
2015-02-26 19:39 - 2015-02-26 19:39 - 00000000 ____D () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition
2015-02-26 19:37 - 2015-02-26 19:39 - 14086761 _____ () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition.zip
2015-02-26 18:41 - 2015-02-26 18:41 - 00000197 _____ () C:\Windows\system32\2015-02-26-17-41-36.093-AvastVBoxSVC.exe-4796.log
2015-02-26 14:27 - 2015-02-26 14:27 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-27-51.034-AvastVBoxSVC.exe-4488.log
2015-02-26 14:10 - 2015-02-26 14:10 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-10-20.086-AvastVBoxSVC.exe-3572.log
2015-02-26 12:13 - 2015-02-26 12:13 - 00009608 _____ () C:\Users\Stephan Blank\Documents\Comunio_Spieltag_punkte.xlsx
2015-02-26 12:01 - 2015-02-26 12:01 - 00000197 _____ () C:\Windows\system32\2015-02-26-11-01-19.072-AvastVBoxSVC.exe-4064.log
2015-02-26 11:53 - 2015-02-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-26-10-53-07.007-AvastVBoxSVC.exe-3964.log
2015-02-25 22:50 - 2015-02-25 22:50 - 00000197 _____ () C:\Windows\system32\2015-02-25-21-50-52.045-AvastVBoxSVC.exe-4628.log
2015-02-25 15:09 - 2015-02-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-02-25 11:17 - 2015-02-25 11:17 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-17-47.018-AvastVBoxSVC.exe-3720.log
2015-02-25 11:07 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 11:07 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls
2015-02-25 11:00 - 2015-02-25 11:00 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-00-53.059-AvastVBoxSVC.exe-3960.log
2015-02-24 19:24 - 2015-02-24 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-24-18-24-44.078-AvastVBoxSVC.exe-4632.log
2015-02-24 10:44 - 2015-02-24 10:44 - 00000197 _____ () C:\Windows\system32\2015-02-24-09-44-33.000-AvastVBoxSVC.exe-4804.log
2015-02-23 18:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2015-02-23 18:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll
2015-02-23 18:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll
2015-02-23 18:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll
2015-02-23 18:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2015-02-23 18:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll
2015-02-23 18:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2015-02-23 18:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll
2015-02-23 18:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2015-02-23 18:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll
2015-02-23 18:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2015-02-23 18:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-02-23 18:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2015-02-23 18:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll
2015-02-23 18:21 - 2015-02-23 18:21 - 00666160 _____ () C:\Users\Stephan Blank\Downloads\tmnationsforever_setup_CB-DL-Manager.exe
2015-02-23 18:00 - 2015-02-23 18:00 - 00000197 _____ () C:\Windows\system32\2015-02-23-17-00-22.031-AvastVBoxSVC.exe-4492.log
2015-02-23 11:58 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-02-23 11:58 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-02-23 11:58 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-02-23 11:58 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-02-23 11:09 - 2015-02-23 11:09 - 00000197 _____ () C:\Windows\system32\2015-02-23-10-09-44.024-AvastVBoxSVC.exe-4888.log
2015-02-22 15:43 - 2015-02-22 15:43 - 00000197 _____ () C:\Windows\system32\2015-02-22-14-43-36.013-AvastVBoxSVC.exe-4780.log
2015-02-22 14:07 - 2015-02-22 14:07 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition2.txt
2015-02-22 13:55 - 2015-02-22 13:56 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition.txt
2015-02-22 13:54 - 2015-03-06 12:45 - 00017308 _____ () C:\Users\Stephan Blank\Downloads\FRST.txt
2015-02-22 13:54 - 2015-03-06 12:45 - 00000000 ____D () C:\FRST
2015-02-22 13:49 - 2015-03-05 13:28 - 02092544 _____ (Farbar) C:\Users\Stephan Blank\Downloads\FRST64.exe
2015-02-22 13:37 - 2015-02-23 18:51 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\dlg
2015-02-22 13:07 - 2015-02-22 13:07 - 44240384 _____ () C:\Users\Stephan Blank\Documents\Untitled.avi
2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MonkeyJam
2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonkeyJam
2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Program Files (x86)\MonkeyJam
2015-02-22 12:56 - 2005-02-27 17:11 - 00424960 _____ () C:\Windows\SysWOW64\wavdest.ax
2015-02-22 12:55 - 2015-02-22 12:55 - 00669184 _____ () C:\Users\Stephan Blank\Downloads\MonkeyJamSetup_CB-DL-Manager.exe
2015-02-22 09:57 - 2015-02-22 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-22-08-57-17.056-AvastVBoxSVC.exe-4996.log
2015-02-21 19:44 - 2015-02-21 19:44 - 00000197 _____ () C:\Windows\system32\2015-02-21-18-44-00.009-AvastVBoxSVC.exe-5136.log
2015-02-21 12:48 - 2015-02-21 12:49 - 00000197 _____ () C:\Windows\system32\2015-02-21-11-48-39.033-AvastVBoxSVC.exe-4732.log
2015-02-20 23:48 - 2015-02-20 23:48 - 00000197 _____ () C:\Windows\system32\2015-02-20-22-48-06.023-AvastVBoxSVC.exe-4808.log
2015-02-20 16:16 - 2015-02-20 16:16 - 00000000 ____D () C:\Users\Stephan Blank\Documents\EndNote
2015-02-20 14:00 - 2015-02-20 17:13 - 00000000 ____D () C:\Sicherung_150220
2015-02-20 14:00 - 2015-02-20 14:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-13-00-12.013-AvastVBoxSVC.exe-4648.log
2015-02-20 10:00 - 2015-02-20 10:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-09-00-49.026-AvastVBoxSVC.exe-4848.log
2015-02-19 19:13 - 2015-02-19 19:13 - 00000197 _____ () C:\Windows\system32\2015-02-19-18-13-41.032-AvastVBoxSVC.exe-4420.log
2015-02-19 18:59 - 2015-02-19 18:59 - 00000197 _____ () C:\Windows\system32\2015-02-19-17-59-11.035-AvastVBoxSVC.exe-4384.log
2015-02-19 11:15 - 2015-02-19 11:15 - 00000197 _____ () C:\Windows\system32\2015-02-19-10-15-44.076-AvastVBoxSVC.exe-5312.log
2015-02-19 11:00 - 2015-03-05 11:45 - 00000000 ____D () C:\AdwCleaner
2015-02-19 11:00 - 2015-03-05 11:42 - 02126848 _____ () C:\Users\Stephan Blank\Downloads\AdwCleaner.exe
2015-02-19 10:26 - 2015-02-19 10:26 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\SuperAntiSpyware - CHIP-Installer.exe
2015-02-19 09:40 - 2015-02-19 09:40 - 00000197 _____ () C:\Windows\system32\2015-02-19-08-40-12.013-AvastVBoxSVC.exe-4912.log
2015-02-19 07:44 - 2015-02-19 07:44 - 00000197 _____ () C:\Windows\system32\2015-02-19-06-44-37.007-AvastVBoxSVC.exe-4136.log
2015-02-18 21:04 - 2015-03-06 12:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-02-18 21:04 - 2015-02-18 22:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-02-18 21:01 - 2015-02-18 21:01 - 00000197 _____ () C:\Windows\system32\2015-02-18-20-01-27.016-AvastVBoxSVC.exe-4672.log
2015-02-18 10:50 - 2015-02-18 10:50 - 00000197 _____ () C:\Windows\system32\2015-02-18-09-50-38.011-AvastVBoxSVC.exe-5080.log
2015-02-17 21:54 - 2015-02-17 21:54 - 00000197 _____ () C:\Windows\system32\2015-02-17-20-54-53.062-AvastVBoxSVC.exe-3892.log
2015-02-17 20:55 - 2015-02-17 20:55 - 00000000 ____D () C:\Users\Stephan Blank\Documents\My Games
2015-02-17 19:48 - 2015-02-17 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine
2015-02-17 19:46 - 2015-02-19 19:53 - 00000000 ____D () C:\Windows\Panzer Corps
2015-02-17 19:46 - 2015-02-17 19:46 - 00000000 ____D () C:\Program Files (x86)\Slitherine
2015-02-17 18:43 - 2015-02-17 18:43 - 00000197 _____ () C:\Windows\system32\2015-02-17-17-43-17.023-AvastVBoxSVC.exe-4892.log
2015-02-17 16:58 - 2015-02-17 16:58 - 00022833 _____ () C:\Users\Stephan Blank\.recently-used.xbel
2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\Program Files\7-Zip
2015-02-17 12:15 - 2015-02-17 12:15 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\7 Zip 64 Bit - CHIP-Installer.exe
2015-02-17 09:57 - 2015-02-17 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-17-08-57-20.036-AvastVBoxSVC.exe-4472.log
2015-02-16 23:47 - 2015-02-16 23:47 - 00000197 _____ () C:\Windows\system32\2015-02-16-22-47-55.033-AvastVBoxSVC.exe-4364.log
2015-02-16 17:45 - 2015-02-16 17:45 - 00000197 _____ () C:\Windows\system32\2015-02-16-16-45-34.007-AvastVBoxSVC.exe-4508.log
2015-02-16 12:45 - 2015-03-04 16:13 - 00000000 ____D () C:\CC_Registry_Cleaner_Sicherung
2015-02-16 12:42 - 2015-02-16 12:42 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-16 12:17 - 2015-02-16 12:17 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-17-25.063-AvastVBoxSVC.exe-3792.log
2015-02-16 12:12 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-16 12:12 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-16 12:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-16 12:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-16 12:05 - 2015-02-16 12:05 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-05-03.026-AvastVBoxSVC.exe-4952.log
2015-02-13 13:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-02-13 13:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-02-13 13:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-02-13 13:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-02-13 13:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-02-13 13:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-02-13 13:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-02-13 13:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-02-13 13:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-02-13 13:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-02-13 13:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-02-13 13:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-02-13 13:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-02-13 13:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-02-13 13:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-02-13 13:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-13 13:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-02-13 13:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-02-13 13:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-02-13 13:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-02-13 13:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-02-13 13:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-02-13 13:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-02-13 13:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-02-13 13:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-02-13 13:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-02-13 13:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-02-13 13:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-02-13 13:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-13 13:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-02-13 13:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-13 13:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-02-13 13:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-02-13 13:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-02-13 13:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-02-13 13:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-02-13 13:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-02-13 13:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-02-13 13:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-02-13 13:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-02-13 13:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-02-13 13:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-02-13 13:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-02-13 13:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-02-13 13:18 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-13 13:18 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-13 13:18 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-13 13:18 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-13 13:18 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-13 13:18 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-13 13:18 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-13 13:18 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-13 13:18 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-13 13:18 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-13 13:18 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-13 13:18 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-13 13:18 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-13 13:18 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-13 13:18 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-13 13:18 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-13 13:18 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-13 13:18 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-13 13:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-02-13 13:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-02-13 13:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-02-13 13:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-02-13 13:18 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-02-13 13:18 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-02-13 13:18 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-02-13 13:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-02-13 13:18 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-02-13 13:18 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-02-13 13:18 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-13 13:18 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-13 13:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-02-13 13:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-13 13:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-02-13 13:17 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-13 13:17 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-13 13:17 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-13 13:17 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-13 13:17 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-13 13:17 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-13 13:17 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-13 13:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-13 13:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-13 13:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-13 13:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-13 13:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-13 13:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-13 13:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-13 13:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-13 13:16 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-13 13:16 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-13 13:16 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-02-13 13:16 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-02-13 13:16 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-02-13 13:15 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-13 11:49 - 2015-02-13 11:50 - 00000197 _____ () C:\Windows\system32\2015-02-13-10-49-27.086-AvastVBoxSVC.exe-5248.log
2015-02-12 20:04 - 2015-02-12 20:04 - 00000197 _____ () C:\Windows\system32\2015-02-12-19-04-02.036-AvastVBoxSVC.exe-5068.log
2015-02-12 09:36 - 2015-02-12 09:36 - 00000197 _____ () C:\Windows\system32\2015-02-12-08-36-53.080-AvastVBoxSVC.exe-4912.log
2015-02-11 22:02 - 2015-02-11 22:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-21-02-03.096-AvastVBoxSVC.exe-4948.log
2015-02-11 13:52 - 2015-02-11 13:52 - 00000000 ____D () C:\Users\Stephan Blank\Documents\SigmaPlot
2015-02-11 11:02 - 2015-02-11 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-02-14.025-AvastVBoxSVC.exe-5088.log
2015-02-10 22:18 - 2015-02-10 22:18 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-18-47.081-AvastVBoxSVC.exe-5508.log
2015-02-10 18:07 - 2015-02-10 18:07 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-07-34.042-AvastVBoxSVC.exe-3116.log
2015-02-10 09:47 - 2015-02-10 09:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-08-47-54.044-AvastVBoxSVC.exe-5356.log
2015-02-09 21:05 - 2015-02-09 21:05 - 00000197 _____ () C:\Windows\system32\2015-02-09-20-05-01.077-AvastVBoxSVC.exe-5312.log
2015-02-09 17:01 - 2015-02-09 16:59 - 00040262 _____ () C:\Users\Stephan Blank\Desktop\Chlorophytes_ML_500Bts_new.mts
2015-02-09 10:47 - 2015-02-09 10:47 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-47-10.007-AvastVBoxSVC.exe-5264.log
2015-02-08 12:39 - 2015-02-23 11:10 - 00003290 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3493849748-3862360928-3587676368-1000
2015-02-08 12:38 - 2015-02-08 12:38 - 00000197 _____ () C:\Windows\system32\2015-02-08-11-38-06.051-AvastVBoxSVC.exe-4388.log
2015-02-07 10:22 - 2015-02-07 10:24 - 19996360 _____ () C:\Users\Stephan Blank\Downloads\DrakensangOnlineSetup.exe
2015-02-07 10:10 - 2015-02-07 10:11 - 00000000 ____D () C:\ProgramData\TuneUp Software
2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\TuneUp Software
2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\TuneUp Software
2015-02-07 10:08 - 2015-02-07 10:10 - 28598072 _____ (TuneUp Software) C:\Users\Stephan Blank\Downloads\TuneUpUtilities2014_34de-DE.exe
2015-02-07 08:24 - 2015-02-07 08:24 - 00000197 _____ () C:\Windows\system32\2015-02-07-07-24-41.003-AvastVBoxSVC.exe-4060.log
2015-02-06 19:37 - 2015-02-06 19:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-37-22.058-AvastVBoxSVC.exe-4600.log
2015-02-06 16:44 - 2015-02-06 16:44 - 00000197 _____ () C:\Windows\system32\2015-02-06-15-44-20.081-AvastVBoxSVC.exe-5540.log
2015-02-06 09:36 - 2015-02-06 09:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-08-36-42.058-AvastVBoxSVC.exe-4864.log
2015-02-05 08:36 - 2015-02-05 08:36 - 00000197 _____ () C:\Windows\system32\2015-02-05-07-36-46.016-AvastVBoxSVC.exe-4672.log
2015-02-04 19:24 - 2015-02-04 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-24-18.086-AvastVBoxSVC.exe-4792.log
2015-02-04 09:38 - 2015-02-04 09:38 - 00000197 _____ () C:\Windows\system32\2015-02-04-08-38-47.084-AvastVBoxSVC.exe-4824.log
2015-02-04 06:03 - 2015-02-04 06:03 - 00000197 _____ () C:\Windows\system32\2015-02-04-05-03-47.086-AvastVBoxSVC.exe-4636.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-06 12:44 - 2015-01-21 17:32 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\3DataManager
2015-03-06 12:38 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2015-03-06 12:38 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2015-03-06 12:38 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-06 12:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-06 12:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-06 12:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-06 12:30 - 2015-01-09 14:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-06 11:04 - 2015-02-01 13:04 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job
2015-03-06 11:04 - 2015-02-01 13:04 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job
2015-03-06 11:04 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-03-05 00:27 - 2015-01-15 23:27 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\vlc
2015-03-03 18:00 - 2015-01-14 13:23 - 00000000 ____D () C:\Program Files (x86)\PDF24
2015-03-03 17:41 - 2015-01-14 13:21 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\PDF24 Creator - CHIP-Installer.exe
2015-03-03 17:11 - 2015-01-14 11:35 - 00000000 ____D () C:\Software
2015-03-03 11:01 - 2015-01-12 17:41 - 00000000 ____D () C:\Biologie_Doktorat
2015-03-01 19:00 - 2015-01-28 10:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-01 01:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-02-26 14:14 - 2015-01-09 13:40 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Help
2015-02-26 11:58 - 2015-01-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Sony
2015-02-26 11:57 - 2015-01-08 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-02-26 11:56 - 2015-02-01 12:49 - 00000000 ____D () C:\Program Files (x86)\epson
2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\EPSON
2015-02-25 14:28 - 2015-01-27 11:49 - 00000000 ____D () C:\Program Files\Java
2015-02-24 19:28 - 2015-01-27 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422357903
2015-02-24 19:28 - 2015-01-27 12:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-02-23 12:01 - 2015-01-28 13:22 - 00000000 ____D () C:\ComputerPflege
2015-02-20 16:26 - 2015-01-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-02-20 16:14 - 2015-01-14 17:11 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\EndNote
2015-02-19 16:47 - 2015-01-12 17:35 - 00000000 ____D () C:\DETECTIVE_150303
2015-02-19 11:49 - 2015-01-08 18:06 - 00000218 _____ () C:\Windows\SysWOW64\grucp51.tgz
2015-02-19 11:49 - 2015-01-08 18:06 - 00000204 _____ () C:\Windows\SysWOW64\grucp51.dll
2015-02-19 11:49 - 2015-01-08 18:06 - 00000114 _____ () C:\Windows\SysWOW64\prsgrc.tgz
2015-02-19 11:49 - 2015-01-08 18:06 - 00000100 _____ () C:\Windows\SysWOW64\prsgrc.dll
2015-02-19 11:49 - 2015-01-08 18:06 - 00000086 _____ () C:\Windows\SysWOW64\ssprs.tgz
2015-02-18 22:02 - 2015-01-15 22:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-18 22:02 - 2015-01-15 22:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-17 20:30 - 2015-01-21 17:30 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Games
2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Users\Public\Documents\EndNote
2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote
2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Program Files (x86)\EndNote X7
2015-02-17 17:19 - 2015-01-14 16:59 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers
2015-02-17 17:19 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank
2015-02-17 17:01 - 2015-01-20 14:46 - 00000000 ____D () C:\Users\Stephan Blank\.gimp-2.6
2015-02-17 16:58 - 2015-01-20 15:06 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\gtk-2.0
2015-02-17 15:10 - 2015-01-27 13:50 - 00000000 ____D () C:\Windows\pss
2015-02-17 13:35 - 2015-01-19 12:16 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MEGA_Global
2015-02-16 14:19 - 2015-01-12 17:29 - 00000000 ____D () C:\SonstigesAsus
2015-02-16 12:43 - 2015-01-28 06:40 - 00000000 ____D () C:\Windows\Minidump
2015-02-16 12:43 - 2015-01-08 16:12 - 00000000 ____D () C:\Windows\Panther
2015-02-16 12:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing
2015-02-13 14:32 - 2009-07-14 05:45 - 00341880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ____D () C:\Windows\system32\appraiser
2015-02-13 13:30 - 2015-01-09 13:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-02-13 13:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-02-13 13:26 - 2015-01-08 18:56 - 00000000 ____D () C:\Windows\system32\MRT
2015-02-13 13:21 - 2015-01-08 18:56 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-02-11 10:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-02-08 13:16 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\VirtualStore
2015-02-07 10:09 - 2015-01-16 13:15 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\DVDVideoSoft
2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack
2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft

==================== Files in the root of some directories =======

2015-01-14 12:55 - 2015-01-14 12:55 - 0000057 _____ () C:\ProgramData\Ament.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 21:29

==================== End Of Log ============================
         
--- --- ---
Und hier ist der FRST addition.txt:FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01
Ran by Stephan Blank at 2015-03-06 12:46:26
Running from C:\Users\Stephan Blank\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3Connect (HKLM-x32\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband)
3DataManager (HKLM-x32\...\3DataManager) (Version: 3.5 - 3DataManager)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
ATI Catalyst Install Manager (HKLM\...\{158BEEC4-CC30-BF2F-248D-B52AF953E9C1}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
BioEdit (HKLM-x32\...\{AF6D9313-E338-48F0-9B0C-7DE20EDB99CF}) (Version: 7.2.5.0 - Tom Hall)
Canoco 5 (HKLM\...\Canoco5) (Version: 5.00 - Biometris and Petr Smilauer)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.55 - Cliqz.com)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.2.1.8311 - Thomson Reuters)
Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version:  - SEIKO EPSON Corporation)
Free YouTube Download version 3.2.53.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.53.128 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.53.113 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.53.113 - DVDVideoSoft Ltd.)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Huawei modem (HKLM-x32\...\Huawei Modems) (Version:  - )
ImageMagick 6.7.5-7 Q16 (2012-03-01) (HKLM-x32\...\ImageMagick 6.7.5 Q16_is1) (Version: 6.7.5 - ImageMagick Studio LLC)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
MEGA6 .06 (HKLM-x32\...\{EE7E4984-0208-48E7-959C-A5F5F06F0DE0}_is1) (Version: .06 - Center for Evolutionary Medicine and Informatics)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MonkeyJam 3_050529 (HKLM-x32\...\MonkeyJam_is1) (Version:  - GiantScreamingRobotMonkeys)
Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA)
Panzer Corps (HKLM-x32\...\Panzer Corps1.03) (Version: 1.03 - Slitherine)
PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.1.0 - Frank Heindörfer, Philip Chinery)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version:  - Thomson Reuters)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SigmaPlot 12.5 (HKLM-x32\...\{730E22C0-A5A9-4A1B-AE66-570573DCA0E8}) (Version: 12.5 - Systat Software, Inc.)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION)
Sony Ericsson PC Companion 1.60.13 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.60.13 - Sony Ericsson)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
ZoneAlarm Firewall (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.052.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-01-2015 11:49:18 Installed Java SE Development Kit 8 Update 31 (64-bit)
27-01-2015 11:56:34 Removed Java 8 Update 31 (64-bit)
28-01-2015 09:49:49 AA11
28-01-2015 10:29:28 avast! antivirus system restore point
28-01-2015 11:55:35 Windows-Sicherung
29-01-2015 18:08:59 Windows Update
01-02-2015 12:54:58 Installed Software Updater
01-02-2015 12:56:03 Installed Software Updater
01-02-2015 13:03:32 Gerätetreiber-Paketinstallation: EPSON Drucker
01-02-2015 13:04:10 Installed Epson Event Manager
03-02-2015 10:58:45 Windows Update
07-02-2015 08:27:18 Windows Update
10-02-2015 22:19:25 TuneUp Utilities 2014 wird entfernt
10-02-2015 22:20:26 TuneUp Utilities 2014 (de-DE) wird entfernt
11-02-2015 11:04:14 Windows Update
13-02-2015 13:19:31 Windows Update
16-02-2015 12:12:06 Windows Update
17-02-2015 12:15:56 Installed 7-Zip 9.20 (x64 edition)
23-02-2015 11:58:28 Windows Update
23-02-2015 18:45:33 DirectX wurde installiert
25-02-2015 11:07:24 Windows Update
25-02-2015 14:26:59 Removed Java SE Development Kit 8 Update 31 (64-bit)
26-02-2015 11:56:44 Entfernt VAIO Control Center
04-03-2015 08:39:16 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0A4ED209-8A24-4F0C-8200-FAED06D630F5} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {1082E2F1-E5D2-4B8D-A0C0-F46EEA70C8C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {420E405D-ACFC-42CE-9B6E-91FAE8F2A029} - System32\Tasks\avastBCLRestartS-1-5-21-3493849748-3862360928-3587676368-1000 => Firefox.exe 
Task: {4767FAFE-60A8-4BC9-8006-2FAF7ED25573} - System32\Tasks\{27899F27-867F-4E42-8BB4-A1701B588687} => pcalua.exe -a "C:\Users\Stephan Blank\Downloads\IFAOTH-00231600-0042\IFAOTH-00231600-0042.EXE" -d "C:\Users\Stephan Blank\Downloads\IFAOTH-00231600-0042"
Task: {545BA2A2-8696-4C36-8BCA-0AEEAAA76D61} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {5C48DB24-A4D5-4EA7-9980-8835B92B81FC} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Month => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: {5F179B82-1CE6-472B-AC2A-3A46ED557ED2} - System32\Tasks\Opera scheduled Autoupdate 1422357903 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software)
Task: {892F8FCD-501F-4C6B-B938-BB4855FB33C7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {8F1DB272-D065-4D17-B840-687CA4DFFF3D} - System32\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION)
Task: {8F433845-CF51-4441-BF4C-ABC0B69F1A07} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-28] (AVAST Software)
Task: {9B15A5DF-4928-42E3-998E-069BD0C27E27} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {A2C02124-3F9E-4ABD-9E20-4BC50E945AAA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {B55B91AE-A744-41F2-A135-9F7B559961D4} - System32\Tasks\{925A250A-9998-425D-94A5-23A0C12C8416} => pcalua.exe -a "C:\Users\Stephan Blank\Downloads\SODFEP-00224384-0042\SODFEP-00224384-0042.EXE" -d "C:\Users\Stephan Blank\Downloads\SODFEP-00224384-0042"
Task: {B71FA479-5A42-401E-9A59-269837BF716A} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation)
Task: {BF6A1DE2-CFD5-433F-9CC2-C655318972E9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D8305A3D-7F4A-4D3F-AC21-5C481B117794} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-18] (Adobe Systems Incorporated)
Task: {FD6EC84C-9579-44B2-893E-7D6B868A57F5} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Daily => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{6E7111F9-907E-4B79-A32C-3CF8061D7EF0} /F:UpdateSYSTEM
Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Loaded Modules (whitelisted) ==============

2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2015-03-03 17:12 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2015-01-15 22:08 - 2011-03-23 16:32 - 01740696 _____ () C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
2015-01-21 17:30 - 2012-12-12 11:41 - 00346832 ____N () C:\Program Files (x86)\3DataManager\WTGService.exe
2015-01-28 10:30 - 2015-01-28 10:30 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-28 10:30 - 2015-01-28 10:30 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-01-08 17:37 - 2011-04-17 13:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-22 02:53 - 2011-12-22 02:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-01-21 17:30 - 2012-12-12 11:41 - 00506576 ____N () C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe
2015-03-06 09:20 - 2015-03-06 09:20 - 02918400 _____ () C:\Program Files\AVAST Software\Avast\defs\15030600\algo.dll
2015-01-28 10:30 - 2015-01-28 10:30 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-01-28 11:00 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-01-28 11:00 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-01-28 11:00 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-01-28 11:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-01-28 11:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-01-09 13:12 - 2011-03-05 16:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-01-09 12:30 - 2015-01-09 12:30 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2015-01-09 12:30 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-01-28 10:30 - 2015-01-28 10:30 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00073728 ____N () C:\Program Files (x86)\3DataManager\WtgDriverInstall.dll
2015-01-21 17:30 - 2012-12-12 11:37 - 00749568 ____N () C:\Program Files (x86)\3DataManager\WtgCore.dll
2015-01-21 17:30 - 2012-12-12 11:37 - 00139264 ____N () C:\Program Files (x86)\3DataManager\WtgBluetooth.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00086016 ____N () C:\Program Files (x86)\3DataManager\WtgDialup.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgUtil.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgPorts.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00110592 ____N () C:\Program Files (x86)\3DataManager\WtgDatabase.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00212992 ____N () C:\Program Files (x86)\3DataManager\WtgDetection.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00012288 ____N () C:\Program Files (x86)\3DataManager\WTGDebugs.dll
2015-01-21 17:30 - 2012-09-04 11:48 - 01105920 ____N () C:\Program Files (x86)\3DataManager\NDISAPI.dll
2015-01-21 17:30 - 2012-12-05 11:38 - 00598016 ____N () C:\Program Files (x86)\3DataManager\WTGXMLUtil.dll
2015-01-21 17:30 - 2012-12-12 11:36 - 00278528 ____N () C:\Program Files (x86)\3DataManager\WTGSMSPCClient.Dll
2015-01-21 17:30 - 2012-12-12 11:37 - 00012800 ____N () C:\Program Files (x86)\3DataManager\WTGDriverInstallX.Dll
2015-01-21 17:30 - 2012-12-12 11:40 - 00274432 ____N () C:\Program Files (x86)\3DataManager\WtgMobileBroadband7.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Stephan Blank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.94.78.17 - 213.94.78.16

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: VAIO Power Management => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Stephan Blank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk.Startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-3493849748-3862360928-3587676368-500 - Administrator - Disabled)
Gast (S-1-5-21-3493849748-3862360928-3587676368-501 - Limited - Disabled)
Stephan Blank (S-1-5-21-3493849748-3862360928-3587676368-1000 - Administrator - Enabled) => C:\Users\Stephan Blank

==================== Faulty Device Manager Devices =============

Name: TCP/IP-Protokolltreiber
Description: TCP/IP-Protokolltreiber
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: Tcpip
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (03/06/2015 00:33:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (3312) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS002DF.log.


System errors:
=============
Error: (03/06/2015 00:33:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/06/2015 00:33:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (03/06/2015 00:31:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2015 00:31:01 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/06/2015 00:00:45 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/06/2015 09:10:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2015 09:10:35 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (03/06/2015 06:01:10 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (03/06/2015 03:05:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (03/06/2015 03:05:55 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office Sessions:
=========================
Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (03/06/2015 00:33:45 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows3312Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS002DF.log-1811


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 29%
Total physical RAM: 8107.86 MB
Available physical RAM: 5691.36 MB
Total Pagefile: 16213.91 MB
Available Pagefile: 13423.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:162.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (H2SD) (Removable) (Total:3.68 GB) (Free:3.1 GB) FAT32
Drive g: (3Connect) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000796F5)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---


Alt 06.03.2015, 16:41   #6
schrauber
/// the machine
/// TB-Ausbilder
 

CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> CPU sark beansprucht! Lüfter laut!

Alt 07.03.2015, 10:08   #7
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Hallo Schrauber,

die Scans habe ich nun durchgeführt. Beide Programme fanden keine Bedrohungen. Deswegen habe ich mit dem MBAR kein Clean up gemacht.

Das Report-log des TDSSKiller folgt hier:

Code:
ATTFilter
09:56:39.0793 0x0bd0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
09:57:12.0054 0x0bd0  ============================================================
09:57:12.0054 0x0bd0  Current date / time: 2015/03/07 09:57:12.0054
09:57:12.0054 0x0bd0  SystemInfo:
09:57:12.0054 0x0bd0  
09:57:12.0054 0x0bd0  OS Version: 6.1.7601 ServicePack: 1.0
09:57:12.0054 0x0bd0  Product type: Workstation
09:57:12.0054 0x0bd0  ComputerName: STEPHANBLANK-PC
09:57:12.0054 0x0bd0  UserName: Stephan Blank
09:57:12.0054 0x0bd0  Windows directory: C:\Windows
09:57:12.0054 0x0bd0  System windows directory: C:\Windows
09:57:12.0054 0x0bd0  Running under WOW64
09:57:12.0054 0x0bd0  Processor architecture: Intel x64
09:57:12.0054 0x0bd0  Number of processors: 4
09:57:12.0054 0x0bd0  Page size: 0x1000
09:57:12.0054 0x0bd0  Boot type: Normal boot
09:57:12.0054 0x0bd0  ============================================================
09:57:12.0194 0x0bd0  KLMD registered as C:\Windows\system32\drivers\81699228.sys
09:57:12.0678 0x0bd0  System UUID: {5CA27604-2563-CEDE-C7EE-D76F167AAD0F}
09:57:13.0489 0x0bd0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:57:14.0581 0x0bd0  Drive \Device\Harddisk1\DR1 - Size: 0xEC400000 ( 3.69 Gb ), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:57:14.0581 0x0bd0  ============================================================
09:57:14.0581 0x0bd0  \Device\Harddisk0\DR0:
09:57:14.0581 0x0bd0  MBR partitions:
09:57:14.0581 0x0bd0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
09:57:14.0581 0x0bd0  \Device\Harddisk1\DR1:
09:57:14.0581 0x0bd0  MBR partitions:
09:57:14.0581 0x0bd0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760000
09:57:14.0581 0x0bd0  ============================================================
09:57:14.0628 0x0bd0  C: <-> \Device\Harddisk0\DR0\Partition1
09:57:14.0628 0x0bd0  ============================================================
09:57:14.0628 0x0bd0  Initialize success
09:57:14.0628 0x0bd0  ============================================================
09:58:19.0321 0x10a4  ============================================================
09:58:19.0321 0x10a4  Scan started
09:58:19.0321 0x10a4  Mode: Manual; SigCheck; TDLFS; 
09:58:19.0321 0x10a4  ============================================================
09:58:19.0321 0x10a4  KSN ping started
09:58:19.0852 0x10a4  KSN ping finished: true
09:58:20.0444 0x10a4  ================ Scan system memory ========================
09:58:20.0444 0x10a4  System memory - ok
09:58:20.0444 0x10a4  ================ Scan services =============================
09:58:20.0663 0x10a4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:58:20.0834 0x10a4  1394ohci - ok
09:58:20.0897 0x10a4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:58:20.0959 0x10a4  ACPI - ok
09:58:20.0990 0x10a4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:58:21.0053 0x10a4  AcpiPmi - ok
09:58:21.0271 0x10a4  [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:58:21.0334 0x10a4  AdobeFlashPlayerUpdateSvc - ok
09:58:21.0427 0x10a4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:58:21.0490 0x10a4  adp94xx - ok
09:58:21.0536 0x10a4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:58:21.0583 0x10a4  adpahci - ok
09:58:21.0614 0x10a4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:58:21.0661 0x10a4  adpu320 - ok
09:58:21.0708 0x10a4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:58:21.0786 0x10a4  AeLookupSvc - ok
09:58:21.0848 0x10a4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
09:58:21.0926 0x10a4  AFD - ok
09:58:21.0973 0x10a4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:58:22.0004 0x10a4  agp440 - ok
09:58:22.0051 0x10a4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
09:58:22.0160 0x10a4  ALG - ok
09:58:22.0207 0x10a4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:58:22.0254 0x10a4  aliide - ok
09:58:22.0316 0x10a4  [ 0EE274476C3E5F05F2B79B8C63FCCCFC, 7D1861FCC975AD85D793DD6945113DA06CDD2B8F118AA61D0147FFA3315E8A48 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:58:22.0394 0x10a4  AMD External Events Utility - ok
09:58:22.0410 0x10a4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:58:22.0441 0x10a4  amdide - ok
09:58:22.0472 0x10a4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:58:22.0550 0x10a4  AmdK8 - ok
09:58:22.0909 0x10a4  [ B18018924D6ADB6E64BC39BD37D6A4D8, 6EEB593A50AD5AA9633E6F97AB2314D674C13FAA7A6D03000A5F6C074CAF7BAF ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
09:58:23.0284 0x10a4  amdkmdag - ok
09:58:23.0346 0x10a4  [ 3249B112D48D29BE86984CF4594C9755, 089712B872F92AB0614665F8B5EA869EAB4F6035164921EE0021158D457DE83F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
09:58:23.0408 0x10a4  amdkmdap - ok
09:58:23.0455 0x10a4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:58:23.0502 0x10a4  AmdPPM - ok
09:58:23.0533 0x10a4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:58:23.0596 0x10a4  amdsata - ok
09:58:23.0627 0x10a4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:58:23.0689 0x10a4  amdsbs - ok
09:58:23.0720 0x10a4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:58:23.0752 0x10a4  amdxata - ok
09:58:23.0783 0x10a4  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
09:58:23.0861 0x10a4  AppID - ok
09:58:23.0892 0x10a4  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:58:23.0954 0x10a4  AppIDSvc - ok
09:58:23.0970 0x10a4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
09:58:24.0032 0x10a4  Appinfo - ok
09:58:24.0064 0x10a4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
09:58:24.0110 0x10a4  arc - ok
09:58:24.0126 0x10a4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:58:24.0173 0x10a4  arcsas - ok
09:58:24.0313 0x10a4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:58:24.0376 0x10a4  aspnet_state - ok
09:58:24.0438 0x10a4  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
09:58:24.0500 0x10a4  aswHwid - ok
09:58:24.0516 0x10a4  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
09:58:24.0563 0x10a4  aswMonFlt - ok
09:58:24.0610 0x10a4  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
09:58:24.0672 0x10a4  aswRdr - ok
09:58:24.0688 0x10a4  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
09:58:24.0734 0x10a4  aswRvrt - ok
09:58:24.0844 0x10a4  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
09:58:24.0922 0x10a4  aswSnx - ok
09:58:24.0984 0x10a4  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
09:58:25.0046 0x10a4  aswSP - ok
09:58:25.0093 0x10a4  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\Windows\system32\drivers\aswStm.sys
09:58:25.0124 0x10a4  aswStm - ok
09:58:25.0187 0x10a4  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
09:58:25.0249 0x10a4  aswVmm - ok
09:58:25.0296 0x10a4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:58:25.0374 0x10a4  AsyncMac - ok
09:58:25.0421 0x10a4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:58:25.0452 0x10a4  atapi - ok
09:58:25.0530 0x10a4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:58:25.0624 0x10a4  AudioEndpointBuilder - ok
09:58:25.0655 0x10a4  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:58:25.0702 0x10a4  AudioSrv - ok
09:58:25.0795 0x10a4  [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:58:25.0858 0x10a4  avast! Antivirus - ok
09:58:26.0060 0x10a4  [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
09:58:26.0263 0x10a4  AvastVBoxSvc - ok
09:58:26.0294 0x10a4  avchv - ok
09:58:26.0357 0x10a4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:58:26.0435 0x10a4  AxInstSV - ok
09:58:26.0497 0x10a4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
09:58:26.0560 0x10a4  b06bdrv - ok
09:58:26.0606 0x10a4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:58:26.0653 0x10a4  b57nd60a - ok
09:58:26.0684 0x10a4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:58:26.0731 0x10a4  BDESVC - ok
09:58:26.0950 0x10a4  [ 68BF3520FE759C91FD9182F36E585374, FB88732817BBBEFB9644B9C3E1CC1033431AF9A62C742522D851FA7AB1B7F962 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe
09:58:27.0059 0x10a4  BecHelperService - ok
09:58:27.0090 0x10a4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:58:27.0152 0x10a4  Beep - ok
09:58:27.0246 0x10a4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
09:58:27.0340 0x10a4  BFE - ok
09:58:27.0386 0x10a4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
09:58:27.0511 0x10a4  BITS - ok
09:58:27.0542 0x10a4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:58:27.0605 0x10a4  blbdrive - ok
09:58:27.0636 0x10a4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:58:27.0683 0x10a4  bowser - ok
09:58:27.0714 0x10a4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:58:27.0761 0x10a4  BrFiltLo - ok
09:58:27.0776 0x10a4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:58:27.0823 0x10a4  BrFiltUp - ok
09:58:27.0854 0x10a4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
09:58:27.0917 0x10a4  Browser - ok
09:58:27.0932 0x10a4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:58:28.0026 0x10a4  Brserid - ok
09:58:28.0042 0x10a4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:58:28.0088 0x10a4  BrSerWdm - ok
09:58:28.0104 0x10a4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:58:28.0135 0x10a4  BrUsbMdm - ok
09:58:28.0151 0x10a4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:58:28.0198 0x10a4  BrUsbSer - ok
09:58:28.0229 0x10a4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
09:58:28.0291 0x10a4  BthEnum - ok
09:58:28.0322 0x10a4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:58:28.0385 0x10a4  BTHMODEM - ok
09:58:28.0416 0x10a4  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:58:28.0463 0x10a4  BthPan - ok
09:58:28.0556 0x10a4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
09:58:28.0619 0x10a4  BTHPORT - ok
09:58:28.0650 0x10a4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
09:58:28.0728 0x10a4  bthserv - ok
09:58:28.0759 0x10a4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
09:58:28.0806 0x10a4  BTHUSB - ok
09:58:28.0837 0x10a4  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
09:58:28.0868 0x10a4  btwampfl - ok
09:58:28.0900 0x10a4  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
09:58:28.0946 0x10a4  btwaudio - ok
09:58:28.0962 0x10a4  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
09:58:28.0993 0x10a4  btwavdt - ok
09:58:29.0118 0x10a4  [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
09:58:29.0196 0x10a4  btwdins - ok
09:58:29.0227 0x10a4  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
09:58:29.0258 0x10a4  btwl2cap - ok
09:58:29.0274 0x10a4  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
09:58:29.0290 0x10a4  btwrchid - ok
09:58:29.0368 0x10a4  [ 58BF7714A312698108A96D0DE2BB6825, 87E0EC24520C9C421AF6A680FEF42E18911AABA373A9F927C5CE77AD50F8196F ] cbVSCService11  C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
09:58:29.0414 0x10a4  cbVSCService11 - detected UnsignedFile.Multi.Generic ( 1 )
09:58:29.0867 0x10a4  Detect skipped due to KSN trusted
09:58:29.0867 0x10a4  cbVSCService11 - ok
09:58:29.0898 0x10a4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:58:29.0992 0x10a4  cdfs - ok
09:58:30.0038 0x10a4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:58:30.0132 0x10a4  cdrom - ok
09:58:30.0179 0x10a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:58:30.0257 0x10a4  CertPropSvc - ok
09:58:30.0272 0x10a4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:58:30.0335 0x10a4  circlass - ok
09:58:30.0382 0x10a4  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:58:30.0428 0x10a4  CLFS - ok
09:58:30.0538 0x10a4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:58:30.0584 0x10a4  clr_optimization_v2.0.50727_32 - ok
09:58:30.0662 0x10a4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:58:30.0725 0x10a4  clr_optimization_v2.0.50727_64 - ok
09:58:30.0818 0x10a4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:58:30.0850 0x10a4  clr_optimization_v4.0.30319_32 - ok
09:58:30.0865 0x10a4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:58:30.0896 0x10a4  clr_optimization_v4.0.30319_64 - ok
09:58:30.0928 0x10a4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:58:30.0974 0x10a4  CmBatt - ok
09:58:31.0021 0x10a4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:58:31.0052 0x10a4  cmdide - ok
09:58:31.0115 0x10a4  [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG             C:\Windows\system32\Drivers\cng.sys
09:58:31.0177 0x10a4  CNG - ok
09:58:31.0271 0x10a4  [ 7EA8AC41A2E8426EC7079C44DBA1D254, 89C9242D0838551AEAF811F29B48B2338A05DC2F072A16A671D7B021D7B9C225 ] CobianBackup11  C:\Program Files (x86)\Cobian Backup 11\cbService.exe
09:58:31.0364 0x10a4  CobianBackup11 - detected UnsignedFile.Multi.Generic ( 1 )
09:58:31.0832 0x10a4  Detect skipped due to KSN trusted
09:58:31.0832 0x10a4  CobianBackup11 - ok
09:58:31.0879 0x10a4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:58:31.0942 0x10a4  Compbatt - ok
09:58:31.0957 0x10a4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:58:32.0020 0x10a4  CompositeBus - ok
09:58:32.0035 0x10a4  COMSysApp - ok
09:58:32.0160 0x10a4  [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
09:58:32.0222 0x10a4  cphs - ok
09:58:32.0238 0x10a4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:58:32.0285 0x10a4  crcdisk - ok
09:58:32.0332 0x10a4  [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:58:32.0394 0x10a4  CryptSvc - ok
09:58:32.0441 0x10a4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:58:32.0519 0x10a4  DcomLaunch - ok
09:58:32.0566 0x10a4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
09:58:32.0659 0x10a4  defragsvc - ok
09:58:32.0690 0x10a4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:58:32.0800 0x10a4  DfsC - ok
09:58:32.0846 0x10a4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:58:32.0893 0x10a4  Dhcp - ok
09:58:32.0924 0x10a4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:58:33.0002 0x10a4  discache - ok
09:58:33.0049 0x10a4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
09:58:33.0096 0x10a4  Disk - ok
09:58:33.0143 0x10a4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:58:33.0205 0x10a4  Dnscache - ok
09:58:33.0236 0x10a4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:58:33.0314 0x10a4  dot3svc - ok
09:58:33.0330 0x10a4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
09:58:33.0392 0x10a4  DPS - ok
09:58:33.0439 0x10a4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:58:33.0470 0x10a4  drmkaud - ok
09:58:33.0564 0x10a4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:58:33.0626 0x10a4  DXGKrnl - ok
09:58:33.0658 0x10a4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
09:58:33.0720 0x10a4  EapHost - ok
09:58:33.0892 0x10a4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
09:58:34.0079 0x10a4  ebdrv - ok
09:58:34.0126 0x10a4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS             C:\Windows\System32\lsass.exe
09:58:34.0188 0x10a4  EFS - ok
09:58:34.0266 0x10a4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:58:34.0360 0x10a4  ehRecvr - ok
09:58:34.0375 0x10a4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
09:58:34.0438 0x10a4  ehSched - ok
09:58:34.0500 0x10a4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:58:34.0547 0x10a4  elxstor - ok
09:58:34.0609 0x10a4  [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc    C:\Windows\system32\EscSvc64.exe
09:58:34.0656 0x10a4  EpsonScanSvc - ok
09:58:34.0687 0x10a4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:58:34.0734 0x10a4  ErrDev - ok
09:58:34.0828 0x10a4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
09:58:34.0937 0x10a4  EventSystem - ok
09:58:35.0124 0x10a4  [ 7EE9F35BC1DD0CE1A4976032F9AC5162, 31FF86DEEB57AC903A1A1CE2AD8ED161CE613527F9804F9BE31A9051399F1F47 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
09:58:35.0218 0x10a4  EvtEng - ok
09:58:35.0280 0x10a4  [ 97F9144BA87EB5826363FB345DEB40CD, 7ECDAC691EFD149C22869802F1EEE5CD147A14B8B57B3433B9D4FDCE4BD045CD ] ewusbmbb        C:\Windows\system32\DRIVERS\ewusbwwan.sys
09:58:35.0342 0x10a4  ewusbmbb - ok
09:58:35.0389 0x10a4  [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
09:58:35.0436 0x10a4  ew_hwusbdev - ok
09:58:35.0514 0x10a4  [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys
09:58:35.0561 0x10a4  ew_usbenumfilter - ok
09:58:35.0592 0x10a4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:58:35.0654 0x10a4  exfat - ok
09:58:35.0686 0x10a4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:58:35.0779 0x10a4  fastfat - ok
09:58:35.0857 0x10a4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
09:58:35.0935 0x10a4  Fax - ok
09:58:35.0951 0x10a4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
09:58:35.0998 0x10a4  fdc - ok
09:58:36.0013 0x10a4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
09:58:36.0076 0x10a4  fdPHost - ok
09:58:36.0107 0x10a4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:58:36.0169 0x10a4  FDResPub - ok
09:58:36.0216 0x10a4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:58:36.0232 0x10a4  FileInfo - ok
09:58:36.0247 0x10a4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:58:36.0310 0x10a4  Filetrace - ok
09:58:36.0325 0x10a4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:58:36.0372 0x10a4  flpydisk - ok
09:58:36.0403 0x10a4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:58:36.0450 0x10a4  FltMgr - ok
09:58:36.0512 0x10a4  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
09:58:36.0606 0x10a4  FontCache - ok
09:58:36.0653 0x10a4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:58:36.0668 0x10a4  FontCache3.0.0.0 - ok
09:58:36.0684 0x10a4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:58:36.0731 0x10a4  FsDepends - ok
09:58:36.0762 0x10a4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:58:36.0809 0x10a4  Fs_Rec - ok
09:58:36.0840 0x10a4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:58:36.0887 0x10a4  fvevol - ok
09:58:36.0918 0x10a4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:58:36.0949 0x10a4  gagp30kx - ok
09:58:37.0043 0x10a4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:58:37.0136 0x10a4  gpsvc - ok
09:58:37.0152 0x10a4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:58:37.0199 0x10a4  hcw85cir - ok
09:58:37.0261 0x10a4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:58:37.0339 0x10a4  HdAudAddService - ok
09:58:37.0402 0x10a4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:58:37.0495 0x10a4  HDAudBus - ok
09:58:37.0526 0x10a4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:58:37.0558 0x10a4  HidBatt - ok
09:58:37.0573 0x10a4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:58:37.0604 0x10a4  HidBth - ok
09:58:37.0636 0x10a4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:58:37.0698 0x10a4  HidIr - ok
09:58:37.0729 0x10a4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
09:58:37.0776 0x10a4  hidserv - ok
09:58:37.0823 0x10a4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:58:37.0885 0x10a4  HidUsb - ok
09:58:37.0916 0x10a4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:58:37.0994 0x10a4  hkmsvc - ok
09:58:38.0026 0x10a4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:58:38.0088 0x10a4  HomeGroupListener - ok
09:58:38.0119 0x10a4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:58:38.0197 0x10a4  HomeGroupProvider - ok
09:58:38.0228 0x10a4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:58:38.0275 0x10a4  HpSAMD - ok
09:58:38.0322 0x10a4  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:58:38.0447 0x10a4  HTTP - ok
09:58:38.0494 0x10a4  [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
09:58:38.0525 0x10a4  huawei_enumerator - ok
09:58:38.0572 0x10a4  [ 24FA6177FE55C4BC045EC87E39F90688, 14B6EF152CE5293BB549A8FA069BEBC34C8C6B9796A6AA94B0AB6ADBEC3819C1 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
09:58:38.0603 0x10a4  hwdatacard - ok
09:58:38.0618 0x10a4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:58:38.0650 0x10a4  hwpolicy - ok
09:58:38.0681 0x10a4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:58:38.0728 0x10a4  i8042prt - ok
09:58:38.0821 0x10a4  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
09:58:38.0868 0x10a4  iaStor - ok
09:58:38.0977 0x10a4  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
09:58:39.0040 0x10a4  IAStorDataMgrSvc - ok
09:58:39.0102 0x10a4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:58:39.0133 0x10a4  iaStorV - ok
09:58:39.0305 0x10a4  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
09:58:39.0414 0x10a4  IconMan_R - ok
09:58:39.0508 0x10a4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:58:39.0586 0x10a4  idsvc - ok
09:58:39.0601 0x10a4  IEEtwCollectorService - ok
09:58:40.0054 0x10a4  [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
09:58:40.0506 0x10a4  igfx - ok
09:58:40.0553 0x10a4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:58:40.0584 0x10a4  iirsp - ok
09:58:40.0646 0x10a4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:58:40.0709 0x10a4  IKEEXT - ok
09:58:40.0787 0x10a4  [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:58:40.0865 0x10a4  IntcDAud - ok
09:58:40.0896 0x10a4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:58:40.0943 0x10a4  intelide - ok
09:58:41.0426 0x10a4  [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
09:58:41.0863 0x10a4  intelkmd - ok
09:58:41.0910 0x10a4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:58:41.0941 0x10a4  intelppm - ok
09:58:41.0957 0x10a4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:58:42.0035 0x10a4  IPBusEnum - ok
09:58:42.0066 0x10a4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:58:42.0144 0x10a4  IpFilterDriver - ok
09:58:42.0206 0x10a4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:58:42.0300 0x10a4  iphlpsvc - ok
09:58:42.0331 0x10a4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:58:42.0378 0x10a4  IPMIDRV - ok
09:58:42.0394 0x10a4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:58:42.0456 0x10a4  IPNAT - ok
09:58:42.0503 0x10a4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:58:42.0550 0x10a4  IRENUM - ok
09:58:42.0581 0x10a4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:58:42.0596 0x10a4  isapnp - ok
09:58:42.0643 0x10a4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:58:42.0690 0x10a4  iScsiPrt - ok
09:58:42.0721 0x10a4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:58:42.0768 0x10a4  kbdclass - ok
09:58:42.0799 0x10a4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:58:42.0862 0x10a4  kbdhid - ok
09:58:42.0893 0x10a4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso          C:\Windows\system32\lsass.exe
09:58:42.0924 0x10a4  KeyIso - ok
09:58:42.0971 0x10a4  [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:58:43.0002 0x10a4  KSecDD - ok
09:58:43.0018 0x10a4  [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:58:43.0049 0x10a4  KSecPkg - ok
09:58:43.0096 0x10a4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
09:58:43.0158 0x10a4  ksthunk - ok
09:58:43.0205 0x10a4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:58:43.0298 0x10a4  KtmRm - ok
09:58:43.0330 0x10a4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:58:43.0408 0x10a4  LanmanServer - ok
09:58:43.0454 0x10a4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:58:43.0532 0x10a4  LanmanWorkstation - ok
09:58:43.0579 0x10a4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:58:43.0626 0x10a4  lltdio - ok
09:58:43.0657 0x10a4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:58:43.0751 0x10a4  lltdsvc - ok
09:58:43.0782 0x10a4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:58:43.0829 0x10a4  lmhosts - ok
09:58:43.0907 0x10a4  [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:58:43.0938 0x10a4  LMS - ok
09:58:43.0985 0x10a4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:58:44.0016 0x10a4  LSI_FC - ok
09:58:44.0047 0x10a4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:58:44.0078 0x10a4  LSI_SAS - ok
09:58:44.0094 0x10a4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:58:44.0125 0x10a4  LSI_SAS2 - ok
09:58:44.0141 0x10a4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:58:44.0172 0x10a4  LSI_SCSI - ok
09:58:44.0188 0x10a4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:58:44.0266 0x10a4  luafv - ok
09:58:44.0281 0x10a4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:58:44.0328 0x10a4  Mcx2Svc - ok
09:58:44.0344 0x10a4  mdvrmng - ok
09:58:44.0359 0x10a4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:58:44.0406 0x10a4  megasas - ok
09:58:44.0437 0x10a4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:58:44.0468 0x10a4  MegaSR - ok
09:58:44.0500 0x10a4  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
09:58:44.0546 0x10a4  MEIx64 - ok
09:58:44.0562 0x10a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
09:58:44.0656 0x10a4  MMCSS - ok
09:58:44.0656 0x10a4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
09:58:44.0702 0x10a4  Modem - ok
09:58:44.0749 0x10a4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:58:44.0765 0x10a4  monitor - ok
09:58:44.0780 0x10a4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:58:44.0812 0x10a4  mouclass - ok
09:58:44.0827 0x10a4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:58:44.0890 0x10a4  mouhid - ok
09:58:44.0921 0x10a4  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:58:44.0952 0x10a4  mountmgr - ok
09:58:45.0014 0x10a4  [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:58:45.0077 0x10a4  MozillaMaintenance - ok
09:58:45.0108 0x10a4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:58:45.0155 0x10a4  mpio - ok
09:58:45.0170 0x10a4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:58:45.0233 0x10a4  mpsdrv - ok
09:58:45.0295 0x10a4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:58:45.0404 0x10a4  MpsSvc - ok
09:58:45.0436 0x10a4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:58:45.0482 0x10a4  MRxDAV - ok
09:58:45.0514 0x10a4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:58:45.0576 0x10a4  mrxsmb - ok
09:58:45.0607 0x10a4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:58:45.0685 0x10a4  mrxsmb10 - ok
09:58:45.0701 0x10a4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:58:45.0748 0x10a4  mrxsmb20 - ok
09:58:45.0794 0x10a4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:58:45.0810 0x10a4  msahci - ok
09:58:45.0841 0x10a4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:58:45.0888 0x10a4  msdsm - ok
09:58:45.0919 0x10a4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
09:58:45.0950 0x10a4  MSDTC - ok
09:58:45.0982 0x10a4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:58:46.0044 0x10a4  Msfs - ok
09:58:46.0075 0x10a4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:58:46.0138 0x10a4  mshidkmdf - ok
09:58:46.0169 0x10a4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:58:46.0216 0x10a4  msisadrv - ok
09:58:46.0247 0x10a4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:58:46.0340 0x10a4  MSiSCSI - ok
09:58:46.0340 0x10a4  msiserver - ok
09:58:46.0372 0x10a4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:58:46.0434 0x10a4  MSKSSRV - ok
09:58:46.0450 0x10a4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:58:46.0543 0x10a4  MSPCLOCK - ok
09:58:46.0543 0x10a4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:58:46.0606 0x10a4  MSPQM - ok
09:58:46.0637 0x10a4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:58:46.0684 0x10a4  MsRPC - ok
09:58:46.0715 0x10a4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:58:46.0730 0x10a4  mssmbios - ok
09:58:46.0762 0x10a4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:58:46.0824 0x10a4  MSTEE - ok
09:58:46.0840 0x10a4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:58:46.0886 0x10a4  MTConfig - ok
09:58:46.0918 0x10a4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
09:58:46.0964 0x10a4  Mup - ok
09:58:47.0042 0x10a4  [ 0CF5580F27918FFD2E165ECAFA734103, BDB6805A56C1ACE91B2BEE58DF8F48CE4E1B7211BB0AEF22424362F272E09351 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
09:58:47.0105 0x10a4  MyWiFiDHCPDNS - ok
09:58:47.0120 0x10a4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:58:47.0198 0x10a4  napagent - ok
09:58:47.0261 0x10a4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:58:47.0323 0x10a4  NativeWifiP - ok
09:58:47.0401 0x10a4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:58:47.0479 0x10a4  NDIS - ok
09:58:47.0495 0x10a4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:58:47.0573 0x10a4  NdisCap - ok
09:58:47.0620 0x10a4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:58:47.0666 0x10a4  NdisTapi - ok
09:58:47.0698 0x10a4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:58:47.0760 0x10a4  Ndisuio - ok
09:58:47.0791 0x10a4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:58:47.0869 0x10a4  NdisWan - ok
09:58:47.0885 0x10a4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:58:47.0947 0x10a4  NDProxy - ok
09:58:47.0978 0x10a4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:58:48.0041 0x10a4  NetBIOS - ok
09:58:48.0056 0x10a4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:58:48.0119 0x10a4  NetBT - ok
09:58:48.0166 0x10a4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon        C:\Windows\system32\lsass.exe
09:58:48.0181 0x10a4  Netlogon - ok
09:58:48.0228 0x10a4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:58:48.0306 0x10a4  Netman - ok
09:58:48.0353 0x10a4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:48.0400 0x10a4  NetMsmqActivator - ok
09:58:48.0415 0x10a4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:48.0431 0x10a4  NetPipeActivator - ok
09:58:48.0462 0x10a4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:58:48.0540 0x10a4  netprofm - ok
09:58:48.0556 0x10a4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:48.0587 0x10a4  NetTcpActivator - ok
09:58:48.0602 0x10a4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:58:48.0618 0x10a4  NetTcpPortSharing - ok
09:58:48.0961 0x10a4  [ B9C587BDAA61A689883439D5AE6FE7F3, 4AA75BFDD18E0F7D250D1726556FA4F1B0CFE93EA1C38BA43F0EBE046B566E4F ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
09:58:49.0289 0x10a4  NETwNs64 - ok
09:58:49.0336 0x10a4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:58:49.0351 0x10a4  nfrd960 - ok
09:58:49.0382 0x10a4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:58:49.0429 0x10a4  NlaSvc - ok
09:58:49.0429 0x10a4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:58:49.0476 0x10a4  Npfs - ok
09:58:49.0507 0x10a4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
09:58:49.0585 0x10a4  nsi - ok
09:58:49.0616 0x10a4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:58:49.0679 0x10a4  nsiproxy - ok
09:58:49.0757 0x10a4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:58:49.0835 0x10a4  Ntfs - ok
09:58:49.0850 0x10a4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:58:49.0928 0x10a4  Null - ok
09:58:49.0960 0x10a4  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
09:58:50.0022 0x10a4  nusb3hub - ok
09:58:50.0069 0x10a4  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
09:58:50.0116 0x10a4  nusb3xhc - ok
09:58:50.0162 0x10a4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:58:50.0209 0x10a4  nvraid - ok
09:58:50.0225 0x10a4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:58:50.0256 0x10a4  nvstor - ok
09:58:50.0287 0x10a4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:58:50.0318 0x10a4  nv_agp - ok
09:58:50.0350 0x10a4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:58:50.0412 0x10a4  ohci1394 - ok
09:58:50.0474 0x10a4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:58:50.0521 0x10a4  ose - ok
09:58:50.0802 0x10a4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:58:50.0989 0x10a4  osppsvc - ok
09:58:51.0036 0x10a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:58:51.0114 0x10a4  p2pimsvc - ok
09:58:51.0161 0x10a4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:58:51.0239 0x10a4  p2psvc - ok
09:58:51.0270 0x10a4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
09:58:51.0301 0x10a4  Parport - ok
09:58:51.0332 0x10a4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:58:51.0379 0x10a4  partmgr - ok
09:58:51.0395 0x10a4  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:58:51.0442 0x10a4  PcaSvc - ok
09:58:51.0473 0x10a4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
09:58:51.0520 0x10a4  pci - ok
09:58:51.0551 0x10a4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:58:51.0566 0x10a4  pciide - ok
09:58:51.0598 0x10a4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:58:51.0629 0x10a4  pcmcia - ok
09:58:51.0660 0x10a4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:58:51.0676 0x10a4  pcw - ok
09:58:51.0707 0x10a4  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:58:51.0800 0x10a4  PEAUTH - ok
09:58:51.0878 0x10a4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:58:51.0956 0x10a4  PerfHost - ok
09:58:52.0066 0x10a4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
09:58:52.0190 0x10a4  pla - ok
09:58:52.0268 0x10a4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:58:52.0331 0x10a4  PlugPlay - ok
09:58:52.0331 0x10a4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:58:52.0362 0x10a4  PNRPAutoReg - ok
09:58:52.0393 0x10a4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:58:52.0424 0x10a4  PNRPsvc - ok
09:58:52.0471 0x10a4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:58:52.0534 0x10a4  PolicyAgent - ok
09:58:52.0565 0x10a4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
09:58:52.0627 0x10a4  Power - ok
09:58:52.0674 0x10a4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:58:52.0736 0x10a4  PptpMiniport - ok
09:58:52.0752 0x10a4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
09:58:52.0783 0x10a4  Processor - ok
09:58:52.0814 0x10a4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:58:52.0861 0x10a4  ProfSvc - ok
09:58:52.0877 0x10a4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:58:52.0892 0x10a4  ProtectedStorage - ok
09:58:52.0939 0x10a4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:58:53.0017 0x10a4  Psched - ok
09:58:53.0142 0x10a4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:58:53.0251 0x10a4  ql2300 - ok
09:58:53.0282 0x10a4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:58:53.0298 0x10a4  ql40xx - ok
09:58:53.0345 0x10a4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
09:58:53.0423 0x10a4  QWAVE - ok
09:58:53.0438 0x10a4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:58:53.0485 0x10a4  QWAVEdrv - ok
09:58:53.0516 0x10a4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:58:53.0563 0x10a4  RasAcd - ok
09:58:53.0579 0x10a4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:58:53.0626 0x10a4  RasAgileVpn - ok
09:58:53.0641 0x10a4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
09:58:53.0719 0x10a4  RasAuto - ok
09:58:53.0735 0x10a4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:58:53.0797 0x10a4  Rasl2tp - ok
09:58:53.0844 0x10a4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:58:53.0938 0x10a4  RasMan - ok
09:58:53.0953 0x10a4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:58:54.0016 0x10a4  RasPppoe - ok
09:58:54.0047 0x10a4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:58:54.0109 0x10a4  RasSstp - ok
09:58:54.0140 0x10a4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:58:54.0218 0x10a4  rdbss - ok
09:58:54.0234 0x10a4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:58:54.0281 0x10a4  rdpbus - ok
09:58:54.0312 0x10a4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:58:54.0359 0x10a4  RDPCDD - ok
09:58:54.0374 0x10a4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:58:54.0421 0x10a4  RDPENCDD - ok
09:58:54.0437 0x10a4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:58:54.0484 0x10a4  RDPREFMP - ok
09:58:54.0515 0x10a4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:58:54.0562 0x10a4  RDPWD - ok
09:58:54.0624 0x10a4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:58:54.0686 0x10a4  rdyboost - ok
09:58:54.0842 0x10a4  [ AA9FD849C028CCB441A78061B57DB734, 5D6E8A0BEF94C2AA4B634A754BF29F93B9A5D2B02E9376CFB8BF4152EA480193 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
09:58:54.0905 0x10a4  RegSrvc - ok
09:58:54.0936 0x10a4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:58:55.0030 0x10a4  RemoteAccess - ok
09:58:55.0061 0x10a4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:58:55.0154 0x10a4  RemoteRegistry - ok
09:58:55.0201 0x10a4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:58:55.0264 0x10a4  RFCOMM - ok
09:58:55.0279 0x10a4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:58:55.0342 0x10a4  RpcEptMapper - ok
09:58:55.0373 0x10a4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:58:55.0435 0x10a4  RpcLocator - ok
09:58:55.0498 0x10a4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
09:58:55.0576 0x10a4  RpcSs - ok
09:58:55.0622 0x10a4  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
09:58:55.0654 0x10a4  RSPCIESTOR - ok
09:58:55.0669 0x10a4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:58:55.0732 0x10a4  rspndr - ok
09:58:55.0794 0x10a4  [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
09:58:55.0856 0x10a4  RTL8167 - ok
09:58:55.0903 0x10a4  [ 68F717BC57B0FE12011EB9517C97F78D, C1492E889C5C3DEA1CB89F591A840D383ADA23AE46B496A1C01A23538113245E ] s1029bus        C:\Windows\system32\DRIVERS\s1029bus.sys
09:58:55.0934 0x10a4  s1029bus - ok
09:58:55.0981 0x10a4  [ FCFAFA529F4FA27B02FCE1E52A84922E, 5707F5C97BD4B30E6E6790ADF9360EE479A1322C50E73BD435557465C6B3E8A0 ] s1029mdfl       C:\Windows\system32\DRIVERS\s1029mdfl.sys
09:58:56.0044 0x10a4  s1029mdfl - ok
09:58:56.0075 0x10a4  [ 35BD0866EB422AB2D7C8F0DDCC67BF7C, A8C2CBDC8078F98277C891D9ECF52A1C7B4DE4CF06C854FF4D65ED1579DB2EB8 ] s1029mdm        C:\Windows\system32\DRIVERS\s1029mdm.sys
09:58:56.0122 0x10a4  s1029mdm - ok
09:58:56.0153 0x10a4  [ E0FD4F4F42B76E910CC4295C97AA30BA, 3561478D9BD5E4BC66E150A82127964BF7E6C4A0862685CEBEC6AA097C878689 ] s1029mgmt       C:\Windows\system32\DRIVERS\s1029mgmt.sys
09:58:56.0184 0x10a4  s1029mgmt - ok
09:58:56.0231 0x10a4  [ 90276F1D842EB96F82510E73FDB792AD, A8566402688208071F49410F7D973AA29BCAC43C21BFCB42E52B5B6C1240E2AC ] s1029nd5        C:\Windows\system32\DRIVERS\s1029nd5.sys
09:58:56.0293 0x10a4  s1029nd5 - ok
09:58:56.0324 0x10a4  [ 128ED45223FAB846E8436A2F2BAEBB55, CE5A2F05B6D5598100113AD688A8E0A7D041424F68106B3BFFD31C27E5D6811A ] s1029obex       C:\Windows\system32\DRIVERS\s1029obex.sys
09:58:56.0371 0x10a4  s1029obex - ok
09:58:56.0434 0x10a4  [ 400FC5591586A1DFECF7A0CFAA6B0D68, E9E99BD39CFAFCB8103E4CCA62A35BBE81B5982FD5575F64F5F189C57EB6A65B ] s1029unic       C:\Windows\system32\DRIVERS\s1029unic.sys
09:58:56.0496 0x10a4  s1029unic - ok
09:58:56.0512 0x10a4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs           C:\Windows\system32\lsass.exe
09:58:56.0543 0x10a4  SamSs - ok
09:58:56.0574 0x10a4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:58:56.0605 0x10a4  sbp2port - ok
09:58:56.0636 0x10a4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:58:56.0730 0x10a4  SCardSvr - ok
09:58:56.0746 0x10a4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:58:56.0808 0x10a4  scfilter - ok
09:58:56.0855 0x10a4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:58:56.0948 0x10a4  Schedule - ok
09:58:56.0980 0x10a4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:58:57.0026 0x10a4  SCPolicySvc - ok
09:58:57.0042 0x10a4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:58:57.0104 0x10a4  SDRSVC - ok
09:58:57.0260 0x10a4  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
09:58:57.0385 0x10a4  SDScannerService - ok
09:58:57.0510 0x10a4  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
09:58:57.0619 0x10a4  SDUpdateService - ok
09:58:57.0697 0x10a4  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
09:58:57.0760 0x10a4  SDWSCService - ok
09:58:57.0791 0x10a4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:58:57.0853 0x10a4  secdrv - ok
09:58:57.0884 0x10a4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:58:57.0947 0x10a4  seclogon - ok
09:58:57.0978 0x10a4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
09:58:58.0040 0x10a4  SENS - ok
09:58:58.0072 0x10a4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:58:58.0103 0x10a4  SensrSvc - ok
09:58:58.0118 0x10a4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:58:58.0150 0x10a4  Serenum - ok
09:58:58.0181 0x10a4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
09:58:58.0228 0x10a4  Serial - ok
09:58:58.0243 0x10a4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:58:58.0337 0x10a4  sermouse - ok
09:58:58.0368 0x10a4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:58:58.0446 0x10a4  SessionEnv - ok
09:58:58.0493 0x10a4  [ 70F9C476B62DE4F2823E918A6C181ADE, E1A641418A6CB4FA38BB29B86934838B28D8909B8066E5089D85BF72FD61F4C4 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
09:58:58.0555 0x10a4  SFEP - ok
09:58:58.0571 0x10a4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:58:58.0586 0x10a4  sffdisk - ok
09:58:58.0618 0x10a4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:58:58.0664 0x10a4  sffp_mmc - ok
09:58:58.0664 0x10a4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:58:58.0696 0x10a4  sffp_sd - ok
09:58:58.0696 0x10a4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:58:58.0711 0x10a4  sfloppy - ok
09:58:58.0774 0x10a4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:58:58.0852 0x10a4  SharedAccess - ok
09:58:58.0883 0x10a4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:58:58.0961 0x10a4  ShellHWDetection - ok
09:58:58.0992 0x10a4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:58:59.0008 0x10a4  SiSRaid2 - ok
09:58:59.0023 0x10a4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:58:59.0054 0x10a4  SiSRaid4 - ok
09:58:59.0117 0x10a4  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
09:58:59.0179 0x10a4  SkypeUpdate - ok
09:58:59.0226 0x10a4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:58:59.0320 0x10a4  Smb - ok
09:58:59.0351 0x10a4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:58:59.0382 0x10a4  SNMPTRAP - ok
09:58:59.0413 0x10a4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:58:59.0444 0x10a4  spldr - ok
09:58:59.0522 0x10a4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
09:58:59.0585 0x10a4  Spooler - ok
09:58:59.0741 0x10a4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:58:59.0928 0x10a4  sppsvc - ok
09:58:59.0959 0x10a4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:59:00.0037 0x10a4  sppuinotify - ok
09:59:00.0084 0x10a4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:59:00.0146 0x10a4  srv - ok
09:59:00.0193 0x10a4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:59:00.0256 0x10a4  srv2 - ok
09:59:00.0271 0x10a4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:59:00.0318 0x10a4  srvnet - ok
09:59:00.0349 0x10a4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:59:00.0412 0x10a4  SSDPSRV - ok
09:59:00.0443 0x10a4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:59:00.0490 0x10a4  SstpSvc - ok
09:59:00.0521 0x10a4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:59:00.0552 0x10a4  stexstor - ok
09:59:00.0646 0x10a4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:59:00.0724 0x10a4  stisvc - ok
09:59:00.0755 0x10a4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:59:00.0770 0x10a4  swenum - ok
09:59:00.0802 0x10a4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
09:59:00.0895 0x10a4  swprv - ok
09:59:00.0973 0x10a4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
09:59:01.0114 0x10a4  SysMain - ok
09:59:01.0129 0x10a4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:59:01.0176 0x10a4  TabletInputService - ok
09:59:01.0238 0x10a4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:59:01.0348 0x10a4  TapiSrv - ok
09:59:01.0348 0x10a4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
09:59:01.0441 0x10a4  TBS - ok
09:59:01.0566 0x10a4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:59:01.0675 0x10a4  Tcpip - ok
09:59:01.0738 0x10a4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:59:01.0831 0x10a4  TCPIP6 - ok
09:59:01.0862 0x10a4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:59:01.0909 0x10a4  tcpipreg - ok
09:59:01.0956 0x10a4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:59:01.0987 0x10a4  TDPIPE - ok
09:59:02.0034 0x10a4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:59:02.0081 0x10a4  TDTCP - ok
09:59:02.0112 0x10a4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:59:02.0143 0x10a4  tdx - ok
09:59:02.0174 0x10a4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:59:02.0206 0x10a4  TermDD - ok
09:59:02.0252 0x10a4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
09:59:02.0315 0x10a4  TermService - ok
09:59:02.0346 0x10a4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:59:02.0393 0x10a4  Themes - ok
09:59:02.0424 0x10a4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
09:59:02.0486 0x10a4  THREADORDER - ok
09:59:02.0502 0x10a4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:59:02.0596 0x10a4  TrkWks - ok
09:59:02.0658 0x10a4  [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight       C:\Windows\System32\drivers\TrueSight.sys
09:59:02.0736 0x10a4  TrueSight - ok
09:59:02.0783 0x10a4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:59:02.0861 0x10a4  TrustedInstaller - ok
09:59:02.0908 0x10a4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:59:02.0954 0x10a4  tssecsrv - ok
09:59:02.0986 0x10a4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:59:03.0064 0x10a4  TsUsbFlt - ok
09:59:03.0064 0x10a4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:59:03.0126 0x10a4  TsUsbGD - ok
09:59:03.0173 0x10a4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:59:03.0235 0x10a4  tunnel - ok
09:59:03.0251 0x10a4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:59:03.0282 0x10a4  uagp35 - ok
09:59:03.0313 0x10a4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:59:03.0376 0x10a4  udfs - ok
09:59:03.0407 0x10a4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:59:03.0454 0x10a4  UI0Detect - ok
09:59:03.0485 0x10a4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:59:03.0516 0x10a4  uliagpkx - ok
09:59:03.0547 0x10a4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:59:03.0578 0x10a4  umbus - ok
09:59:03.0594 0x10a4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:59:03.0641 0x10a4  UmPass - ok
09:59:03.0828 0x10a4  [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:59:03.0937 0x10a4  UNS - ok
09:59:03.0968 0x10a4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:59:04.0046 0x10a4  upnphost - ok
09:59:04.0093 0x10a4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
09:59:04.0140 0x10a4  usbaudio - ok
09:59:04.0187 0x10a4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:59:04.0202 0x10a4  usbccgp - ok
09:59:04.0249 0x10a4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:59:04.0265 0x10a4  usbcir - ok
09:59:04.0296 0x10a4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:59:04.0343 0x10a4  usbehci - ok
09:59:04.0374 0x10a4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:59:04.0452 0x10a4  usbhub - ok
09:59:04.0483 0x10a4  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:59:04.0514 0x10a4  usbohci - ok
09:59:04.0546 0x10a4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:59:04.0592 0x10a4  usbprint - ok
09:59:04.0624 0x10a4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:59:04.0670 0x10a4  usbscan - ok
09:59:04.0733 0x10a4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:59:04.0795 0x10a4  USBSTOR - ok
09:59:04.0811 0x10a4  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:59:04.0858 0x10a4  usbuhci - ok
09:59:04.0889 0x10a4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
09:59:04.0936 0x10a4  usbvideo - ok
09:59:04.0951 0x10a4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
09:59:05.0014 0x10a4  UxSms - ok
09:59:05.0123 0x10a4  [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
09:59:05.0170 0x10a4  VAIO Event Service - ok
09:59:05.0310 0x10a4  [ EF7CF87F940F9104A3079F839BDC60C5, 12C458454DE960F5C2C3351E2D60B2536AFBB7A005AC6327945A3F69BD43FA66 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
09:59:05.0388 0x10a4  VAIO Power Management - ok
09:59:05.0419 0x10a4  [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc        C:\Windows\system32\lsass.exe
09:59:05.0466 0x10a4  VaultSvc - ok
09:59:05.0591 0x10a4  [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
09:59:05.0638 0x10a4  VBoxAswDrv - ok
09:59:05.0684 0x10a4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:59:05.0731 0x10a4  vdrvroot - ok
09:59:05.0778 0x10a4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
09:59:05.0856 0x10a4  vds - ok
09:59:05.0887 0x10a4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:59:05.0918 0x10a4  vga - ok
09:59:05.0934 0x10a4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:59:05.0981 0x10a4  VgaSave - ok
09:59:06.0012 0x10a4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:59:06.0059 0x10a4  vhdmp - ok
09:59:06.0090 0x10a4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:59:06.0121 0x10a4  viaide - ok
09:59:06.0168 0x10a4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:59:06.0215 0x10a4  volmgr - ok
09:59:06.0230 0x10a4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:59:06.0277 0x10a4  volmgrx - ok
09:59:06.0277 0x10a4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:59:06.0324 0x10a4  volsnap - ok
09:59:06.0371 0x10a4  [ 8F1E531D36D95B0586DA00D546AB8B9A, 206C568E3698096D2C2C2E5BAB53382B74DEF2B354E6029E7C34912A55A0897C ] Vsdatant        C:\Windows\system32\DRIVERS\vsdatant.sys
09:59:06.0418 0x10a4  Vsdatant - ok
09:59:06.0589 0x10a4  [ EA02B9C499A795AD537E25F7C9612194, 44AE3BDBFB9CB3904387001E4937C3687D1FFD66F830A42E5F8C4CE2542BC2EC ] vsmon           C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
09:59:06.0745 0x10a4  vsmon - ok
09:59:06.0776 0x10a4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:59:06.0823 0x10a4  vsmraid - ok
09:59:06.0932 0x10a4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
09:59:07.0073 0x10a4  VSS - ok
09:59:07.0104 0x10a4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
09:59:07.0151 0x10a4  vwifibus - ok
09:59:07.0182 0x10a4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:59:07.0244 0x10a4  vwififlt - ok
09:59:07.0260 0x10a4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
09:59:07.0307 0x10a4  vwifimp - ok
09:59:07.0369 0x10a4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
09:59:07.0463 0x10a4  W32Time - ok
09:59:07.0478 0x10a4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:59:07.0494 0x10a4  WacomPen - ok
09:59:07.0525 0x10a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:59:07.0588 0x10a4  WANARP - ok
09:59:07.0588 0x10a4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:59:07.0634 0x10a4  Wanarpv6 - ok
09:59:07.0744 0x10a4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:59:07.0837 0x10a4  WatAdminSvc - ok
09:59:07.0946 0x10a4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:59:08.0056 0x10a4  wbengine - ok
09:59:08.0071 0x10a4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:59:08.0102 0x10a4  WbioSrvc - ok
09:59:08.0118 0x10a4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:59:08.0180 0x10a4  wcncsvc - ok
09:59:08.0212 0x10a4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:59:08.0258 0x10a4  WcsPlugInService - ok
09:59:08.0290 0x10a4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
09:59:08.0321 0x10a4  Wd - ok
09:59:08.0399 0x10a4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:59:08.0461 0x10a4  Wdf01000 - ok
09:59:08.0492 0x10a4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:59:08.0539 0x10a4  WdiServiceHost - ok
09:59:08.0539 0x10a4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:59:08.0570 0x10a4  WdiSystemHost - ok
09:59:08.0602 0x10a4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
09:59:08.0664 0x10a4  WebClient - ok
09:59:08.0695 0x10a4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:59:08.0758 0x10a4  Wecsvc - ok
09:59:08.0789 0x10a4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:59:08.0836 0x10a4  wercplsupport - ok
09:59:08.0882 0x10a4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:59:08.0960 0x10a4  WerSvc - ok
09:59:08.0992 0x10a4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:59:09.0038 0x10a4  WfpLwf - ok
09:59:09.0054 0x10a4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:59:09.0070 0x10a4  WIMMount - ok
09:59:09.0085 0x10a4  WinDefend - ok
09:59:09.0101 0x10a4  WinHttpAutoProxySvc - ok
09:59:09.0163 0x10a4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:59:09.0304 0x10a4  Winmgmt - ok
09:59:09.0413 0x10a4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
09:59:09.0553 0x10a4  WinRM - ok
09:59:09.0616 0x10a4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:59:09.0694 0x10a4  WinUsb - ok
09:59:09.0772 0x10a4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:59:09.0865 0x10a4  Wlansvc - ok
09:59:09.0881 0x10a4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:59:09.0928 0x10a4  WmiAcpi - ok
09:59:09.0959 0x10a4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:59:10.0006 0x10a4  wmiApSrv - ok
09:59:10.0021 0x10a4  WMPNetworkSvc - ok
09:59:10.0068 0x10a4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:59:10.0131 0x10a4  WPCSvc - ok
09:59:10.0162 0x10a4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:59:10.0193 0x10a4  WPDBusEnum - ok
09:59:10.0209 0x10a4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:59:10.0271 0x10a4  ws2ifsl - ok
09:59:10.0302 0x10a4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
09:59:10.0349 0x10a4  wscsvc - ok
09:59:10.0349 0x10a4  WSearch - ok
09:59:10.0427 0x10a4  [ CF1F52298E621F0B4ABB71A4F8D16776, 34E701C563457536B1227BE111843C65AF84D41D5DE48A0486F90E01BBDABD9D ] WTGService      C:\Program Files (x86)\3DataManager\WTGService.exe
09:59:10.0505 0x10a4  WTGService - ok
09:59:10.0630 0x10a4  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:59:10.0770 0x10a4  wuauserv - ok
09:59:10.0801 0x10a4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:59:10.0864 0x10a4  WudfPf - ok
09:59:10.0911 0x10a4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:59:10.0973 0x10a4  WUDFRd - ok
09:59:10.0989 0x10a4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:59:11.0051 0x10a4  wudfsvc - ok
09:59:11.0082 0x10a4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:59:11.0113 0x10a4  WwanSvc - ok
09:59:11.0160 0x10a4  [ 06C2D86214E0D3590F288D18365EFE04, 2405E924B3C5648EF69103DB339F3F385797C8763C1C31B549505E62D8E903E8 ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
09:59:11.0176 0x10a4  ZAPrivacyService - ok
09:59:11.0223 0x10a4  ================ Scan global ===============================
09:59:11.0254 0x10a4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:59:11.0285 0x10a4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:59:11.0301 0x10a4  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:59:11.0347 0x10a4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:59:11.0394 0x10a4  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:59:11.0410 0x10a4  [ Global ] - ok
09:59:11.0410 0x10a4  ================ Scan MBR ==================================
09:59:11.0425 0x10a4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:59:11.0737 0x10a4  \Device\Harddisk0\DR0 - ok
09:59:12.0829 0x10a4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
09:59:12.0923 0x10a4  \Device\Harddisk1\DR1 - ok
09:59:12.0923 0x10a4  ================ Scan VBR ==================================
09:59:12.0954 0x10a4  [ C7F3D91EFE84127BA11BE8BEDEC48934 ] \Device\Harddisk0\DR0\Partition1
09:59:12.0954 0x10a4  \Device\Harddisk0\DR0\Partition1 - ok
09:59:12.0954 0x10a4  [ 6C38AE8759EF61F6B140F23B37C1CA40 ] \Device\Harddisk1\DR1\Partition1
09:59:12.0970 0x10a4  \Device\Harddisk1\DR1\Partition1 - ok
09:59:12.0970 0x10a4  ================ Scan generic autorun ======================
09:59:13.0001 0x10a4  [ D3E38DCD73E8F6C529F10802654F81B5, 1E5DCDEC809C8F6C7325B5F64966623745D83B18C59686CD9979472F16AC1E3A ] C:\Windows\system32\igfxtray.exe
09:59:13.0048 0x10a4  IgfxTray - ok
09:59:13.0079 0x10a4  [ 29B73F389AE0B9C7581EB71ED1ACFA22, 2F2BAB6A673439638FBB25CAA1A57F7EC62C023066574892BC83405669DE9044 ] C:\Windows\system32\hkcmd.exe
09:59:13.0141 0x10a4  HotKeysCmds - ok
09:59:13.0173 0x10a4  [ EF841D467E5DE7D096A507C345C259BC, 8571925382B59CA598A4063621A3BB59FBCE75DF705FAA4547F12827545AA0EA ] C:\Windows\system32\igfxpers.exe
09:59:13.0219 0x10a4  Persistence - ok
09:59:13.0360 0x10a4  [ D26F58CAD288E92A45A0F8517179B6A4, 50CD7E8CB80224D187ED8CDEA800FC964631DEA45616F1B53624D632DB1A9A55 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
09:59:13.0453 0x10a4  IntelWireless - ok
09:59:13.0485 0x10a4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:59:13.0531 0x10a4  Logitech Download Assistant - ok
09:59:13.0641 0x10a4  [ C973B2FC3E6B97C54CF633A4517C076A, 1350B2863A720309C0F653E97EF2129A8956294D8360BBA566EF3D92173E7F63 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
09:59:13.0719 0x10a4  StartCCC - ok
09:59:13.0828 0x10a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:59:13.0953 0x10a4  Sidebar - ok
09:59:13.0984 0x10a4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:59:14.0046 0x10a4  mctadmin - ok
09:59:14.0077 0x10a4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:59:14.0155 0x10a4  Sidebar - ok
09:59:14.0155 0x10a4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:59:14.0187 0x10a4  mctadmin - ok
09:59:14.0904 0x10a4  [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe
09:59:15.0201 0x10a4  CCleaner Monitoring - ok
09:59:15.0201 0x10a4  Waiting for KSN requests completion. In queue: 119
09:59:16.0215 0x10a4  Waiting for KSN requests completion. In queue: 119
09:59:17.0229 0x10a4  Waiting for KSN requests completion. In queue: 119
09:59:18.0336 0x10a4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated )
09:59:18.0336 0x10a4  FW detected via SS2: ZoneAlarm Free Firewall Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.3.52.0 ), 0x41010 ( enabled )
09:59:18.0711 0x10a4  ============================================================
09:59:18.0711 0x10a4  Scan finished
09:59:18.0711 0x10a4  ============================================================
09:59:18.0726 0x1ab8  Detected object count: 0
09:59:18.0726 0x1ab8  Actual detected object count: 0
         

Alt 07.03.2015, 18:36   #8
schrauber
/// the machine
/// TB-Ausbilder
 

CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.03.2015, 13:06   #9
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Hallo Schrauber,

danke für das Programm. Das ist ja richtig gut.

Nach der Installierung habe ich Deine angebenen Anweisungen befolgt. Der Lüfter wird laut, wenn der Firefox an ist und ich surfe. Stärker wird´s mit dem Shockwave-Player. Da wird der CPU bis 60% beansprucht, wovon der Firefox etwa 30% einnimmt.

Außerdem läuft da ein System Idle Process, der bis über 90% der CPU-Leistung beansprucht (Siehe Bild).

Wenn ich dann noch den Thunderbird aufmache wird es richtig laut.
Andere, stärkere, Beanspruchungen sind Word mit Excel zusammen. Allerdings habe ich teilweise ziemlich große Dateien mit vielen Berechnungen, Hyperlinks, etc.

Kannst Du etwas damit anfangen?

Gruß
Bennie
Miniaturansicht angehängter Grafiken
-systemidleprocess.jpg  

Alt 13.03.2015, 15:34   #10
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Jetzt habe ich noch etwas hinzuzufügen. Bei starker Beanspruchung durch Youtube geht der system Idle Process runter, während die CPU-Auslastung steigt (über bis auf 60%; siehe Bild).

Neben Firefox wird auch ein SearchFilterHost.exe als Hauptaulaster des CPU angegeben.

Während dessen läuft der Lüfter sehr lange und laut.


Gruß
Bennie
Miniaturansicht angehängter Grafiken
-filterhost.jpg  

Alt 13.03.2015, 18:02   #11
schrauber
/// the machine
/// TB-Ausbilder
 

CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen


Und WIndows Search Indizierung abschalten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.05.2015, 11:33   #12
Bennie
 
CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Hallo Schrauber,

es ist jetzt eine Weile her, dass ich mich zuletzt meldete. Aber ich will mich nochmal bedanken für die Hilfe. Nach der Neuinstallation von Firefox lief mein Rechner viel leiser, da weniger beansprucht.

LG
Bennie

Alt 09.05.2015, 08:22   #13
schrauber
/// the machine
/// TB-Ausbilder
 

CPU sark beansprucht! Lüfter laut! - Standard

CPU sark beansprucht! Lüfter laut!



Dann räumen wir noch auf


Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu CPU sark beansprucht! Lüfter laut!
antivirus, avast, browser, cpu, defender, desktop, explorer, firefox, flash player, helper.exe, home, installation, mozilla, programm, realtek, registry, registry key, rundll, security, services.exe, software, superantispyware, svchost.exe, system, temp, tracker, windows, winlogon.exe



Ähnliche Themen: CPU sark beansprucht! Lüfter laut!


  1. Windows 7 Lüfter durchgehend laut CPU Auslastung gering - PC neu aufgesetzt nach Virenbefall
    Log-Analyse und Auswertung - 19.02.2015 (18)
  2. Datenträger 100% beansprucht wegen svchost
    Log-Analyse und Auswertung - 15.01.2015 (11)
  3. Windows 8.1: Dienst "Geräteinstallations-Manager" (DsmSvc) beansprucht 20-30% CPU-Auslastung im Ruhezustand
    Plagegeister aller Art und deren Bekämpfung - 20.05.2014 (15)
  4. Lüfter nach manueller svchost.exe-Behandlung sehr laut - Virus?
    Log-Analyse und Auswertung - 23.01.2014 (3)
  5. Lüfter laut, CPU- und Arbeitsspeicherauslastung hoch
    Plagegeister aller Art und deren Bekämpfung - 25.09.2012 (5)
  6. CPU Lüfter (vielleicht Grafikkarte) sehr laut
    Netzwerk und Hardware - 22.07.2012 (17)
  7. CPU Lüfter zu laut
    Netzwerk und Hardware - 09.07.2012 (8)
  8. Laptop Lüfter rattert auf eine art und ist extrem laut
    Netzwerk und Hardware - 21.05.2012 (9)
  9. Lüfter sehr laut, Laut Highjackthis-Analyse Schadsoftware auf Laptop
    Log-Analyse und Auswertung - 05.12.2011 (10)
  10. Lüfter wird laut :/
    Netzwerk und Hardware - 16.11.2011 (1)
  11. Lüfter extrem laut
    Log-Analyse und Auswertung - 07.07.2010 (18)
  12. Lüfter zu laut
    Netzwerk und Hardware - 07.06.2009 (8)
  13. Th32.exe beansprucht das ganze system! Hilfe
    Plagegeister aller Art und deren Bekämpfung - 09.01.2009 (0)
  14. Gehäuse Lüfter
    Netzwerk und Hardware - 01.11.2007 (5)
  15. Lüfter
    Netzwerk und Hardware - 26.10.2007 (3)
  16. Selbsteinbau von PC Lüfter
    Netzwerk und Hardware - 21.02.2007 (4)
  17. Lüfter
    Netzwerk und Hardware - 27.06.2005 (10)

Zum Thema CPU sark beansprucht! Lüfter laut! - Hallo zusammen, der Lüfter meines Laptops läuft ständig, auch wenn ich nur ein Programm, wie Word, geöffnet habe. Mein Betriebssytem ist Windows 7 64-bit. Den Anweisungen zu Folge habe ich - CPU sark beansprucht! Lüfter laut!...
Archiv
Du betrachtest: CPU sark beansprucht! Lüfter laut! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.