Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Rechner sehr langsam... Schadsoftware?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 16.02.2016, 18:19   #1
rogi
 
Rechner sehr langsam... Schadsoftware? - Standard

Rechner sehr langsam... Schadsoftware?



Hallo,
in der letzten Zeit ist mein Rechner total langsam geworden, insbesondere beim Surfen mit Mozilla..
Hier die Logdaten..
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von User (Administrator) auf USER-PC (16-02-2016 18:16:45)
Gestartet von C:\Users\User\Desktop\Trojaner Board\Software
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files (x86)\MKVToolNix\mmg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-09-07] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\Run: [HP Officejet 6500 E710a-f (NET) #2] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd)
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\MountPoints2: {af71f376-ead3-11e2-a1bd-68b599f75435} - G:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.69.100.109 80.69.100.205
Tcpip\..\Interfaces\{8FBEAC2B-F251-45B5-AFC9-DFBA5B1E82B9}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{A52F3BDA-9BC2-4DDC-B25C-07978C98DEC2}: [DhcpNameServer] 80.69.102.158 80.69.100.205
Tcpip\..\Interfaces\{B2B268F7-5B1E-4D6E-BDD2-9338974D3137}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{E263C5B3-D08D-42C1-BE79-6D2EA2FD1A9C}: [DhcpNameServer] 80.69.100.109 80.69.100.205

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3016557714-3445558072-1501865236-1000 -> {1D2814DD-9EEC-9328-ACF5-019A951302FD} URL = 
SearchScopes: HKU\S-1-5-21-3016557714-3445558072-1501865236-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = 
SearchScopes: HKU\S-1-5-21-3016557714-3445558072-1501865236-1000 -> {D6886659-B755-4CF0-B7DF-E66265ED1284} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-09-26] (Wondershare)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-27] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Keine Datei
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c1icl002.default
FF Homepage: www.t-online.de
FF NetworkProxy: "autoconfig_url", "hxxp://share-online.biz/"
FF NetworkProxy: "backup.ftp", "176.57.216.214"
FF NetworkProxy: "backup.ftp_port", 13229
FF NetworkProxy: "backup.socks", "176.57.216.214"
FF NetworkProxy: "backup.socks_port", 13229
FF NetworkProxy: "backup.ssl", "176.57.216.214"
FF NetworkProxy: "backup.ssl_port", 13229
FF NetworkProxy: "ftp", "201.20.183.218"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "201.20.183.218"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost.127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "201.20.183.218"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "201.20.183.218"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120215-0402 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-12-16] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.t-online.de/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Polinolik) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdlkgdfnfknoggcofedgbgkmihlljof [2016-01-08]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Color change Elpais.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpdeacamddgmbaabblmdakmjaegcihfp [2016-01-22]
CHR Extension: (Color change Reddit.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fobganfgpicceldbkkcbmdgdhajcfcko [2016-01-26]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Color change MSN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjcnemhepiocifbibahamenpbggdijc [2016-01-16]
CHR Extension: (Веб Защитник) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgohccogoodegafphlkecagmlaiocceb [2016-01-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2015-12-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [58880 2008-07-31] (Infineon Technologies AG)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [76288 2009-09-24] (REDC)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-03-14] (Realtek Semiconductor Corporation                           )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2976472 2013-09-02] (Realtek Semiconductor Corporation                           )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-06-03] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-21] (Duplex Secure Ltd.)
U3 ae6vf9u9; C:\Windows\System32\Drivers\ae6vf9u9.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
U3 akfcn98a; C:\Windows\System32\Drivers\akfcn98a.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-15 05:31 - 2016-02-15 05:54 - 00000000 ____D C:\Users\User\Downloads\Nele in Berlin - DVDRip - x264 2015
2016-02-14 21:21 - 2016-02-14 21:32 - 00000000 ____D C:\Users\User\Downloads\Barbie in Das Agententeam - Synced DVDRip - x264 und XViD 2016
2016-02-13 03:13 - 2016-02-13 03:13 - 11815203 _____ C:\Users\User\Downloads\faz 2016.02.13.pdf
2016-02-10 00:28 - 2016-02-10 01:28 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-08 05:22 - 2016-02-15 11:45 - 00014145 ____H C:\Users\User\Downloads\~WRL0810.tmp
2016-02-07 22:35 - 2016-02-07 22:35 - 66734486 _____ C:\Users\User\Downloads\S-u-n-d-a-y- S-p-o-r-t - 7 February 2016.pdf
2016-02-06 08:12 - 2016-02-06 08:12 - 08189167 _____ C:\Users\User\Downloads\faz 2016.02.06.pdf
2016-02-04 02:56 - 2016-02-04 02:56 - 01153701 _____ C:\Users\User\Downloads\filesharing_linhart.pdf
2016-02-03 19:42 - 2016-02-03 19:42 - 00031525 _____ C:\Users\User\Downloads\Konto_1095001862-Auszug_2016_002.PDF
2016-01-30 03:19 - 2016-01-30 03:19 - 13817037 _____ C:\Users\User\Downloads\faz 2016.01.30.pdf
2016-01-27 03:09 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-01-27 03:09 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-01-27 03:09 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-01-27 03:09 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-01-27 03:09 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-01-27 03:09 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-01-27 03:07 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-27 03:07 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-27 03:07 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-27 03:07 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-27 03:07 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-27 03:07 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-27 03:07 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-27 03:07 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-27 03:07 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-27 03:07 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-27 03:07 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-27 03:07 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-01-27 03:07 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-27 03:07 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-27 03:07 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-27 03:06 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-27 03:06 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-27 03:06 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-27 03:06 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-27 03:06 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-27 03:06 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-27 03:06 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-27 03:06 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-27 03:06 - 2015-12-16 15:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-27 03:06 - 2015-12-16 15:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-01-27 03:06 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-01-27 03:06 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-01-27 03:06 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-01-27 03:06 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-01-27 03:06 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-01-27 03:06 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-01-27 03:06 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-01-27 03:06 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-01-27 03:06 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-01-27 03:06 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-01-27 03:06 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-01-27 03:06 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-01-27 03:06 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-01-27 03:06 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-01-27 03:06 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-01-27 03:06 - 2015-08-05 19:02 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-27 03:06 - 2015-08-05 19:02 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-27 03:06 - 2015-08-05 18:56 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-27 03:06 - 2015-08-05 17:38 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-27 03:06 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-01-27 03:06 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-01-27 03:06 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-01-27 03:06 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-27 03:05 - 2015-08-05 18:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-27 03:05 - 2015-08-05 18:55 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-27 03:05 - 2015-08-05 18:50 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-27 03:05 - 2015-08-05 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-27 03:05 - 2015-08-05 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-27 03:05 - 2015-08-05 18:39 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-27 03:05 - 2015-08-05 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-27 03:05 - 2015-08-05 18:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-27 03:05 - 2015-08-05 18:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-27 03:05 - 2015-08-05 18:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-27 03:05 - 2015-08-05 18:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-27 03:05 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-01-27 03:05 - 2015-08-05 17:37 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-27 03:05 - 2015-08-05 17:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-27 03:05 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-27 02:56 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-27 02:56 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-27 02:56 - 2015-11-17 01:58 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-27 02:56 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-25 01:24 - 2016-01-29 16:37 - 00000000 ____D C:\Users\User\Downloads\Bibi und Tina - Teil 3 -Mädchen gegen Jungs - Soundtrack
2016-01-23 11:34 - 2016-01-23 11:34 - 13755692 _____ C:\Users\User\Downloads\faz 2016.01.23.pdf
2016-01-20 06:05 - 2015-12-09 08:08 - 00025831 _____ C:\Users\User\Desktop\Bewerberkosten_Abrechnungsformular  mit IBAN 2015vvv.PDF
2016-01-19 05:44 - 2016-01-19 05:44 - 00111536 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-19 05:43 - 2016-01-30 13:45 - 05057408 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-16 18:16 - 2015-08-10 15:26 - 00000000 ____D C:\FRST
2016-02-16 17:28 - 2013-05-30 20:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-16 17:22 - 2016-01-08 17:04 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-16 09:04 - 2009-07-14 05:45 - 00016000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-16 09:04 - 2009-07-14 05:45 - 00016000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-16 06:21 - 2016-01-08 17:04 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-16 02:17 - 2014-02-08 11:12 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-02-15 23:55 - 2015-10-03 04:21 - 00000000 ___RD C:\Users\User\Downloads\Source
2016-02-15 07:53 - 2011-11-12 08:48 - 00000000 ___RD C:\Users\User\Downloads\Musik
2016-02-15 04:22 - 2009-07-14 18:58 - 00704252 _____ C:\Windows\system32\perfh007.dat
2016-02-15 04:22 - 2009-07-14 18:58 - 00151358 _____ C:\Windows\system32\perfc007.dat
2016-02-15 04:22 - 2009-07-14 06:13 - 01632858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-15 04:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-15 04:00 - 2014-08-26 03:52 - 00000000 ___RD C:\Users\User\Downloads\Neuere Progs - Installation ab und an prüfen oder archivieren auf HDD
2016-02-14 23:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-14 21:40 - 2014-11-18 07:15 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2016-02-14 20:35 - 2015-10-14 23:40 - 00000000 ___RD C:\Users\User\Downloads\Serien Poster und Links zu abload.de
2016-02-12 08:58 - 2015-02-03 10:50 - 00000000 ____D C:\Users\User\AppData\Local\JDownloader v2.0
2016-02-10 21:36 - 2016-01-08 17:05 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 21:36 - 2016-01-08 17:05 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 06:17 - 2016-01-08 17:04 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-10 06:16 - 2016-01-08 17:04 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-10 01:28 - 2013-05-30 20:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 01:28 - 2013-04-19 18:59 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 01:28 - 2013-04-19 18:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-08 05:01 - 2015-11-04 11:42 - 00073728 ___SH C:\Users\User\Thumbs.db
2016-02-06 11:24 - 2013-04-21 18:56 - 00000000 ____D C:\Users\User\AppData\Local\PokerStars.EU
2016-02-06 11:22 - 2013-04-21 18:14 - 00000000 ____D C:\Program Files (x86)\PokerStars
2016-02-03 23:29 - 2013-03-27 06:29 - 00000000 ___RD C:\Users\User\Downloads\Filme
2016-01-28 06:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-27 03:44 - 2015-08-02 05:31 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-27 03:29 - 2015-08-02 05:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-27 03:29 - 2015-08-02 05:31 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-27 03:29 - 2014-04-24 02:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-27 03:17 - 2013-04-17 10:45 - 01607138 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-01-27 02:47 - 2013-10-18 17:55 - 00000000 ____D C:\ProgramData\Oracle
2016-01-27 02:46 - 2013-10-18 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-27 02:46 - 2013-07-03 09:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-27 02:45 - 2015-09-06 02:33 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2016-01-27 02:45 - 2014-10-22 02:05 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-18 14:35 - 2013-04-16 16:24 - 00000000 ____D C:\Windows\Panther
2016-01-18 14:34 - 2014-02-19 09:24 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2016-01-18 14:34 - 2014-01-23 02:01 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam
2016-01-18 14:34 - 2013-09-19 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-18 14:34 - 2013-05-15 20:47 - 00000000 ____D C:\Users\User\AppData\Roaming\dvdcss
2016-01-18 14:34 - 2013-05-14 15:30 - 00000000 ___RD C:\Users\User\Documents\Eigene Dateien
2016-01-18 14:34 - 2013-04-19 21:26 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
2016-01-18 14:34 - 2013-04-19 20:53 - 00000000 ____D C:\Program Files\WinRAR
2016-01-18 14:34 - 2013-04-17 10:48 - 00000000 ____D C:\Users\User\AppData\Roaming\hpqLog
2016-01-18 14:33 - 2014-03-05 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-01-18 14:33 - 2014-02-15 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glidos
2016-01-18 14:33 - 2013-06-06 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-30 03:03 - 2014-04-30 03:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2014-05-17 21:00 - 2014-06-20 21:25 - 0006144 _____ () C:\Users\User\AppData\Roaming\com.apple.antiphishing.db
2013-06-06 02:41 - 2013-06-06 02:41 - 0000053 _____ () C:\Users\User\AppData\Roaming\java.bat
2013-06-06 02:41 - 2013-06-06 02:41 - 0000050 _____ () C:\Users\User\AppData\Roaming\java2.bat
2015-04-08 00:51 - 2015-10-28 19:24 - 0004096 ____H () C:\Users\User\AppData\Local\keyfile3.drm
2014-02-19 09:23 - 2014-02-19 09:23 - 0000057 _____ () C:\ProgramData\Ament.ini

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\User\AppData\Local\Temp\proxy_vole3697041688984848640.dll
C:\Users\User\AppData\Local\Temp\proxy_vole686741733397400976.dll
C:\Users\User\AppData\Local\Temp\proxy_vole8623840370079411159.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-14 23:44

==================== Ende von FRST.txt ============================
         

Alt 16.02.2016, 20:30   #2
burningice
/// Malwareteam
 
Rechner sehr langsam... Schadsoftware? - Standard

Rechner sehr langsam... Schadsoftware?




Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
Los geht's

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Bitte poste in deiner nächsten Antwort also:
  • Logfile von TDSSKiller
  • Frst.txt
  • Addition.txt
__________________

__________________

Alt 16.02.2016, 23:39   #3
rogi
 
Rechner sehr langsam... Schadsoftware? - Standard

Rechner sehr langsam... Schadsoftware?



Code:
ATTFilter
23:35:18.0682 0x11b0  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:35:29.0264 0x11b0  ============================================================
23:35:29.0265 0x11b0  Current date / time: 2016/02/16 23:35:29.0264
23:35:29.0265 0x11b0  SystemInfo:
23:35:29.0265 0x11b0  
23:35:29.0265 0x11b0  OS Version: 6.1.7601 ServicePack: 1.0
23:35:29.0265 0x11b0  Product type: Workstation
23:35:29.0265 0x11b0  ComputerName: USER-PC
23:35:29.0265 0x11b0  UserName: User
23:35:29.0265 0x11b0  Windows directory: C:\Windows
23:35:29.0265 0x11b0  System windows directory: C:\Windows
23:35:29.0265 0x11b0  Running under WOW64
23:35:29.0265 0x11b0  Processor architecture: Intel x64
23:35:29.0265 0x11b0  Number of processors: 2
23:35:29.0265 0x11b0  Page size: 0x1000
23:35:29.0265 0x11b0  Boot type: Normal boot
23:35:29.0265 0x11b0  ============================================================
23:35:34.0947 0x11b0  KLMD registered as C:\Windows\system32\drivers\41903113.sys
23:35:36.0649 0x11b0  System UUID: {9FF96C3F-306F-85E2-867F-42061A99B5B3}
23:35:38.0209 0x11b0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:35:38.0426 0x11b0  Drive \Device\Harddisk2\DR2 - Size: 0x3AEC00000 ( 14.73 Gb ), SectorSize: 0x200, Cylinders: 0x782, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:46.0709 0x11b0  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:46.0769 0x11b0  Drive \Device\Harddisk4\DR14 - Size: 0xE76000000 ( 57.84 Gb ), SectorSize: 0x200, Cylinders: 0x1D7F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:56.0188 0x11b0  Drive \Device\Harddisk6\DR6 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:56.0781 0x11b0  Drive \Device\Harddisk7\DR7 - Size: 0x2BAA1475000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:35:56.0782 0x11b0  ============================================================
23:35:56.0782 0x11b0  \Device\Harddisk0\DR0:
23:35:56.0805 0x11b0  MBR partitions:
23:35:56.0805 0x11b0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:35:56.0805 0x11b0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
23:35:56.0805 0x11b0  \Device\Harddisk2\DR2:
23:35:56.0805 0x11b0  MBR partitions:
23:35:56.0805 0x11b0  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x2000, BlocksNum 0x1D76000
23:35:56.0805 0x11b0  \Device\Harddisk3\DR3:
23:35:56.0806 0x11b0  MBR partitions:
23:35:56.0806 0x11b0  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
23:35:56.0806 0x11b0  \Device\Harddisk4\DR14:
23:35:56.0807 0x11b0  MBR partitions:
23:35:56.0807 0x11b0  \Device\Harddisk4\DR14\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x73AFFE0
23:35:56.0807 0x11b0  \Device\Harddisk6\DR6:
23:35:56.0807 0x11b0  MBR partitions:
23:35:56.0807 0x11b0  \Device\Harddisk6\DR6\Partition1: MBR, Type 0xC, StartLBA 0x100, BlocksNum 0x2BAA0920
23:35:56.0807 0x11b0  \Device\Harddisk7\DR7:
23:35:56.0808 0x11b0  MBR partitions:
23:35:56.0808 0x11b0  \Device\Harddisk7\DR7\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1200
23:35:56.0808 0x11b0  ============================================================
23:35:56.0831 0x11b0  C: <-> \Device\Harddisk0\DR0\Partition2
23:35:56.0899 0x11b0  H: <-> \Device\Harddisk7\DR7\Partition1
23:35:56.0913 0x11b0  I: <-> \Device\Harddisk6\DR6\Partition1
23:35:57.0027 0x11b0  S: <-> \Device\Harddisk3\DR3\Partition1
23:35:57.0070 0x11b0  ============================================================
23:35:57.0071 0x11b0  Initialize success
23:35:57.0071 0x11b0  ============================================================
23:36:54.0193 0x08d4  ============================================================
23:36:54.0193 0x08d4  Scan started
23:36:54.0193 0x08d4  Mode: Manual; SigCheck; TDLFS; 
23:36:54.0193 0x08d4  ============================================================
23:36:54.0193 0x08d4  KSN ping started
23:37:07.0864 0x08d4  KSN ping finished: true
23:37:12.0117 0x08d4  ================ Scan system memory ========================
23:37:12.0118 0x08d4  System memory - ok
23:37:12.0118 0x08d4  ================ Scan services =============================
23:37:12.0286 0x08d4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:37:12.0459 0x08d4  1394ohci - ok
23:37:12.0503 0x08d4  [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
23:37:12.0524 0x08d4  Accelerometer - ok
23:37:12.0575 0x08d4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:37:12.0605 0x08d4  ACPI - ok
23:37:12.0628 0x08d4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:37:12.0745 0x08d4  AcpiPmi - ok
23:37:12.0887 0x08d4  [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:37:12.0904 0x08d4  AdobeFlashPlayerUpdateSvc - ok
23:37:12.0955 0x08d4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:37:12.0988 0x08d4  adp94xx - ok
23:37:13.0019 0x08d4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:37:13.0038 0x08d4  adpahci - ok
23:37:13.0059 0x08d4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:37:13.0075 0x08d4  adpu320 - ok
23:37:13.0128 0x08d4  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:37:13.0199 0x08d4  AeLookupSvc - ok
23:37:13.0344 0x08d4  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters     C:\Program Files\IDT\WDM\AESTSr64.exe
23:37:13.0434 0x08d4  AESTFilters - ok
23:37:13.0479 0x08d4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
23:37:13.0572 0x08d4  AFD - ok
23:37:13.0641 0x08d4  [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
23:37:13.0710 0x08d4  AgereModemAudio - ok
23:37:13.0757 0x08d4  [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
23:37:13.0835 0x08d4  AgereSoftModem - ok
23:37:13.0895 0x08d4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:37:13.0907 0x08d4  agp440 - ok
23:37:13.0931 0x08d4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:37:14.0008 0x08d4  ALG - ok
23:37:14.0061 0x08d4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:37:14.0072 0x08d4  aliide - ok
23:37:14.0087 0x08d4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:37:14.0099 0x08d4  amdide - ok
23:37:14.0121 0x08d4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:37:14.0183 0x08d4  AmdK8 - ok
23:37:14.0202 0x08d4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:37:14.0233 0x08d4  AmdPPM - ok
23:37:14.0268 0x08d4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:37:14.0282 0x08d4  amdsata - ok
23:37:14.0312 0x08d4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:37:14.0329 0x08d4  amdsbs - ok
23:37:14.0341 0x08d4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:37:14.0352 0x08d4  amdxata - ok
23:37:14.0400 0x08d4  [ E71711D37C48AC40FD3E2866A5ABBA51, C85DB75741B17A0A84B045DC461B5A6C5EA2A34BCD661107D355CE8DF4A29E03 ] anvsnddrv       C:\Windows\system32\drivers\anvsnddrv.sys
23:37:14.0412 0x08d4  anvsnddrv - ok
23:37:14.0453 0x08d4  [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys
23:37:14.0464 0x08d4  Apowersoft_AudioDevice - ok
23:37:14.0522 0x08d4  [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID           C:\Windows\system32\drivers\appid.sys
23:37:14.0634 0x08d4  AppID - ok
23:37:14.0669 0x08d4  [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:37:14.0706 0x08d4  AppIDSvc - ok
23:37:14.0754 0x08d4  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
23:37:14.0823 0x08d4  Appinfo - ok
23:37:14.0926 0x08d4  [ 2D564BB1C4559A517B390A031955714D, 3048C187FD107C958D43DD8B954AB55FDD1BC538D3E0066CBFCB428C7A8A87E1 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:37:14.0937 0x08d4  Apple Mobile Device Service - ok
23:37:14.0983 0x08d4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:37:15.0094 0x08d4  AppMgmt - ok
23:37:15.0135 0x08d4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:37:15.0147 0x08d4  arc - ok
23:37:15.0185 0x08d4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:37:15.0199 0x08d4  arcsas - ok
23:37:15.0343 0x08d4  [ 660D597B7A78256734D7F3230B21B355, CAA19E8EFAD63B8975A4CD8EFD5CE5F21E056856D36BC5A9E48517F1E574ABBA ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:37:15.0434 0x08d4  aspnet_state - ok
23:37:15.0460 0x08d4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:37:15.0586 0x08d4  AsyncMac - ok
23:37:15.0639 0x08d4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:37:15.0650 0x08d4  atapi - ok
23:37:15.0708 0x08d4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:37:15.0842 0x08d4  AudioEndpointBuilder - ok
23:37:15.0872 0x08d4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:37:15.0899 0x08d4  AudioSrv - ok
23:37:15.0993 0x08d4  [ 7692F4B242E45870873CAF4CB85CF769, 9D28627FD73F62134792528A9D2F2FCCBB0FDD7E45D8D7D816B9FC3C07AE4CA2 ] AxAutoMntSrv    C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe
23:37:16.0004 0x08d4  AxAutoMntSrv - ok
23:37:16.0063 0x08d4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:37:16.0191 0x08d4  AxInstSV - ok
23:37:16.0241 0x08d4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:37:16.0334 0x08d4  b06bdrv - ok
23:37:16.0370 0x08d4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:37:16.0411 0x08d4  b57nd60a - ok
23:37:16.0484 0x08d4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:37:16.0589 0x08d4  BDESVC - ok
23:37:16.0596 0x08d4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:37:16.0652 0x08d4  Beep - ok
23:37:16.0762 0x08d4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:37:16.0864 0x08d4  BFE - ok
23:37:16.0902 0x08d4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:37:17.0158 0x08d4  BITS - ok
23:37:17.0186 0x08d4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:37:17.0227 0x08d4  blbdrive - ok
23:37:17.0322 0x08d4  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:37:17.0356 0x08d4  Bonjour Service - ok
23:37:17.0391 0x08d4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:37:17.0489 0x08d4  bowser - ok
23:37:17.0517 0x08d4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:37:17.0616 0x08d4  BrFiltLo - ok
23:37:17.0632 0x08d4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:37:17.0668 0x08d4  BrFiltUp - ok
23:37:17.0707 0x08d4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:37:17.0741 0x08d4  Browser - ok
23:37:17.0766 0x08d4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:37:17.0864 0x08d4  Brserid - ok
23:37:17.0882 0x08d4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:37:17.0899 0x08d4  BrSerWdm - ok
23:37:17.0907 0x08d4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:37:17.0922 0x08d4  BrUsbMdm - ok
23:37:17.0933 0x08d4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:37:17.0967 0x08d4  BrUsbSer - ok
23:37:18.0032 0x08d4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
23:37:18.0124 0x08d4  BthEnum - ok
23:37:18.0143 0x08d4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:37:18.0177 0x08d4  BTHMODEM - ok
23:37:18.0221 0x08d4  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:37:18.0266 0x08d4  BthPan - ok
23:37:18.0306 0x08d4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
23:37:18.0388 0x08d4  BTHPORT - ok
23:37:18.0421 0x08d4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:37:18.0480 0x08d4  bthserv - ok
23:37:18.0507 0x08d4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
23:37:18.0542 0x08d4  BTHUSB - ok
23:37:18.0573 0x08d4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:37:18.0632 0x08d4  cdfs - ok
23:37:18.0696 0x08d4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:37:18.0734 0x08d4  cdrom - ok
23:37:18.0794 0x08d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:37:18.0831 0x08d4  CertPropSvc - ok
23:37:18.0864 0x08d4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:37:18.0913 0x08d4  circlass - ok
23:37:18.0957 0x08d4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:37:18.0988 0x08d4  CLFS - ok
23:37:19.0066 0x08d4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:37:19.0082 0x08d4  clr_optimization_v2.0.50727_32 - ok
23:37:19.0131 0x08d4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:37:19.0147 0x08d4  clr_optimization_v2.0.50727_64 - ok
23:37:19.0253 0x08d4  [ AB4CD527BEFCC43EE441E6C50CCE54C8, 13B776AE63049FFBA7E35EA0A4C26EBB57B10D973E05C4CF1214249754DC46E4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:37:19.0386 0x08d4  clr_optimization_v4.0.30319_32 - ok
23:37:19.0405 0x08d4  [ 1400C75FF021D6CFACE46AC41B60770E, 3FCB8D7714A79522F2738037D559F1FFFB2F05C5406D2A038EF5DDB4629CA1CE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:37:19.0459 0x08d4  clr_optimization_v4.0.30319_64 - ok
23:37:19.0500 0x08d4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:37:19.0538 0x08d4  CmBatt - ok
23:37:19.0582 0x08d4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:37:19.0594 0x08d4  cmdide - ok
23:37:19.0647 0x08d4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
23:37:19.0693 0x08d4  CNG - ok
23:37:19.0719 0x08d4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:37:19.0730 0x08d4  Compbatt - ok
23:37:19.0788 0x08d4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:37:19.0831 0x08d4  CompositeBus - ok
23:37:19.0857 0x08d4  COMSysApp - ok
23:37:19.0874 0x08d4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:37:19.0886 0x08d4  crcdisk - ok
23:37:19.0927 0x08d4  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:37:20.0027 0x08d4  CryptSvc - ok
23:37:20.0109 0x08d4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:37:20.0232 0x08d4  CSC - ok
23:37:20.0262 0x08d4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:37:20.0320 0x08d4  CscService - ok
23:37:20.0402 0x08d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:37:20.0488 0x08d4  DcomLaunch - ok
23:37:20.0543 0x08d4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:37:20.0618 0x08d4  defragsvc - ok
23:37:20.0656 0x08d4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:37:20.0718 0x08d4  DfsC - ok
23:37:20.0791 0x08d4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:37:20.0893 0x08d4  Dhcp - ok
23:37:20.0996 0x08d4  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
23:37:21.0138 0x08d4  DiagTrack - ok
23:37:21.0165 0x08d4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:37:21.0235 0x08d4  discache - ok
23:37:21.0303 0x08d4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:37:21.0314 0x08d4  Disk - ok
23:37:21.0341 0x08d4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:37:21.0418 0x08d4  Dnscache - ok
23:37:21.0461 0x08d4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:37:21.0522 0x08d4  dot3svc - ok
23:37:21.0567 0x08d4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:37:21.0629 0x08d4  DPS - ok
23:37:21.0685 0x08d4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:37:21.0736 0x08d4  drmkaud - ok
23:37:21.0803 0x08d4  [ 821BF177A24172F5F0EE9B322F58516C, 1455FFCA7448EACC0CD4263E57C80D62707A1A6B7D775566FB63AB066FBEA745 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:37:21.0820 0x08d4  dtsoftbus01 - ok
23:37:21.0880 0x08d4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:37:21.0927 0x08d4  DXGKrnl - ok
23:37:21.0985 0x08d4  [ 324FCD2DD8A4229DDEF3CC954FF12FA5, B5A5D8839846B31752C20819636940E85BCA0CE7110A83220676D9FB3C1B3EF0 ] e1kexpress      C:\Windows\system32\DRIVERS\e1k62x64.sys
23:37:22.0018 0x08d4  e1kexpress - ok
23:37:22.0052 0x08d4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:37:22.0110 0x08d4  EapHost - ok
23:37:22.0241 0x08d4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:37:22.0388 0x08d4  ebdrv - ok
23:37:22.0430 0x08d4  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] EFS             C:\Windows\System32\lsass.exe
23:37:22.0524 0x08d4  EFS - ok
23:37:22.0575 0x08d4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:37:22.0706 0x08d4  ehRecvr - ok
23:37:22.0731 0x08d4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:37:22.0795 0x08d4  ehSched - ok
23:37:22.0835 0x08d4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:37:22.0870 0x08d4  elxstor - ok
23:37:22.0903 0x08d4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:37:22.0936 0x08d4  ErrDev - ok
23:37:22.0980 0x08d4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:37:23.0079 0x08d4  EventSystem - ok
23:37:23.0110 0x08d4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:37:23.0170 0x08d4  exfat - ok
23:37:23.0245 0x08d4  [ 0EE1D766D9B671AB101978723FE3558B, 7144181AD870BBDD2CA1AAA9990ACE5760D35620A775713C27AAFD1D0245AA4C ] FARMNTIO        c:\windows\system32\drivers\farmntio.sys
23:37:23.0292 0x08d4  FARMNTIO - detected UnsignedFile.Multi.Generic ( 1 )
23:37:25.0905 0x08d4  Detect skipped due to KSN trusted
23:37:25.0905 0x08d4  FARMNTIO - ok
23:37:25.0919 0x08d4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:37:25.0988 0x08d4  fastfat - ok
23:37:26.0072 0x08d4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:37:26.0154 0x08d4  Fax - ok
23:37:26.0178 0x08d4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:37:26.0201 0x08d4  fdc - ok
23:37:26.0232 0x08d4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:37:26.0293 0x08d4  fdPHost - ok
23:37:26.0320 0x08d4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:37:26.0378 0x08d4  FDResPub - ok
23:37:26.0409 0x08d4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:37:26.0424 0x08d4  FileInfo - ok
23:37:26.0434 0x08d4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:37:26.0479 0x08d4  Filetrace - ok
23:37:26.0494 0x08d4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:37:26.0533 0x08d4  flpydisk - ok
23:37:26.0587 0x08d4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:37:26.0605 0x08d4  FltMgr - ok
23:37:26.0687 0x08d4  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
23:37:26.0796 0x08d4  FontCache - ok
23:37:26.0855 0x08d4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:37:26.0869 0x08d4  FontCache3.0.0.0 - ok
23:37:26.0879 0x08d4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:37:26.0891 0x08d4  FsDepends - ok
23:37:26.0920 0x08d4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:37:26.0931 0x08d4  Fs_Rec - ok
23:37:26.0978 0x08d4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:37:26.0997 0x08d4  fvevol - ok
23:37:27.0030 0x08d4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:37:27.0045 0x08d4  gagp30kx - ok
23:37:27.0080 0x08d4  GDPkIcpt - ok
23:37:27.0271 0x08d4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:37:27.0288 0x08d4  GEARAspiWDM - ok
23:37:27.0437 0x08d4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:37:27.0521 0x08d4  gpsvc - ok
23:37:27.0629 0x08d4  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:37:27.0642 0x08d4  gupdate - ok
23:37:27.0663 0x08d4  [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:37:27.0673 0x08d4  gupdatem - ok
23:37:27.0699 0x08d4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:37:27.0819 0x08d4  hcw85cir - ok
23:37:27.0882 0x08d4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:37:27.0927 0x08d4  HdAudAddService - ok
23:37:27.0987 0x08d4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:37:28.0029 0x08d4  HDAudBus - ok
23:37:28.0109 0x08d4  [ 7F40163C7A7369A147761C9B57A1223E, 1BF89A4E405F24FB339151CCC2957D22683548B8064F08DC9CECB7580D0A173B ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
23:37:28.0153 0x08d4  HECIx64 - ok
23:37:28.0170 0x08d4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:37:28.0217 0x08d4  HidBatt - ok
23:37:28.0261 0x08d4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:37:28.0283 0x08d4  HidBth - ok
23:37:28.0356 0x08d4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:37:28.0408 0x08d4  HidIr - ok
23:37:28.0457 0x08d4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
23:37:28.0544 0x08d4  hidserv - ok
23:37:28.0642 0x08d4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:37:28.0702 0x08d4  HidUsb - ok
23:37:28.0715 0x08d4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:37:28.0811 0x08d4  hkmsvc - ok
23:37:28.0876 0x08d4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:37:28.0977 0x08d4  HomeGroupListener - ok
23:37:29.0021 0x08d4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:37:29.0070 0x08d4  HomeGroupProvider - ok
23:37:29.0139 0x08d4  [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
23:37:29.0149 0x08d4  hpdskflt - ok
23:37:29.0188 0x08d4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:37:29.0200 0x08d4  HpSAMD - ok
23:37:29.0231 0x08d4  [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv           C:\Windows\system32\Hpservice.exe
23:37:29.0240 0x08d4  hpsrv - ok
23:37:29.0296 0x08d4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:37:29.0433 0x08d4  HTTP - ok
23:37:29.0485 0x08d4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:37:29.0552 0x08d4  hwpolicy - ok
23:37:29.0611 0x08d4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:37:29.0626 0x08d4  i8042prt - ok
23:37:29.0707 0x08d4  [ 8BE099617DA18FE085A40D47FC156B1B, A5F7AB41D32DF8A12F1945C263EE954CE15069C3CFD7131C74A8A3F4EC3AC122 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
23:37:29.0732 0x08d4  iaStorA - ok
23:37:29.0812 0x08d4  [ 3AEE4C821114AC707699A28988F27ABB, 033A25A19E2A649DA059AE3BCACB8605C00D4F10D356C5E3167B84C01B9359A9 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
23:37:29.0821 0x08d4  IAStorDataMgrSvc - ok
23:37:29.0835 0x08d4  [ 005C0887D8B57A19883E3ADEF5478F05, E4D53F6197F128C5A753DBA0592619893D93F87575678E9708830B04C4CE1553 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
23:37:29.0851 0x08d4  iaStorF - ok
23:37:29.0920 0x08d4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:37:29.0974 0x08d4  iaStorV - ok
23:37:30.0047 0x08d4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:37:30.0096 0x08d4  idsvc - ok
23:37:30.0121 0x08d4  IEEtwCollectorService - ok
23:37:30.0185 0x08d4  [ 88366E13052CC319C670D4B42C01466E, BA4B734C6C31B23FB19B17DDB1665F55C56623FEE25FE022EB406BFD8F43453D ] IFXTPM          C:\Windows\system32\DRIVERS\IFXTPM.SYS
23:37:30.0246 0x08d4  IFXTPM - ok
23:37:30.0624 0x08d4  [ C458A0B66D11CBABD113EAC828276A8C, FF31B49BAF36358A16FA5478036C6431DE877BA30D6F6DF85FD0A2FA6E6CB0E1 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:37:31.0224 0x08d4  igfx - ok
23:37:31.0313 0x08d4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:37:31.0327 0x08d4  iirsp - ok
23:37:31.0388 0x08d4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:37:31.0458 0x08d4  IKEEXT - ok
23:37:31.0509 0x08d4  [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
23:37:31.0565 0x08d4  Impcd - ok
23:37:31.0614 0x08d4  [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:37:31.0692 0x08d4  IntcDAud - ok
23:37:31.0744 0x08d4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:37:31.0756 0x08d4  intelide - ok
23:37:31.0774 0x08d4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:37:31.0838 0x08d4  intelppm - ok
23:37:31.0871 0x08d4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:37:32.0033 0x08d4  IPBusEnum - ok
23:37:32.0071 0x08d4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:37:32.0152 0x08d4  IpFilterDriver - ok
23:37:32.0209 0x08d4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:37:32.0406 0x08d4  iphlpsvc - ok
23:37:32.0563 0x08d4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:37:32.0643 0x08d4  IPMIDRV - ok
23:37:32.0671 0x08d4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:37:32.0728 0x08d4  IPNAT - ok
23:37:32.0832 0x08d4  [ BD713ED20CFD71C32C4BE1928423AE9A, E0EE95FEA3930EA335D9B1FF74EEFAA61ECEC89AEBB1D0E43A1E1088F9990273 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:37:32.0874 0x08d4  iPod Service - ok
23:37:32.0890 0x08d4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:37:32.0983 0x08d4  IRENUM - ok
23:37:32.0997 0x08d4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:37:33.0008 0x08d4  isapnp - ok
23:37:33.0043 0x08d4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:37:33.0062 0x08d4  iScsiPrt - ok
23:37:33.0081 0x08d4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:37:33.0096 0x08d4  kbdclass - ok
23:37:33.0145 0x08d4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:37:33.0184 0x08d4  kbdhid - ok
23:37:33.0216 0x08d4  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] KeyIso          C:\Windows\system32\lsass.exe
23:37:33.0227 0x08d4  KeyIso - ok
23:37:33.0264 0x08d4  [ 1DAC21EC0705A6AFEFACCE265798F0F9, 16B66AE2578C6744825B0DFBB9CBA35FBDF5C04E8999F7629BA43D566FA9277F ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:37:33.0277 0x08d4  KSecDD - ok
23:37:33.0295 0x08d4  [ 2737840E7F6F6FF439966A67A35D59F8, 7442A8864D0A92C3A7EDBF889EC1AA9F743D6B48C4075CA8F3C0F1D836DFB9CE ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:37:33.0309 0x08d4  KSecPkg - ok
23:37:33.0319 0x08d4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:37:33.0395 0x08d4  ksthunk - ok
23:37:33.0440 0x08d4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:37:33.0518 0x08d4  KtmRm - ok
23:37:33.0581 0x08d4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:37:33.0647 0x08d4  LanmanServer - ok
23:37:33.0689 0x08d4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:37:33.0725 0x08d4  LanmanWorkstation - ok
23:37:33.0792 0x08d4  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
23:37:33.0801 0x08d4  LGBusEnum - ok
23:37:33.0836 0x08d4  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
23:37:33.0855 0x08d4  LGSHidFilt - ok
23:37:33.0883 0x08d4  [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt      C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
23:37:33.0892 0x08d4  LGSUsbFilt - ok
23:37:33.0939 0x08d4  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
23:37:33.0948 0x08d4  LGVirHid - ok
23:37:34.0038 0x08d4  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
23:37:34.0069 0x08d4  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
23:37:37.0078 0x08d4  Detect skipped due to KSN trusted
23:37:37.0078 0x08d4  LightScribeService - ok
23:37:37.0136 0x08d4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:37:37.0174 0x08d4  lltdio - ok
23:37:37.0206 0x08d4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:37:37.0280 0x08d4  lltdsvc - ok
23:37:37.0333 0x08d4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:37:37.0395 0x08d4  lmhosts - ok
23:37:37.0433 0x08d4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:37:37.0446 0x08d4  LSI_FC - ok
23:37:37.0459 0x08d4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:37:37.0472 0x08d4  LSI_SAS - ok
23:37:37.0489 0x08d4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:37:37.0501 0x08d4  LSI_SAS2 - ok
23:37:37.0516 0x08d4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:37:37.0531 0x08d4  LSI_SCSI - ok
23:37:37.0546 0x08d4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:37:37.0612 0x08d4  luafv - ok
23:37:37.0696 0x08d4  [ 7AEAC0B5B185CB5601673A0462C7EC36, B79FB5094F32F11CE2969CD08DB0EBC695D150BA2200179EB6C3BBAEEDB857B2 ] massfilter      C:\Windows\system32\DRIVERS\massfilter.sys
23:37:37.0732 0x08d4  massfilter - ok
23:37:37.0814 0x08d4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:37:37.0848 0x08d4  Mcx2Svc - ok
23:37:37.0867 0x08d4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:37:37.0878 0x08d4  megasas - ok
23:37:37.0901 0x08d4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:37:37.0921 0x08d4  MegaSR - ok
23:37:37.0982 0x08d4  Microsoft SharePoint Workspace Audit Service - ok
23:37:38.0008 0x08d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:37:38.0065 0x08d4  MMCSS - ok
23:37:38.0090 0x08d4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:37:38.0180 0x08d4  Modem - ok
23:37:38.0217 0x08d4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:37:38.0258 0x08d4  monitor - ok
23:37:38.0291 0x08d4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:37:38.0306 0x08d4  mouclass - ok
23:37:38.0327 0x08d4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:37:38.0359 0x08d4  mouhid - ok
23:37:38.0406 0x08d4  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:37:38.0419 0x08d4  mountmgr - ok
23:37:38.0484 0x08d4  [ 6439D1E559D08BD8A1465A8943357053, 0E300508C22D12FBA3BE566B722F574CBE1B4A1A305356B92B8EA8B86267071B ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:37:38.0505 0x08d4  MpFilter - ok
23:37:38.0522 0x08d4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:37:38.0537 0x08d4  mpio - ok
23:37:38.0550 0x08d4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:37:38.0587 0x08d4  mpsdrv - ok
23:37:38.0646 0x08d4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:37:38.0749 0x08d4  MpsSvc - ok
23:37:38.0800 0x08d4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:37:38.0909 0x08d4  MRxDAV - ok
23:37:38.0952 0x08d4  [ DB8E6BA1D110A4E40D48612E9009E366, 678728CC8BBCD0D99E67DA63F53A99AC6D6D12EAE3E26655D372940BE7411098 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:37:38.0977 0x08d4  mrxsmb - ok
23:37:39.0018 0x08d4  [ 24432705B02BC1EFC42A83F93BA202A3, 13F2CA069FAEDA9CEAC6E09D10807DBFF729EAF6133DC46DE5A14C5694E9510B ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:37:39.0065 0x08d4  mrxsmb10 - ok
23:37:39.0102 0x08d4  [ 5E7E31C6426F000AF29E7C452826AF5E, F66102138458BDBD2CE586C95FF90F9B90F5DC8832EA1ACFAD694F1D0B949B21 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:37:39.0134 0x08d4  mrxsmb20 - ok
23:37:39.0188 0x08d4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:37:39.0221 0x08d4  msahci - ok
23:37:39.0247 0x08d4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:37:39.0263 0x08d4  msdsm - ok
23:37:39.0278 0x08d4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:37:39.0319 0x08d4  MSDTC - ok
23:37:39.0357 0x08d4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:37:39.0428 0x08d4  Msfs - ok
23:37:39.0454 0x08d4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:37:39.0519 0x08d4  mshidkmdf - ok
23:37:39.0552 0x08d4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:37:39.0563 0x08d4  msisadrv - ok
23:37:39.0598 0x08d4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:37:39.0660 0x08d4  MSiSCSI - ok
23:37:39.0663 0x08d4  msiserver - ok
23:37:39.0699 0x08d4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:37:39.0736 0x08d4  MSKSSRV - ok
23:37:39.0818 0x08d4  [ F0D5494D8B177C37E16966262F5D0F68, DD63427DFFD9DD2BEC8336F6AD1BEFE347012331631DC5FEC65E83B1EACDBC67 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:37:39.0834 0x08d4  MsMpSvc - ok
23:37:39.0850 0x08d4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:37:39.0915 0x08d4  MSPCLOCK - ok
23:37:39.0946 0x08d4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:37:40.0021 0x08d4  MSPQM - ok
23:37:40.0070 0x08d4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:37:40.0098 0x08d4  MsRPC - ok
23:37:40.0129 0x08d4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:37:40.0140 0x08d4  mssmbios - ok
23:37:40.0160 0x08d4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:37:40.0221 0x08d4  MSTEE - ok
23:37:40.0245 0x08d4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:37:40.0278 0x08d4  MTConfig - ok
23:37:40.0328 0x08d4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:37:40.0339 0x08d4  Mup - ok
23:37:40.0392 0x08d4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:37:40.0473 0x08d4  napagent - ok
23:37:40.0527 0x08d4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:37:40.0577 0x08d4  NativeWifiP - ok
23:37:40.0723 0x08d4  [ E59AFB64C2F6E0C99350E1C944C75088, 10A9044192D0A83857A57286EABB05037922860483DA2B05AFCC485A8311E4EF ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
23:37:40.0763 0x08d4  NAUpdate - ok
23:37:40.0836 0x08d4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:37:40.0885 0x08d4  NDIS - ok
23:37:40.0909 0x08d4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:37:40.0944 0x08d4  NdisCap - ok
23:37:40.0967 0x08d4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:37:41.0029 0x08d4  NdisTapi - ok
23:37:41.0063 0x08d4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:37:41.0125 0x08d4  Ndisuio - ok
23:37:41.0162 0x08d4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:37:41.0230 0x08d4  NdisWan - ok
23:37:41.0274 0x08d4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:37:41.0333 0x08d4  NDProxy - ok
23:37:41.0390 0x08d4  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
23:37:41.0421 0x08d4  Netaapl - ok
23:37:41.0433 0x08d4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:37:41.0478 0x08d4  NetBIOS - ok
23:37:41.0520 0x08d4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:37:41.0589 0x08d4  NetBT - ok
23:37:41.0615 0x08d4  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] Netlogon        C:\Windows\system32\lsass.exe
23:37:41.0630 0x08d4  Netlogon - ok
23:37:41.0668 0x08d4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:37:41.0719 0x08d4  Netman - ok
23:37:41.0772 0x08d4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:37:41.0815 0x08d4  NetMsmqActivator - ok
23:37:41.0822 0x08d4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:37:41.0838 0x08d4  NetPipeActivator - ok
23:37:41.0867 0x08d4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:37:41.0935 0x08d4  netprofm - ok
23:37:41.0941 0x08d4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:37:41.0955 0x08d4  NetTcpActivator - ok
23:37:41.0962 0x08d4  [ 15CBA881E10968E33B43D31BE6097BA3, 69449ACA82B67F308C9F7DAB7A4C75BD88A95B98FC7F9102C72AD3D233A48346 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:37:41.0976 0x08d4  NetTcpPortSharing - ok
23:37:42.0055 0x08d4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:37:42.0066 0x08d4  nfrd960 - ok
23:37:42.0127 0x08d4  [ F9EEFFC65C68A45001D1349E652B8B6F, E5F223129416083A12A85D48C65B2C8D1BF1124110399938E144308C89F9241D ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:37:42.0146 0x08d4  NisDrv - ok
23:37:42.0204 0x08d4  [ 9690F420A99364C1E5C439914B0DE25C, 6C6E0B27C4255001FE5F1EAD911DE1A8BF922C405B0C8031A6BD253CEB1D02A6 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
23:37:42.0236 0x08d4  NisSrv - ok
23:37:42.0280 0x08d4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:37:42.0338 0x08d4  NlaSvc - ok
23:37:42.0356 0x08d4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:37:42.0396 0x08d4  Npfs - ok
23:37:42.0416 0x08d4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:37:42.0480 0x08d4  nsi - ok
23:37:42.0512 0x08d4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:37:42.0573 0x08d4  nsiproxy - ok
23:37:42.0654 0x08d4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:37:42.0722 0x08d4  Ntfs - ok
23:37:42.0736 0x08d4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:37:42.0802 0x08d4  Null - ok
23:37:42.0832 0x08d4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:37:42.0847 0x08d4  nvraid - ok
23:37:42.0898 0x08d4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:37:42.0913 0x08d4  nvstor - ok
23:37:42.0932 0x08d4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:37:42.0946 0x08d4  nv_agp - ok
23:37:42.0966 0x08d4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:37:42.0979 0x08d4  ohci1394 - ok
23:37:43.0057 0x08d4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:37:43.0070 0x08d4  ose - ok
23:37:43.0265 0x08d4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:37:43.0482 0x08d4  osppsvc - ok
23:37:43.0543 0x08d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:37:43.0655 0x08d4  p2pimsvc - ok
23:37:43.0684 0x08d4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:37:43.0747 0x08d4  p2psvc - ok
23:37:43.0797 0x08d4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:37:43.0814 0x08d4  Parport - ok
23:37:43.0841 0x08d4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:37:43.0854 0x08d4  partmgr - ok
23:37:43.0895 0x08d4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:37:44.0002 0x08d4  PcaSvc - ok
23:37:44.0038 0x08d4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:37:44.0054 0x08d4  pci - ok
23:37:44.0098 0x08d4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:37:44.0114 0x08d4  pciide - ok
23:37:44.0133 0x08d4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:37:44.0150 0x08d4  pcmcia - ok
23:37:44.0162 0x08d4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:37:44.0175 0x08d4  pcw - ok
23:37:44.0235 0x08d4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:37:44.0273 0x08d4  PEAUTH - ok
23:37:44.0331 0x08d4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:37:44.0470 0x08d4  PeerDistSvc - ok
23:37:44.0539 0x08d4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:37:44.0573 0x08d4  PerfHost - ok
23:37:44.0648 0x08d4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:37:44.0757 0x08d4  pla - ok
23:37:44.0806 0x08d4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:37:44.0846 0x08d4  PlugPlay - ok
23:37:44.0862 0x08d4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:37:44.0895 0x08d4  PNRPAutoReg - ok
23:37:44.0929 0x08d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:37:44.0947 0x08d4  PNRPsvc - ok
23:37:44.0971 0x08d4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:37:45.0059 0x08d4  PolicyAgent - ok
23:37:45.0105 0x08d4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:37:45.0171 0x08d4  Power - ok
23:37:45.0220 0x08d4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:37:45.0258 0x08d4  PptpMiniport - ok
23:37:45.0288 0x08d4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:37:45.0343 0x08d4  Processor - ok
23:37:45.0382 0x08d4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:37:45.0468 0x08d4  ProfSvc - ok
23:37:45.0476 0x08d4  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:37:45.0491 0x08d4  ProtectedStorage - ok
23:37:45.0527 0x08d4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:37:45.0589 0x08d4  Psched - ok
23:37:45.0650 0x08d4  [ BC08F7F3C53CBEE68670ED1314E290FD, EC683DDE60AFED297D28BC7570BB6DA27A94F52417AD6DE1FBE265255F4051DD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
23:37:45.0660 0x08d4  PxHlpa64 - ok
23:37:45.0714 0x08d4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:37:45.0780 0x08d4  ql2300 - ok
23:37:45.0804 0x08d4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:37:45.0820 0x08d4  ql40xx - ok
23:37:45.0857 0x08d4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:37:45.0881 0x08d4  QWAVE - ok
23:37:45.0893 0x08d4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:37:45.0935 0x08d4  QWAVEdrv - ok
23:37:45.0958 0x08d4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:37:46.0025 0x08d4  RasAcd - ok
23:37:46.0039 0x08d4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:37:46.0098 0x08d4  RasAgileVpn - ok
23:37:46.0127 0x08d4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:37:46.0188 0x08d4  RasAuto - ok
23:37:46.0228 0x08d4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:37:46.0287 0x08d4  Rasl2tp - ok
23:37:46.0327 0x08d4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:37:46.0380 0x08d4  RasMan - ok
23:37:46.0391 0x08d4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:37:46.0462 0x08d4  RasPppoe - ok
23:37:46.0493 0x08d4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:37:46.0553 0x08d4  RasSstp - ok
23:37:46.0604 0x08d4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:37:46.0650 0x08d4  rdbss - ok
23:37:46.0663 0x08d4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:37:46.0702 0x08d4  rdpbus - ok
23:37:46.0734 0x08d4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:37:46.0793 0x08d4  RDPCDD - ok
23:37:46.0839 0x08d4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:37:46.0899 0x08d4  RDPDR - ok
23:37:46.0916 0x08d4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:37:46.0981 0x08d4  RDPENCDD - ok
23:37:47.0021 0x08d4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:37:47.0057 0x08d4  RDPREFMP - ok
23:37:47.0147 0x08d4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
23:37:47.0217 0x08d4  RdpVideoMiniport - ok
23:37:47.0260 0x08d4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:37:47.0303 0x08d4  RDPWD - ok
23:37:47.0366 0x08d4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:37:47.0383 0x08d4  rdyboost - ok
23:37:47.0404 0x08d4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:37:47.0475 0x08d4  RemoteAccess - ok
23:37:47.0501 0x08d4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:37:47.0566 0x08d4  RemoteRegistry - ok
23:37:47.0619 0x08d4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:37:47.0658 0x08d4  RFCOMM - ok
23:37:47.0719 0x08d4  [ D018844DC53D8428410A2FEEEEE9373E, 8EC2B96AE65F1DD128ABF29F9C799EC918DC04EFEEB80E9A8DB545E6F0E50F6A ] RICOH SmartCard Reader C:\Windows\system32\DRIVERS\rismcx64.sys
23:37:47.0793 0x08d4  RICOH SmartCard Reader - ok
23:37:47.0842 0x08d4  [ F45D6E12EB99A668F52201637C67C8F5, B89F8F80A46C30C22FE5593E67FC42D5166F84429A3393ADB4B0BE71CA5513B1 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
23:37:47.0887 0x08d4  rimmptsk - ok
23:37:47.0940 0x08d4  [ 71E182A0DE1CECB3F912960716345405, 3D7F53E01DE0D6A55E438CB372138E718458EB4AD353481B661A837D0968D60E ] risdptsk        C:\Windows\system32\DRIVERS\risdsn64.sys
23:37:47.0999 0x08d4  risdptsk - ok
23:37:48.0007 0x08d4  [ D018844DC53D8428410A2FEEEEE9373E, 8EC2B96AE65F1DD128ABF29F9C799EC918DC04EFEEB80E9A8DB545E6F0E50F6A ] rismcx64        C:\Windows\system32\DRIVERS\rismcx64.sys
23:37:48.0018 0x08d4  rismcx64 - ok
23:37:48.0079 0x08d4  [ CAF88D6573D21CD2AA27001DDBFDC74D, 8256B93E586953F1B594BFFA1F005DB08325CAF1729A93820B09F60DAA998C97 ] RMCAST          C:\Windows\system32\DRIVERS\RMCAST.sys
23:37:48.0142 0x08d4  RMCAST - ok
23:37:48.0176 0x08d4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:37:48.0216 0x08d4  RpcEptMapper - ok
23:37:48.0235 0x08d4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:37:48.0279 0x08d4  RpcLocator - ok
23:37:48.0333 0x08d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:37:48.0377 0x08d4  RpcSs - ok
23:37:48.0414 0x08d4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:37:48.0472 0x08d4  rspndr - ok
23:37:48.0568 0x08d4  [ 7461D3DA1AABB5F703504E958455A900, B77D36E095A476A8191C1771539F20529F82CACF3C945BF55D64C39EEF09D0EA ] RTL8192cu       C:\Windows\system32\DRIVERS\RTL8192cu.sys
23:37:48.0618 0x08d4  RTL8192cu - ok
23:37:48.0761 0x08d4  [ B9F557E35A2533BCB4D35F6837954EA9, A398FC27BB3A529612D80249BB55AEA055105EFB9B43389D48963546F3BD72D6 ] RtlWlanu        C:\Windows\system32\DRIVERS\rtwlanu.sys
23:37:48.0876 0x08d4  RtlWlanu - ok
23:37:48.0913 0x08d4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:37:48.0964 0x08d4  s3cap - ok
23:37:48.0974 0x08d4  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] SamSs           C:\Windows\system32\lsass.exe
23:37:48.0985 0x08d4  SamSs - ok
23:37:49.0031 0x08d4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:37:49.0044 0x08d4  sbp2port - ok
23:37:49.0093 0x08d4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:37:49.0142 0x08d4  SCardSvr - ok
23:37:49.0191 0x08d4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:37:49.0253 0x08d4  scfilter - ok
23:37:49.0336 0x08d4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:37:49.0496 0x08d4  Schedule - ok
23:37:49.0538 0x08d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:37:49.0572 0x08d4  SCPolicySvc - ok
23:37:49.0611 0x08d4  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
23:37:49.0651 0x08d4  sdbus - ok
23:37:49.0690 0x08d4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:37:49.0788 0x08d4  SDRSVC - ok
23:37:49.0817 0x08d4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:37:49.0860 0x08d4  secdrv - ok
23:37:49.0880 0x08d4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:37:49.0916 0x08d4  seclogon - ok
23:37:49.0951 0x08d4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
23:37:50.0029 0x08d4  SENS - ok
23:37:50.0054 0x08d4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:37:50.0114 0x08d4  SensrSvc - ok
23:37:50.0138 0x08d4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:37:50.0177 0x08d4  Serenum - ok
23:37:50.0210 0x08d4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:37:50.0249 0x08d4  Serial - ok
23:37:50.0289 0x08d4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:37:50.0329 0x08d4  sermouse - ok
23:37:50.0380 0x08d4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:37:50.0451 0x08d4  SessionEnv - ok
23:37:50.0477 0x08d4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:37:50.0540 0x08d4  sffdisk - ok
23:37:50.0558 0x08d4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:37:50.0589 0x08d4  sffp_mmc - ok
23:37:50.0612 0x08d4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:37:50.0631 0x08d4  sffp_sd - ok
23:37:50.0639 0x08d4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:37:50.0651 0x08d4  sfloppy - ok
23:37:50.0694 0x08d4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:37:50.0780 0x08d4  SharedAccess - ok
23:37:50.0818 0x08d4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:37:50.0876 0x08d4  ShellHWDetection - ok
23:37:50.0899 0x08d4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:37:50.0923 0x08d4  SiSRaid2 - ok
23:37:50.0945 0x08d4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:37:50.0965 0x08d4  SiSRaid4 - ok
23:37:50.0998 0x08d4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:37:51.0158 0x08d4  Smb - ok
23:37:51.0189 0x08d4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:37:51.0207 0x08d4  SNMPTRAP - ok
23:37:51.0304 0x08d4  [ 84E347359A28E9E544FF169FBDEA5F59, 8D14145E8A9C711B47B1BCDA364C261F8B61261443D5E2E101F50A88CB4D15EC ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys
23:37:51.0407 0x08d4  SNP2UVC - ok
23:37:51.0422 0x08d4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:37:51.0435 0x08d4  spldr - ok
23:37:51.0476 0x08d4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
23:37:51.0582 0x08d4  Spooler - ok
23:37:51.0717 0x08d4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:37:51.0916 0x08d4  sppsvc - ok
23:37:51.0940 0x08d4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:37:52.0014 0x08d4  sppuinotify - ok
23:37:52.0067 0x08d4  [ D6AB7C13FCDD2E4CAC35244D2C172D9A, 64A66368F5336B7A5879D083C2FE57DFD384410ADCC18004F327A4004A4F4300 ] sptd            C:\Windows\System32\Drivers\sptd.sys
23:37:52.0154 0x08d4  sptd - ok
23:37:52.0194 0x08d4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:37:52.0286 0x08d4  srv - ok
23:37:52.0306 0x08d4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:37:52.0363 0x08d4  srv2 - ok
23:37:52.0399 0x08d4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:37:52.0442 0x08d4  srvnet - ok
23:37:52.0487 0x08d4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:37:52.0527 0x08d4  SSDPSRV - ok
23:37:52.0537 0x08d4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:37:52.0576 0x08d4  SstpSvc - ok
23:37:52.0711 0x08d4  [ F8807AAF697E1D20C9D7716A4941E574, A75EC77F4999699562446922FD633347FBB1B61E2A5E049AC9ED3ED2290648F4 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
23:37:52.0744 0x08d4  STacSV - ok
23:37:52.0830 0x08d4  [ E5C796B621F6FBA8616511063D7F0FFE, 447FA64F552D4B04AD029E01485B4438A70D9B9B98EB49A883D5B17ED4C1D52F ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
23:37:52.0872 0x08d4  StarWindServiceAE - detected UnsignedFile.Multi.Generic ( 1 )
23:37:55.0473 0x08d4  Detect skipped due to KSN trusted
23:37:55.0473 0x08d4  StarWindServiceAE - ok
23:37:55.0536 0x08d4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:37:55.0548 0x08d4  stexstor - ok
23:37:55.0579 0x08d4  [ 96DF19A03D37F8568141612D31F0D035, 767FE2E1EC78CBC472C9F494515D966607AB9E556E3C5F2C77A034D1C4148207 ] STHDA           C:\Windows\system32\DRIVERS\stwrt64.sys
23:37:55.0639 0x08d4  STHDA - ok
23:37:55.0680 0x08d4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
23:37:55.0725 0x08d4  StillCam - ok
23:37:55.0794 0x08d4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:37:55.0841 0x08d4  stisvc - ok
23:37:55.0875 0x08d4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:37:55.0887 0x08d4  storflt - ok
23:37:55.0907 0x08d4  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
23:37:55.0989 0x08d4  StorSvc - ok
23:37:56.0007 0x08d4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:37:56.0021 0x08d4  storvsc - ok
23:37:56.0059 0x08d4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:37:56.0070 0x08d4  swenum - ok
23:37:56.0102 0x08d4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:37:56.0163 0x08d4  swprv - ok
23:37:56.0232 0x08d4  [ D268D2A0DB2A2BBE963E688D0B039267, DBEF7A1E1E015825E4C2BD80FE3D468E8A6840A44027381CDD4B96605D2FC12A ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
23:37:56.0289 0x08d4  SynTP - ok
23:37:56.0372 0x08d4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:37:56.0531 0x08d4  SysMain - ok
23:37:56.0586 0x08d4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:37:56.0683 0x08d4  TabletInputService - ok
23:37:56.0750 0x08d4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:37:56.0828 0x08d4  TapiSrv - ok
23:37:56.0857 0x08d4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:37:56.0894 0x08d4  TBS - ok
23:37:56.0979 0x08d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:37:57.0061 0x08d4  Tcpip - ok
23:37:57.0133 0x08d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:37:57.0184 0x08d4  TCPIP6 - ok
23:37:57.0228 0x08d4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:37:57.0266 0x08d4  tcpipreg - ok
23:37:57.0311 0x08d4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:37:57.0361 0x08d4  TDPIPE - ok
23:37:57.0378 0x08d4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:37:57.0427 0x08d4  TDTCP - ok
23:37:57.0469 0x08d4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:37:57.0535 0x08d4  tdx - ok
23:37:57.0571 0x08d4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:37:57.0583 0x08d4  TermDD - ok
23:37:57.0644 0x08d4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:37:57.0719 0x08d4  TermService - ok
23:37:57.0745 0x08d4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:37:57.0787 0x08d4  Themes - ok
23:37:57.0834 0x08d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:37:57.0869 0x08d4  THREADORDER - ok
23:37:57.0898 0x08d4  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
23:37:57.0909 0x08d4  TPM - ok
23:37:57.0924 0x08d4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:37:57.0963 0x08d4  TrkWks - ok
23:37:58.0026 0x08d4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:37:58.0071 0x08d4  TrustedInstaller - ok
23:37:58.0103 0x08d4  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:37:58.0119 0x08d4  tssecsrv - ok
23:37:58.0169 0x08d4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:37:58.0243 0x08d4  TsUsbFlt - ok
23:37:58.0292 0x08d4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:37:58.0350 0x08d4  tunnel - ok
23:37:58.0399 0x08d4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:37:58.0420 0x08d4  uagp35 - ok
23:37:58.0442 0x08d4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:37:58.0514 0x08d4  udfs - ok
23:37:58.0546 0x08d4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:37:58.0560 0x08d4  UI0Detect - ok
23:37:58.0569 0x08d4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:37:58.0582 0x08d4  uliagpkx - ok
23:37:58.0607 0x08d4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
23:37:58.0641 0x08d4  umbus - ok
23:37:58.0669 0x08d4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:37:58.0701 0x08d4  UmPass - ok
23:37:58.0748 0x08d4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:37:58.0788 0x08d4  UmRdpService - ok
23:37:58.0822 0x08d4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:37:58.0896 0x08d4  upnphost - ok
23:37:58.0953 0x08d4  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:37:58.0974 0x08d4  USBAAPL64 - ok
23:37:59.0010 0x08d4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:37:59.0067 0x08d4  usbccgp - ok
23:37:59.0112 0x08d4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:37:59.0175 0x08d4  usbcir - ok
23:37:59.0225 0x08d4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:37:59.0262 0x08d4  usbehci - ok
23:37:59.0335 0x08d4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:37:59.0394 0x08d4  usbhub - ok
23:37:59.0435 0x08d4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:37:59.0447 0x08d4  usbohci - ok
23:37:59.0475 0x08d4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:37:59.0508 0x08d4  usbprint - ok
23:37:59.0549 0x08d4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:37:59.0651 0x08d4  USBSTOR - ok
23:37:59.0666 0x08d4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:37:59.0678 0x08d4  usbuhci - ok
23:37:59.0719 0x08d4  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
23:37:59.0761 0x08d4  usbvideo - ok
23:37:59.0785 0x08d4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:37:59.0852 0x08d4  UxSms - ok
23:37:59.0883 0x08d4  [ 3E9BDCA3994E2B6B6AC16BAA76722934, A77FEE9D78C1151B13C9509FA89B64024442D00C3C9EA19954045413D8A69D73 ] VaultSvc        C:\Windows\system32\lsass.exe
23:37:59.0893 0x08d4  VaultSvc - ok
23:37:59.0979 0x08d4  [ BBE2B5036D2FF45458C747FB2513591D, 22A2E672E9EF5F39BB9E75D54B6AD83E6C63C5126E3C4D7BD02777F3DE39F505 ] vcsFPService    C:\Windows\system32\vcsFPService.exe
23:38:00.0090 0x08d4  vcsFPService - ok
23:38:00.0156 0x08d4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:38:00.0168 0x08d4  vdrvroot - ok
23:38:00.0235 0x08d4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:38:00.0336 0x08d4  vds - ok
23:38:00.0378 0x08d4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:38:00.0392 0x08d4  vga - ok
23:38:00.0405 0x08d4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:38:00.0451 0x08d4  VgaSave - ok
23:38:00.0497 0x08d4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:38:00.0513 0x08d4  vhdmp - ok
23:38:00.0579 0x08d4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:38:00.0589 0x08d4  viaide - ok
23:38:00.0611 0x08d4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:38:00.0630 0x08d4  vmbus - ok
23:38:00.0642 0x08d4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:38:00.0674 0x08d4  VMBusHID - ok
23:38:00.0703 0x08d4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:38:00.0715 0x08d4  volmgr - ok
23:38:00.0763 0x08d4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:38:00.0782 0x08d4  volmgrx - ok
23:38:00.0801 0x08d4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:38:00.0820 0x08d4  volsnap - ok
23:38:00.0850 0x08d4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:38:00.0869 0x08d4  vsmraid - ok
23:38:00.0941 0x08d4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:38:01.0045 0x08d4  VSS - ok
23:38:01.0061 0x08d4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:38:01.0097 0x08d4  vwifibus - ok
23:38:01.0131 0x08d4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:38:01.0171 0x08d4  vwififlt - ok
23:38:01.0205 0x08d4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:38:01.0220 0x08d4  vwifimp - ok
23:38:01.0255 0x08d4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:38:01.0374 0x08d4  W32Time - ok
23:38:01.0402 0x08d4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:38:01.0415 0x08d4  WacomPen - ok
23:38:01.0440 0x08d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:38:01.0499 0x08d4  WANARP - ok
23:38:01.0522 0x08d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:38:01.0557 0x08d4  Wanarpv6 - ok
23:38:01.0632 0x08d4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:38:01.0721 0x08d4  wbengine - ok
23:38:01.0741 0x08d4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:38:01.0764 0x08d4  WbioSrvc - ok
23:38:01.0851 0x08d4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:38:01.0878 0x08d4  wcncsvc - ok
23:38:01.0892 0x08d4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:38:01.0961 0x08d4  WcsPlugInService - ok
23:38:01.0977 0x08d4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:38:01.0989 0x08d4  Wd - ok
23:38:02.0046 0x08d4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:38:02.0088 0x08d4  Wdf01000 - ok
23:38:02.0108 0x08d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:38:02.0185 0x08d4  WdiServiceHost - ok
23:38:02.0190 0x08d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:38:02.0205 0x08d4  WdiSystemHost - ok
23:38:02.0241 0x08d4  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
23:38:02.0323 0x08d4  WebClient - ok
23:38:02.0343 0x08d4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:38:02.0408 0x08d4  Wecsvc - ok
23:38:02.0439 0x08d4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:38:02.0500 0x08d4  wercplsupport - ok
23:38:02.0536 0x08d4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:38:02.0573 0x08d4  WerSvc - ok
23:38:02.0596 0x08d4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:38:02.0650 0x08d4  WfpLwf - ok
23:38:02.0673 0x08d4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:38:02.0683 0x08d4  WIMMount - ok
23:38:02.0701 0x08d4  WinDefend - ok
23:38:02.0728 0x08d4  WinHttpAutoProxySvc - ok
23:38:02.0777 0x08d4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:38:02.0817 0x08d4  Winmgmt - ok
23:38:02.0914 0x08d4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
23:38:03.0090 0x08d4  WinRM - ok
23:38:03.0139 0x08d4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUSB          C:\Windows\system32\drivers\WinUsb.sys
23:38:03.0156 0x08d4  WinUSB - ok
23:38:03.0207 0x08d4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:38:03.0297 0x08d4  Wlansvc - ok
23:38:03.0434 0x08d4  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:38:03.0520 0x08d4  wlidsvc - ok
23:38:03.0559 0x08d4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:38:03.0597 0x08d4  WmiAcpi - ok
23:38:03.0651 0x08d4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:38:03.0669 0x08d4  wmiApSrv - ok
23:38:03.0700 0x08d4  WMPNetworkSvc - ok
23:38:03.0712 0x08d4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:38:03.0785 0x08d4  WPCSvc - ok
23:38:03.0826 0x08d4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:38:03.0892 0x08d4  WPDBusEnum - ok
23:38:03.0966 0x08d4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:38:04.0001 0x08d4  ws2ifsl - ok
23:38:04.0015 0x08d4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
23:38:04.0036 0x08d4  wscsvc - ok
23:38:04.0076 0x08d4  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
23:38:04.0090 0x08d4  WSDPrintDevice - ok
23:38:04.0093 0x08d4  WSearch - ok
23:38:04.0199 0x08d4  [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv        C:\Windows\system32\wuaueng.dll
23:38:04.0386 0x08d4  wuauserv - ok
23:38:04.0418 0x08d4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:38:04.0487 0x08d4  WudfPf - ok
23:38:04.0524 0x08d4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:38:04.0541 0x08d4  WUDFRd - ok
23:38:04.0552 0x08d4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:38:04.0567 0x08d4  wudfsvc - ok
23:38:04.0613 0x08d4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:38:04.0682 0x08d4  WwanSvc - ok
23:38:04.0720 0x08d4  [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbmdm6k     C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
23:38:04.0750 0x08d4  ZTEusbmdm6k - ok
23:38:04.0771 0x08d4  [ 9E74E0D096F8023A68A262A012153182, 133EE39960D9F9E7A24566B5784E8E247ABC0F127CAC7AFA1CF5A4E2C9CC7A9F ] ZTEusbnet       C:\Windows\system32\DRIVERS\ZTEusbnet.sys
23:38:04.0832 0x08d4  ZTEusbnet - ok
23:38:04.0848 0x08d4  [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbnmea      C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
23:38:04.0860 0x08d4  ZTEusbnmea - ok
23:38:04.0904 0x08d4  [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbser6k     C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
23:38:04.0917 0x08d4  ZTEusbser6k - ok
23:38:04.0946 0x08d4  [ BCD008C9FC4B57C107CBCFC3E77B58BA, 3FB91B79A1D8B60859D9FB96F7207E678836183F0D2193FF6F44CD6F12D99F06 ] ZTEusbvoice     C:\Windows\system32\DRIVERS\ZTEusbvoice.sys
23:38:04.0961 0x08d4  ZTEusbvoice - ok
23:38:05.0021 0x08d4  ================ Scan global ===============================
23:38:05.0054 0x08d4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:38:05.0097 0x08d4  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
23:38:05.0112 0x08d4  [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
23:38:05.0139 0x08d4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:38:05.0184 0x08d4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:38:05.0191 0x08d4  [ Global ] - ok
23:38:05.0191 0x08d4  ================ Scan MBR ==================================
23:38:05.0197 0x08d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:38:05.0495 0x08d4  \Device\Harddisk0\DR0 - ok
23:38:05.0520 0x08d4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
23:38:05.0641 0x08d4  \Device\Harddisk2\DR2 - ok
23:38:05.0665 0x08d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
23:38:05.0861 0x08d4  \Device\Harddisk3\DR3 - ok
23:38:05.0866 0x08d4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR14
23:38:05.0995 0x08d4  \Device\Harddisk4\DR14 - ok
23:38:06.0007 0x08d4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
23:38:06.0135 0x08d4  \Device\Harddisk6\DR6 - ok
23:38:06.0147 0x08d4  [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk7\DR7
23:38:08.0086 0x08d4  \Device\Harddisk7\DR7 - ok
23:38:08.0086 0x08d4  ================ Scan VBR ==================================
23:38:08.0088 0x08d4  [ FE8F94EDA9BA791349614ED940F60880 ] \Device\Harddisk0\DR0\Partition1
23:38:08.0090 0x08d4  \Device\Harddisk0\DR0\Partition1 - ok
23:38:08.0103 0x08d4  [ FE68C5A59CC30FC97F1B811DCCF41E9F ] \Device\Harddisk0\DR0\Partition2
23:38:08.0105 0x08d4  \Device\Harddisk0\DR0\Partition2 - ok
23:38:08.0113 0x08d4  [ 78C7E99AD9DB27F834F9ED7D7B7469AA ] \Device\Harddisk2\DR2\Partition1
23:38:08.0115 0x08d4  \Device\Harddisk2\DR2\Partition1 - ok
23:38:08.0118 0x08d4  [ 3F6CCAE49ABC8F508540670D2F20193A ] \Device\Harddisk3\DR3\Partition1
23:38:08.0184 0x08d4  \Device\Harddisk3\DR3\Partition1 - ok
23:38:08.0188 0x08d4  [ A8E88A23457CADA4BEF53E69F3EA7855 ] \Device\Harddisk4\DR14\Partition1
23:38:08.0192 0x08d4  \Device\Harddisk4\DR14\Partition1 - ok
23:38:08.0195 0x08d4  [ 2F264B95E7746336DEAAA9EE3F2C6010 ] \Device\Harddisk6\DR6\Partition1
23:38:08.0196 0x08d4  \Device\Harddisk6\DR6\Partition1 - ok
23:38:08.0199 0x08d4  [ DE42707400A719B462C61C00885F0C19 ] \Device\Harddisk7\DR7\Partition1
23:38:08.0202 0x08d4  \Device\Harddisk7\DR7\Partition1 - ok
23:38:08.0202 0x08d4  ================ Scan generic autorun ======================
23:38:08.0241 0x08d4  [ E0EE92CF36B7C48213C3ECC36F97D2D1, 904AA7E8854B086AA44F7BF7965D8FFF0A2A6D261562E693511F87ADABCD3208 ] C:\Windows\system32\igfxtray.exe
23:38:08.0255 0x08d4  IgfxTray - ok
23:38:08.0276 0x08d4  [ B27C78752257743BAA321E4471A56C14, 2EAB7469B53BD2464937BAAB9DB8F0A6D3A4E83B38C44B49D2AD4966405B1EFE ] C:\Windows\system32\hkcmd.exe
23:38:08.0303 0x08d4  HotKeysCmds - ok
23:38:08.0324 0x08d4  [ 16849A62DB279CDB891E7D51F9CD097F, D5338FC161049A1CE8BB0B16D66752DDD34D87E98A07E7F72CFB87545DAB2EDE ] C:\Windows\system32\igfxpers.exe
23:38:08.0355 0x08d4  Persistence - ok
23:38:08.0421 0x08d4  [ 4503FA7E89950178CAD1B635B501640D, E607913AE096DB1E07B9FE1003DF9F9E294FC512F6CD3DEE8D0FB9851491BA37 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
23:38:08.0539 0x08d4  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
23:38:18.0663 0x08d4  IAStorIcon ( UnsignedFile.Multi.Generic ) - warning
23:38:23.0275 0x08d4  SynTPEnh - ok
23:38:23.0355 0x08d4  [ A6AAD37CDCAE75CB62D039E3A4D8F5E3, 4FF763B0D129175BA1B1E794BA313E6C63F7A89D377C786BF5E730AF2A1D95D1 ] c:\Program Files\Microsoft Security Client\msseces.exe
23:38:23.0416 0x08d4  MSC - ok
23:38:23.0467 0x08d4  [ 63DF58EA2963E8C6ABDBBA45B7273C39, 5B154C8CF4EA8196D33FB4FC1BA2C7C4197FFD552A7874B8E723497DADBDB2EA ] C:\Program Files\IDT\WDM\sttray64.exe
23:38:23.0526 0x08d4  SysTrayApp - ok
23:38:23.0619 0x08d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:38:23.0731 0x08d4  Sidebar - ok
23:38:23.0760 0x08d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:38:23.0779 0x08d4  mctadmin - ok
23:38:23.0820 0x08d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
23:38:23.0861 0x08d4  Sidebar - ok
23:38:23.0867 0x08d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
23:38:23.0883 0x08d4  mctadmin - ok
23:38:24.0041 0x08d4  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
23:38:24.0148 0x08d4  LightScribe Control Panel - ok
23:38:24.0359 0x08d4  [ 22F7B9670AD770C7ED7F4738204C8E5C, 7B793AC094CB1B073419B5DAE09DFBB8EBED03D29301F490AA76EA0667613438 ] C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe
23:38:24.0473 0x08d4  HP Officejet 6500 E710a-f (NET) #2 - ok
23:38:24.0668 0x08d4  [ 094F1705ADBCD41E86E2E7F823C933BF, 784815A68C9836CE416B5E73058473C089974F2F47EAD5497645917F2E582F22 ] C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
23:38:24.0823 0x08d4  DAEMON Tools Pro Agent - ok
23:38:24.0830 0x08d4  Waiting for KSN requests completion. In queue: 9
23:38:25.0830 0x08d4  Waiting for KSN requests completion. In queue: 9
23:38:26.0830 0x08d4  Waiting for KSN requests completion. In queue: 9
23:38:27.0906 0x08d4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.6.305.0 ), 0x61000 ( enabled : updated )
23:38:28.0146 0x08d4  Win FW state via NFP2: enabled ( trusted )
23:38:30.0789 0x08d4  ============================================================
23:38:30.0789 0x08d4  Scan finished
23:38:30.0789 0x08d4  ============================================================
23:38:30.0797 0x1228  Detected object count: 1
23:38:30.0797 0x1228  Actual detected object count: 1
23:38:41.0901 0x1228  IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
23:38:41.0901 0x1228  IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
__________________

Alt 16.02.2016, 23:44   #4
rogi
 
Rechner sehr langsam... Schadsoftware? - Standard

Rechner sehr langsam... Schadsoftware?



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-02-2016
durchgeführt von User (Administrator) auf USER-PC (16-02-2016 23:40:10)
Gestartet von C:\Users\User\Desktop\Trojaner Board\Software
Geladene Profile: User (Verfügbare Profile: User)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Kaspersky Lab ZAO) C:\Users\User\Desktop\Trojaner Board\tdsskiller.exe
(Kaspersky Lab ZAO) C:\Users\User\AppData\Local\Temp\{54FA4406-162E-4BB6-BD34-BAE55A9A1213}\{4C26AAB9-820B-4A56-88BC-36C6006A5C4B}.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [489472 2010-09-07] (IDT, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\Run: [HP Officejet 6500 E710a-f (NET) #2] => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd)
HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\...\MountPoints2: {af71f376-ead3-11e2-a1bd-68b599f75435} - G:\setup_vmc_lite.exe /checkApplicationPresence
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.69.100.109 80.69.100.205
Tcpip\..\Interfaces\{8FBEAC2B-F251-45B5-AFC9-DFBA5B1E82B9}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{A52F3BDA-9BC2-4DDC-B25C-07978C98DEC2}: [DhcpNameServer] 80.69.102.158 80.69.100.205
Tcpip\..\Interfaces\{B2B268F7-5B1E-4D6E-BDD2-9338974D3137}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{E263C5B3-D08D-42C1-BE79-6D2EA2FD1A9C}: [DhcpNameServer] 80.69.100.109 80.69.100.205

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3016557714-3445558072-1501865236-1000 -> {1D2814DD-9EEC-9328-ACF5-019A951302FD} URL = 
SearchScopes: HKU\S-1-5-21-3016557714-3445558072-1501865236-1000 -> {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = 
SearchScopes: HKU\S-1-5-21-3016557714-3445558072-1501865236-1000 -> {D6886659-B755-4CF0-B7DF-E66265ED1284} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-09-26] (Wondershare)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-27] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-27] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  Keine Datei
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\c1icl002.default
FF Homepage: www.t-online.de
FF NetworkProxy: "autoconfig_url", "hxxp://share-online.biz/"
FF NetworkProxy: "backup.ftp", "176.57.216.214"
FF NetworkProxy: "backup.ftp_port", 13229
FF NetworkProxy: "backup.socks", "176.57.216.214"
FF NetworkProxy: "backup.socks_port", 13229
FF NetworkProxy: "backup.ssl", "176.57.216.214"
FF NetworkProxy: "backup.ssl_port", 13229
FF NetworkProxy: "ftp", "201.20.183.218"
FF NetworkProxy: "ftp_port", 3128
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "201.20.183.218"
FF NetworkProxy: "http_port", 3128
FF NetworkProxy: "no_proxies_on", "localhost.127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "201.20.183.218"
FF NetworkProxy: "socks_port", 3128
FF NetworkProxy: "ssl", "201.20.183.218"
FF NetworkProxy: "ssl_port", 3128
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.0-git-20120215-0402 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-01-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-10] (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2014-12-16] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.t-online.de/"
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Polinolik) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhdlkgdfnfknoggcofedgbgkmihlljof [2016-01-08]
CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Color change Elpais.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpdeacamddgmbaabblmdakmjaegcihfp [2016-01-22]
CHR Extension: (Color change Reddit.com) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fobganfgpicceldbkkcbmdgdhajcfcko [2016-01-26]
CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-08]
CHR Extension: (Color change MSN) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjcnemhepiocifbibahamenpbggdijc [2016-01-16]
CHR Extension: (Веб Защитник) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgohccogoodegafphlkecagmlaiocceb [2016-01-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 anvsnddrv; C:\Windows\System32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2015-12-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-11-16] (Intel Corporation)
R3 IFXTPM; C:\Windows\System32\DRIVERS\IFXTPM.SYS [58880 2008-07-31] (Infineon Technologies AG)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 RICOH SmartCard Reader; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
R2 risdptsk; C:\Windows\System32\DRIVERS\risdsn64.sys [76288 2009-09-24] (REDC)
R3 rismcx64; C:\Windows\System32\DRIVERS\rismcx64.sys [59008 2009-07-20] (RICOH Company, Ltd.)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2012-03-14] (Realtek Semiconductor Corporation                           )
S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2976472 2013-09-02] (Realtek Semiconductor Corporation                           )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1803904 2010-06-03] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-21] (Duplex Secure Ltd.)
U3 ae6vf9u9; C:\Windows\System32\Drivers\ae6vf9u9.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
U3 akfcn98a; C:\Windows\System32\Drivers\akfcn98a.sys [0 ] (Intel Corporation) <==== ACHTUNG (Null Byte Datei/Ordner)
S3 GDPkIcpt; \??\C:\Windows\system32\drivers\PktIcpt.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-16 23:35 - 2016-02-16 23:38 - 00223556 _____ C:\TDSSKiller.3.1.0.9_16.02.2016_23.35.18_log.txt
2016-02-16 23:26 - 2016-02-16 23:27 - 00000000 ____D C:\Users\User\Downloads\Orphan.Black.S03E01.Operation.Helsinki.GERMAN.DUBBED.WS.BDRip.x264-TVP
2016-02-15 05:31 - 2016-02-15 05:54 - 00000000 ____D C:\Users\User\Downloads\Nele in Berlin - DVDRip - x264 2015
2016-02-14 21:21 - 2016-02-14 21:32 - 00000000 ____D C:\Users\User\Downloads\Barbie in Das Agententeam - Synced DVDRip - x264 und XViD 2016
2016-02-13 03:13 - 2016-02-13 03:13 - 11815203 _____ C:\Users\User\Downloads\faz 2016.02.13.pdf
2016-02-10 00:28 - 2016-02-10 01:28 - 08817344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-02-07 22:35 - 2016-02-07 22:35 - 66734486 _____ C:\Users\User\Downloads\S-u-n-d-a-y- S-p-o-r-t - 7 February 2016.pdf
2016-02-06 08:12 - 2016-02-06 08:12 - 08189167 _____ C:\Users\User\Downloads\faz 2016.02.06.pdf
2016-02-04 02:56 - 2016-02-04 02:56 - 01153701 _____ C:\Users\User\Downloads\filesharing_linhart.pdf
2016-02-03 19:42 - 2016-02-03 19:42 - 00031525 _____ C:\Users\User\Downloads\Konto_1095001862-Auszug_2016_002.PDF
2016-01-30 03:19 - 2016-01-30 03:19 - 13817037 _____ C:\Users\User\Downloads\faz 2016.01.30.pdf
2016-01-27 03:09 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-01-27 03:09 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-01-27 03:09 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-01-27 03:09 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-01-27 03:09 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-01-27 03:09 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-01-27 03:07 - 2015-07-23 01:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-27 03:07 - 2015-07-23 01:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-01-27 03:07 - 2015-07-23 01:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-01-27 03:07 - 2015-07-23 01:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-01-27 03:07 - 2015-07-23 01:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-01-27 03:07 - 2015-07-23 01:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-01-27 03:07 - 2015-07-23 01:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-01-27 03:07 - 2015-07-23 00:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-01-27 03:07 - 2015-07-23 00:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-01-27 03:07 - 2015-07-22 18:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-01-27 03:07 - 2015-07-22 18:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-01-27 03:07 - 2015-07-22 18:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-01-27 03:07 - 2015-07-22 18:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-01-27 03:07 - 2015-07-22 18:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-01-27 03:07 - 2015-07-22 18:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-01-27 03:07 - 2015-07-22 18:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 18:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2016-01-27 03:07 - 2015-07-22 17:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-01-27 03:07 - 2015-07-22 17:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-01-27 03:07 - 2015-07-22 17:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-01-27 03:07 - 2015-07-22 17:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-01-27 03:06 - 2015-12-16 19:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-01-27 03:06 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-01-27 03:06 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-01-27 03:06 - 2015-12-16 19:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-01-27 03:06 - 2015-12-16 19:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-01-27 03:06 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-01-27 03:06 - 2015-12-16 19:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-01-27 03:06 - 2015-12-16 19:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-01-27 03:06 - 2015-12-16 15:38 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2016-01-27 03:06 - 2015-12-16 15:37 - 00419928 _____ C:\Windows\system32\locale.nls
2016-01-27 03:06 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2016-01-27 03:06 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2016-01-27 03:06 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2016-01-27 03:06 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2016-01-27 03:06 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2016-01-27 03:06 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2016-01-27 03:06 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2016-01-27 03:06 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2016-01-27 03:06 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-01-27 03:06 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2016-01-27 03:06 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2016-01-27 03:06 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2016-01-27 03:06 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-01-27 03:06 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2016-01-27 03:06 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2016-01-27 03:06 - 2015-08-05 19:02 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-01-27 03:06 - 2015-08-05 19:02 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-01-27 03:06 - 2015-08-05 18:56 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-01-27 03:06 - 2015-08-05 17:38 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-01-27 03:06 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2016-01-27 03:06 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2016-01-27 03:06 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2016-01-27 03:06 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-01-27 03:05 - 2015-08-05 18:56 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-01-27 03:05 - 2015-08-05 18:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-01-27 03:05 - 2015-08-05 18:55 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-01-27 03:05 - 2015-08-05 18:50 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-01-27 03:05 - 2015-08-05 18:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-01-27 03:05 - 2015-08-05 18:46 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-01-27 03:05 - 2015-08-05 18:41 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-01-27 03:05 - 2015-08-05 18:40 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-01-27 03:05 - 2015-08-05 18:39 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-01-27 03:05 - 2015-08-05 18:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-01-27 03:05 - 2015-08-05 18:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-01-27 03:05 - 2015-08-05 18:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-01-27 03:05 - 2015-08-05 18:34 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-01-27 03:05 - 2015-08-05 18:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-01-27 03:05 - 2015-08-05 18:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-01-27 03:05 - 2015-08-05 17:37 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-01-27 03:05 - 2015-08-05 17:37 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-01-27 03:05 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-01-27 03:05 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-01-27 02:56 - 2015-11-17 02:11 - 00025024 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-01-27 02:56 - 2015-11-17 02:08 - 01381376 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00792064 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00705536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00505856 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-01-27 02:56 - 2015-11-17 02:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-01-27 02:56 - 2015-11-17 01:58 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-01-27 02:56 - 2015-11-16 21:17 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-25 01:24 - 2016-01-29 16:37 - 00000000 ____D C:\Users\User\Downloads\Bibi und Tina - Teil 3 -Mädchen gegen Jungs - Soundtrack
2016-01-23 11:34 - 2016-01-23 11:34 - 13755692 _____ C:\Users\User\Downloads\faz 2016.01.23.pdf
2016-01-20 06:05 - 2015-12-09 08:08 - 00025831 _____ C:\Users\User\Desktop\Bewerberkosten_Abrechnungsformular  mit IBAN 2015vvv.PDF
2016-01-19 05:44 - 2016-01-19 05:44 - 00111536 _____ C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-19 05:43 - 2016-01-30 13:45 - 05057408 _____ C:\Windows\system32\FNTCACHE.DAT

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-02-16 23:40 - 2015-08-10 15:26 - 00000000 ____D C:\FRST
2016-02-16 23:39 - 2015-08-10 15:25 - 00000000 ____D C:\Users\User\Desktop\Trojaner Board
2016-02-16 23:28 - 2013-05-30 20:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-16 23:22 - 2016-01-08 17:04 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-16 21:19 - 2013-04-19 21:26 - 00000000 ____D C:\Users\User\AppData\Local\Microsoft Help
2016-02-16 20:47 - 2014-11-18 07:15 - 00000000 ____D C:\Users\User\AppData\Roaming\FileZilla
2016-02-16 09:04 - 2009-07-14 05:45 - 00016000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-16 09:04 - 2009-07-14 05:45 - 00016000 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-16 06:21 - 2016-01-08 17:04 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-16 02:17 - 2014-02-08 11:12 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc
2016-02-15 23:55 - 2015-10-03 04:21 - 00000000 ___RD C:\Users\User\Downloads\Source
2016-02-15 07:53 - 2011-11-12 08:48 - 00000000 ___RD C:\Users\User\Downloads\Musik
2016-02-15 04:22 - 2009-07-14 18:58 - 00704252 _____ C:\Windows\system32\perfh007.dat
2016-02-15 04:22 - 2009-07-14 18:58 - 00151358 _____ C:\Windows\system32\perfc007.dat
2016-02-15 04:22 - 2009-07-14 06:13 - 01632858 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-15 04:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-02-15 04:00 - 2014-08-26 03:52 - 00000000 ___RD C:\Users\User\Downloads\Neuere Progs - Installation ab und an prüfen oder archivieren auf HDD
2016-02-14 23:14 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-14 20:35 - 2015-10-14 23:40 - 00000000 ___RD C:\Users\User\Downloads\Serien Poster und Links zu abload.de
2016-02-12 08:58 - 2015-02-03 10:50 - 00000000 ____D C:\Users\User\AppData\Local\JDownloader v2.0
2016-02-10 21:36 - 2016-01-08 17:05 - 00002204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 21:36 - 2016-01-08 17:05 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-10 06:17 - 2016-01-08 17:04 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-10 06:16 - 2016-01-08 17:04 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-10 01:28 - 2013-05-30 20:31 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-10 01:28 - 2013-04-19 18:59 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-10 01:28 - 2013-04-19 18:59 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-08 05:01 - 2015-11-04 11:42 - 00073728 ___SH C:\Users\User\Thumbs.db
2016-02-06 11:24 - 2013-04-21 18:56 - 00000000 ____D C:\Users\User\AppData\Local\PokerStars.EU
2016-02-06 11:22 - 2013-04-21 18:14 - 00000000 ____D C:\Program Files (x86)\PokerStars
2016-02-03 23:29 - 2013-03-27 06:29 - 00000000 ___RD C:\Users\User\Downloads\Filme
2016-01-28 06:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2016-01-27 03:44 - 2015-08-02 05:31 - 00000000 ___SD C:\Windows\system32\GWX
2016-01-27 03:29 - 2015-08-02 05:31 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-01-27 03:29 - 2015-08-02 05:31 - 00000000 ____D C:\Windows\system32\appraiser
2016-01-27 03:29 - 2014-04-24 02:01 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-01-27 03:17 - 2013-04-17 10:45 - 01607138 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-01-27 02:47 - 2013-10-18 17:55 - 00000000 ____D C:\ProgramData\Oracle
2016-01-27 02:46 - 2013-10-18 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-27 02:46 - 2013-07-03 09:23 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-27 02:45 - 2015-09-06 02:33 - 00000000 ____D C:\Users\User\.oracle_jre_usage
2016-01-27 02:45 - 2014-10-22 02:05 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-01-18 14:35 - 2013-04-16 16:24 - 00000000 ____D C:\Windows\Panther
2016-01-18 14:34 - 2014-02-19 09:24 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2016-01-18 14:34 - 2014-01-23 02:01 - 00000000 ____D C:\Program Files (x86)\i-Funbox DevTeam
2016-01-18 14:34 - 2013-09-19 17:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-18 14:34 - 2013-05-15 20:47 - 00000000 ____D C:\Users\User\AppData\Roaming\dvdcss
2016-01-18 14:34 - 2013-05-14 15:30 - 00000000 ___RD C:\Users\User\Documents\Eigene Dateien
2016-01-18 14:34 - 2013-04-19 20:53 - 00000000 ____D C:\Program Files\WinRAR
2016-01-18 14:34 - 2013-04-17 10:48 - 00000000 ____D C:\Users\User\AppData\Roaming\hpqLog
2016-01-18 14:33 - 2014-03-05 23:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2016-01-18 14:33 - 2014-02-15 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glidos
2016-01-18 14:33 - 2013-06-06 02:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iDevice Manager

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-04-30 03:03 - 2014-04-30 03:03 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2014-05-17 21:00 - 2014-06-20 21:25 - 0006144 _____ () C:\Users\User\AppData\Roaming\com.apple.antiphishing.db
2013-06-06 02:41 - 2013-06-06 02:41 - 0000053 _____ () C:\Users\User\AppData\Roaming\java.bat
2013-06-06 02:41 - 2013-06-06 02:41 - 0000050 _____ () C:\Users\User\AppData\Roaming\java2.bat
2015-04-08 00:51 - 2015-10-28 19:24 - 0004096 ____H () C:\Users\User\AppData\Local\keyfile3.drm
2014-02-19 09:23 - 2014-02-19 09:23 - 0000057 _____ () C:\ProgramData\Ament.ini

Einige Dateien in TEMP:
====================
C:\Users\User\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\User\AppData\Local\Temp\proxy_vole3697041688984848640.dll
C:\Users\User\AppData\Local\Temp\proxy_vole686741733397400976.dll
C:\Users\User\AppData\Local\Temp\proxy_vole8623840370079411159.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-14 23:44

==================== Ende von FRST.txt ============================
         
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-02-2016
durchgeführt von User (2016-02-16 23:41:08)
Gestartet von C:\Users\User\Desktop\Trojaner Board\Software
Windows 7 Professional Service Pack 1 (X64) (2013-04-16 14:33:38)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3016557714-3445558072-1501865236-500 - Administrator - Disabled)
Gast (S-1-5-21-3016557714-3445558072-1501865236-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3016557714-3445558072-1501865236-1009 - Limited - Enabled)
User (S-1-5-21-3016557714-3445558072-1501865236-1000 - Administrator - Enabled) => C:\Users\User

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AD MP3 Cutter 2 (HKLM-x32\...\AD MP3 Cutter_is1) (Version:  - Adrosoft)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Any Video Converter Ultimate 5.5.0 (HKLM-x32\...\Any Video Converter Ultimate_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.0.5.510 - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: 1.6.1.140 - Online Media Technologies Ltd.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{F194B9D2-5BB0-4A36-912A-861DE0652181}) (Version: 1.23.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0315.0262 - DT Soft Ltd)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Foxit Advanced PDF Editor 3 (HKLM-x32\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.4.0 - Foxit Corporation)
Foxit PhantomPDF (HKLM\...\{32811961-AC26-4F60-8085-9A0D73EB409B}) (Version: 5.0.3.811 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät (HKLM\...\{F28BD099-9FC0-4A03-A605-E069B8D17D47}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710a-f Hilfe (HKLM-x32\...\{037CD593-D760-4A00-B030-7BBAFA1123FE}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50008.0 - Sonix)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6222.0 - IDT)
iFunbox (v2.1.2228.731), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.1.2228.731 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version:  - Intel Corporation)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2993 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.5.0.1066 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
LAV Filters 0.67 (HKLM-x32\...\lavfilters_is1) (Version: 0.67 - Hendrik Leppkes)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MKVToolNix 5.8.0 (HKLM-x32\...\MKVToolNix) (Version: 5.8.0 - Moritz Bunkus)
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
Nero Burning ROM 2014 (HKLM-x32\...\{B0E4ACBC-4CFA-4B6D-9B7B-E13C171BCC23}) (Version: 15.0.05300 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
RICOH Media Driver (HKLM-x32\...\{F5CC2EF8-20A4-4366-A681-3FE849E65809}) (Version: 2.14.00.05 - RICOH)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Subtitle Edit 3.4.10 (HKLM-x32\...\SubtitleEdit_is1) (Version: 3.4.10.1 - Nikse)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.24.0 - Synaptics Incorporated)
TP-LINK TL-WN725N Treiber (HKLM-x32\...\{CA236E47-2B28-40F3-8DDB-45BE148AD986}) (Version: 1.2.1 - TP-LINK)
Validity Fingerprint Driver (HKLM\...\{DD966CEF-5EA9-4BA2-B210-490FEBC27EA7}) (Version: 4.0.15.0 - Validity Sensors, Inc.)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Video Converter Studio V3.0.9 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 3.0.9 - Apowersoft)
Video Download Capture Version 4.9.1 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.9.1 - APOWERSOFT LIMITED)
VirtualDub 1.9.6 US (HKLM-x32\...\{1FF7993C-23B1-4C91-B1F6-09D13C57A06A}_is1) (Version: 1.9.6 - Trad-Fr)
VirtualDub Plugin Pack 1.0.0.6 US (HKLM-x32\...\{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1) (Version: 1.0.0.6 - Trad-Fr)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.01 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wondershare PDF Password Remover (Build 1.3.0) (HKLM-x32\...\{1719FAD6-2F6A-4F5E-BF2B-1F6F6F1E3806_PasswordRemover}_is1) (Version:  - Wondershare Software)
Wondershare Video Converter Ultimate(Build 7.4.1.1) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 7.4.1.1 - Wondershare Software)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1797F627-DDDF-45B5-94F1-B9EDE3E49814} - System32\Tasks\{320A440C-0F2A-4966-811E-BFABC6749FC1} => pcalua.exe -a C:\Users\User\AppData\Roaming\vi-view\UninstallManager.exe -c  -ptid=cor
Task: {265F8100-DDE4-4B1C-A8D0-40216E2871B8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {2F77DDFD-793D-42D0-99B9-E9674FBDD9B7} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2013-05-19] ()
Task: {3407E895-FED1-4F22-99A2-7ABE407CAEAE} - System32\Tasks\HP Officejet 6500 E710a-f.exe => C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HP Officejet 6500 E710a-f.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {94B3A670-9800-40D4-BF6E-44545502A612} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {96E74A6E-8A3D-426A-A8EA-3F0F2E061480} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {99FDDC52-CBE5-49C4-A252-02C1D1E466EF} - System32\Tasks\{D55D8F63-D9CD-4222-9F5A-E80FAE7EED0D} => pcalua.exe -a "C:\Users\User\Downloads\Tomb Raider 1\Glidos_v1_33.exe" -d "C:\Users\User\Downloads\Tomb Raider 1"
Task: {AB21CBF0-39F4-47DB-B423-BAF6DD1ABCF8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {BA451097-27DB-4F39-A2FB-D27E51EAD862} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)
Task: {BB549557-4770-446D-BDAA-606BCBDE12EA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.)
Task: {CFD22573-B74A-4DF7-9D26-B16BBC2C91F1} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {DF467FA0-A217-4342-A2E0-6E1617A4A869} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-12-16 09:49 - 2013-08-23 13:36 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-10 20:12 - 2012-01-10 20:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2011-03-04 11:02 - 2011-03-04 11:02 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:1677AB3F
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:527B6DAD
AlternateDataStreams: C:\ProgramData\TEMP:7FFED16F
AlternateDataStreams: C:\ProgramData\TEMP:A303874F
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81
AlternateDataStreams: C:\ProgramData\TEMP:BF3D62E7
AlternateDataStreams: C:\ProgramData\TEMP:FD9CE1F3

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-09-21 06:43 - 00000458 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 irusscan.jotti.org
127.0.0.1 www.filterbit.com
127.0.0.1 activate.adobe.com127.0.0.1 support.apowersoft.com
127.0.0.1 www.apowersoft.com
127.0.0.1 apowersoft.com127.0.0.1 apowersoft.com
127.0.0.1 apowersoft.com
127.0.0.1 apowersoft.com
127.0.0.1 apowersoft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3016557714-3445558072-1501865236-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 80.69.100.109 - 80.69.100.205
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{F5DD1172-0756-4561-8AF7-2453048F9DE2}] => (Allow) LPort=7935
FirewallRules: [{188EBBED-41FD-4F52-94F3-4FB70E4F5FFE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3AD55D69-B824-4EEF-B8D5-59567ADB7359}] => (Allow) LPort=2869
FirewallRules: [{1264F26D-9480-4E01-9E9B-60D86E05CED3}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{B44E0228-ABDF-43B7-BE71-3BD2B3FFE853}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{4163F90F-E31F-4B1A-979F-37FC4B8AC081}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [TCP Query User{B1F531CE-5FA5-43BF-AE77-0D6758E2D525}C:\Program Files\HP\hp officejet 6500 e710a-f\Bin\hpnetworkcommunicator.exe] => (Block) C:\Program Files\HP\hp officejet 6500 e710a-f\Bin\hpnetworkcommunicator.exe
FirewallRules: [UDP Query User{8F2F4A40-74A9-4D89-B5AD-3946422E6B16}C:\Program Files\HP\hp officejet 6500 e710a-f\Bin\hpnetworkcommunicator.exe] => (Block) C:\Program Files\HP\hp officejet 6500 e710a-f\Bin\hpnetworkcommunicator.exe
FirewallRules: [{26B1FCA2-BC39-4EC0-BFCA-75C90B80D193}] => (Allow) D:\fsetup.exe
FirewallRules: [{8EC17EA7-EA98-4EA2-9054-4C279373506B}] => (Allow) D:\fsetup.exe
FirewallRules: [TCP Query User{3CB037D4-2A5E-4C0A-98F8-0B663FC14C66}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [UDP Query User{771035ED-F558-4B17-9655-54B5F32FC7AE}C:\windows\system32\wfs.exe] => (Allow) C:\windows\system32\wfs.exe
FirewallRules: [TCP Query User{531ED16F-744D-47B1-91BF-CA47241561D9}C:5\iphone\iphone jailbreak soft incl. sicherung julias iphone (vor jail break)\tinyumbrella-6.14.00.exe] => (Allow) C:5\iphone\iphone jailbreak soft incl. sicherung julias iphone (vor jail break)\tinyumbrella-6.14.00.exe
FirewallRules: [UDP Query User{A6595470-F4CF-4B31-B4A1-428372941895}C:5\iphone\iphone jailbreak soft incl. sicherung julias iphone (vor jail break)\tinyumbrella-6.14.00.exe] => (Allow) C:5\iphone\iphone jailbreak soft incl. sicherung julias iphone (vor jail break)\tinyumbrella-6.14.00.exe
FirewallRules: [{A1F577CE-24C0-4102-837F-E648502EF065}] => (Allow) LPort=51001
FirewallRules: [{753B4BBC-AA75-4C98-9FD4-37E599F66680}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\FaxApplications.exe
FirewallRules: [{063B4BFD-26A4-4E15-A20B-42A6E0C29EB1}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\DigitalWizards.exe
FirewallRules: [{A65653DE-04FE-450F-83A8-08F5A7339DBC}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\bin\SendAFax.exe
FirewallRules: [{C10A8CF6-3A07-4FC4-98E1-AB210518BCAA}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\DeviceSetup.exe
FirewallRules: [{0F1AAE90-5965-462A-BDA7-9E3686B733BC}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D59617AB-BF57-40A2-9E9E-AAC807E13FF7}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710a-f\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{C1E269CE-E07B-4334-8300-0C9305B16391}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [{07FAA6EF-25A7-43A3-85E0-AD11F46F3070}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [TCP Query User{D09B234A-1185-4E89-B482-1C36462CC077}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Block) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{422344CC-31C7-4BBE-BE5A-6764CB26B74B}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Block) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [TCP Query User{09DCACD1-21CF-4982-B6F8-B2ACA0F69EF9}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{05651201-24B6-4362-9DDE-172698783FDA}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [{F5222DA9-C714-429E-A1C1-CE310634EE0E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{914AE8C4-9DA8-4EB0-8EFB-7698536BF822}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{1E3C19E8-DAB3-4A3E-837C-C66ACFF9E7B6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{924F66EA-9713-4E3C-9267-38991073D6E2}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{6BE5431E-377B-459F-9215-9F80651E364E}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{A49CAF3E-480A-40F2-A63C-4DAACBBF1B7D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{906E03EF-8330-480C-8B04-C1E0E0B3BAF1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{C7ABF4C6-73E4-4830-B982-B55C0357BA05}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{555FC809-2F5A-48F3-BBB0-C869FA9E07DA}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{DB8C5B05-838B-4275-85BC-8374E2D8243B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{E4AEC30F-0CDC-47E6-ADE8-9A25DAC3DBB0}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{684837BF-99E5-4AA3-97ED-E73194E2690A}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{21629ADF-B9C2-4152-9B5B-4292AFA6660F}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{D7E8AAD7-76D4-4030-B34D-E27550840381}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [TCP Query User{555FAC50-4ED1-48ED-80C1-33D251D1AFA3}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [UDP Query User{96994534-FAB2-4FD1-BF02-2DA1218BC3E2}C:\program files (x86)\filezilla ftp client\filezilla.exe] => (Allow) C:\program files (x86)\filezilla ftp client\filezilla.exe
FirewallRules: [{89B3EC1D-B3E1-4AC0-89E6-261CF86B5448}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A1FD17EA-5DE3-4D00-B346-2E02EAB38373}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4A8A162D-1A8A-4A08-BD83-14BC4C2A8EB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{562F369C-50A9-4362-8624-C242ADF3BFD7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F50608B2-B89C-4E8B-B974-B288E14588AB}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video-Converter-Studio.exe
FirewallRules: [{1C7673D2-B6CA-4A2B-82E1-9D0ACB03BDE1}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\VideoConverterStudio.exe
FirewallRules: [{9C81460D-4AE9-4FDD-9526-64F1206C3032}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{5BFA36E5-E0E8-4669-BCEC-C84098F8919B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4376F8B3-1695-4D52-9DEB-49F26D72AA68}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{37D4D4D1-A3A8-49DD-A2E1-1A0D5A4F1C1D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

06-02-2016 14:23:40 Windows Update
09-02-2016 17:18:37 Windows Update
12-02-2016 17:31:14 Windows Update
16-02-2016 00:17:54 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter
Description: Realtek RTL8188CU Wireless LAN 802.11n USB 2.0 Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RtlWlanu
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (02/14/2016 11:14:44 PM) (Source: Microsoft Fax) (EventID: 32112) (User: )
Description: Es können keine Faxe archiviert und keine eingehenden Faxe weitergeleitet werden, da im Faxdienst Probleme mit dem Archivspeicherort aufgetreten sind. Der Dienst kann auf den Ordner "C:\Users\User\Downloads" oder einige darin enthaltene Unterordner nicht zugreifen.

 Sie können den Speicherort des Archivordners auf der Eigenschaftenseite des Faxdruckers oder im Faxdienst-Manager ändern. Weitere Informationen erhalten Sie unter Problembandlung in der Hilfe zum Faxdienst.

 Win32-Fehlercode: 5
 Dieser Fehlercode gibt die Ursache des Fehlers an.
 Ein detaillierter Windows-Fehlerbericht bezüglich des Problems wurde generiert.

Error: (02/06/2016 04:41:09 PM) (Source: Microsoft Fax) (EventID: 32112) (User: )
Description: Es können keine Faxe archiviert und keine eingehenden Faxe weitergeleitet werden, da im Faxdienst Probleme mit dem Archivspeicherort aufgetreten sind. Der Dienst kann auf den Ordner "C:\Users\User\Downloads" oder einige darin enthaltene Unterordner nicht zugreifen.

 Sie können den Speicherort des Archivordners auf der Eigenschaftenseite des Faxdruckers oder im Faxdienst-Manager ändern. Weitere Informationen erhalten Sie unter Problembandlung in der Hilfe zum Faxdienst.

 Win32-Fehlercode: 5
 Dieser Fehlercode gibt die Ursache des Fehlers an.
 Ein detaillierter Windows-Fehlerbericht bezüglich des Problems wurde generiert.

Error: (01/30/2016 01:44:39 PM) (Source: Microsoft Fax) (EventID: 32112) (User: )
Description: Es können keine Faxe archiviert und keine eingehenden Faxe weitergeleitet werden, da im Faxdienst Probleme mit dem Archivspeicherort aufgetreten sind. Der Dienst kann auf den Ordner "C:\Users\User\Downloads" oder einige darin enthaltene Unterordner nicht zugreifen.

 Sie können den Speicherort des Archivordners auf der Eigenschaftenseite des Faxdruckers oder im Faxdienst-Manager ändern. Weitere Informationen erhalten Sie unter Problembandlung in der Hilfe zum Faxdienst.

 Win32-Fehlercode: 5
 Dieser Fehlercode gibt die Ursache des Fehlers an.
 Ein detaillierter Windows-Fehlerbericht bezüglich des Problems wurde generiert.

Error: (01/27/2016 03:32:42 AM) (Source: Microsoft Fax) (EventID: 32112) (User: )
Description: Es können keine Faxe archiviert und keine eingehenden Faxe weitergeleitet werden, da im Faxdienst Probleme mit dem Archivspeicherort aufgetreten sind. Der Dienst kann auf den Ordner "C:\Users\User\Downloads" oder einige darin enthaltene Unterordner nicht zugreifen.

 Sie können den Speicherort des Archivordners auf der Eigenschaftenseite des Faxdruckers oder im Faxdienst-Manager ändern. Weitere Informationen erhalten Sie unter Problembandlung in der Hilfe zum Faxdienst.

 Win32-Fehlercode: 5
 Dieser Fehlercode gibt die Ursache des Fehlers an.
 Ein detaillierter Windows-Fehlerbericht bezüglich des Problems wurde generiert.

Error: (01/21/2016 09:28:24 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WINWORD.EXE, Version 14.0.7134.5000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1268

Startzeit: 01d154809813946c

Endzeit: 866

Anwendungspfad: C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

Berichts-ID: 7232025e-c07d-11e5-8d47-68b599f75435

Error: (01/19/2016 05:44:10 AM) (Source: Microsoft Fax) (EventID: 32112) (User: )
Description: Es können keine Faxe archiviert und keine eingehenden Faxe weitergeleitet werden, da im Faxdienst Probleme mit dem Archivspeicherort aufgetreten sind. Der Dienst kann auf den Ordner "C:\Users\User\Downloads" oder einige darin enthaltene Unterordner nicht zugreifen.

 Sie können den Speicherort des Archivordners auf der Eigenschaftenseite des Faxdruckers oder im Faxdienst-Manager ändern. Weitere Informationen erhalten Sie unter Problembandlung in der Hilfe zum Faxdienst.

 Win32-Fehlercode: 5
 Dieser Fehlercode gibt die Ursache des Fehlers an.
 Ein detaillierter Windows-Fehlerbericht bezüglich des Problems wurde generiert.

Error: (01/18/2016 03:13:18 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/18/2016 03:13:17 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=3800} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.

Kontext: Windows Anwendung, SystemIndex Katalog

Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (01/13/2016 10:06:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVCUltimate.exe, Version: 5.5.0.1, Zeitstempel: 0x528f1247
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x19f0
Startzeit der fehlerhaften Anwendung: 0xAVCUltimate.exe0
Pfad der fehlerhaften Anwendung: AVCUltimate.exe1
Pfad des fehlerhaften Moduls: AVCUltimate.exe2
Berichtskennung: AVCUltimate.exe3

Error: (01/12/2016 11:16:23 AM) (Source: ESENT) (EventID: 482) (User: )
Description: Windows (3456) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSSres00002.jrs" bei Offset 0 (0x0000000000000000) für 1048576 (0x00100000) Bytes zu schreiben, ist nach Windows0 Sekunden mit Systemfehler 112 (0x00000070): "Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung. " fehlgeschlagen. Fehler -1808 (0xfffff8f0) bei Schreiboperation. Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss aus einer vorherigen Sicherung wiederhergestellt werden.


Systemfehler:
=============
Error: (02/16/2016 05:48:33 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (02/15/2016 03:56:04 AM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk3\DR3 gefunden.

Error: (02/14/2016 11:14:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎14.‎02.‎2016 um 23:13:33 unerwartet heruntergefahren.

Error: (02/14/2016 07:42:47 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.

Error: (02/09/2016 01:23:30 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (02/07/2016 03:58:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Biometriedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/07/2016 03:58:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Biometriedienst erreicht.

Error: (02/06/2016 07:36:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.

Error: (02/02/2016 10:25:15 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst LanmanServer erreicht.

Error: (01/31/2016 04:12:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows-Biometriedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


CodeIntegrity:
===================================
  Date: 2014-01-23 03:54:29.680
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\netaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-01-23 03:54:29.481
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\netaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5 CPU M 540 @ 2.53GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 3887.38 MB
Verfügbarer physikalischer RAM: 1971.17 MB
Summe virtueller Speicher: 7772.96 MB
Verfügbarer virtueller Speicher: 4869.78 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:76.99 GB) NTFS
Drive e: () (Removable) (Total:14.73 GB) (Free:14.73 GB) FAT32
Drive h: (TOSHIBA EXT) (Fixed) (Total:2794.52 GB) (Free:802.24 GB) NTFS
Drive i: (KIDS(2)-3TB) (Fixed) (Total:2794.25 GB) (Free:681.53 GB) FAT32
Drive j: (Blaulicht 64 GB) (Removable) (Total:57.84 GB) (Free:24.56 GB) NTFS
Drive s: (Alles Drin 2 TB) (Fixed) (Total:1863.01 GB) (Free:194.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: EBA38C53)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 14.7 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00401036)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 57.8 GB) (Disk ID: 00000000)

Partition: GPT.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 6.
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 7.

==================== Ende von Addition.txt ============================
         

Alt 17.02.2016, 01:30   #5
burningice
/// Malwareteam
 
Rechner sehr langsam... Schadsoftware? - Standard

Rechner sehr langsam... Schadsoftware?



Lesestoff:
Illegale Software: Cracks, Keygens und Co
Code:
ATTFilter
C:\Windows\AutoKMS\AutoKMS.exe
127.0.0.1 activate.adobe.com
127.0.0.1 support.apowersoft.com
         
Die unter anderem von mir kopierten Zeilen deuten darauf hin, dass du unrechtmäßig erworbene Software verwendest.
Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

__________________
Mfg,
Rafael

~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~

Unterstütze uns mit einer Spende
......... Lob, Kritik oder Wünsche .........
.......... Folge uns auf Facebook ..........

Antwort

Themen zu Rechner sehr langsam... Schadsoftware?
avast, bonjour, converter, defender, desktop, dnsapi.dll, explorer, firefox, flash player, google, homepage, iexplore.exe, installation, langsam, officejet, prozesse, realtek, registry, scan, security, services.exe, svchost.exe, system, temp, trojaner, trojaner board, windows




Ähnliche Themen: Rechner sehr langsam... Schadsoftware?


  1. Rechner sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 01.02.2016 (10)
  2. Rechner sehr langsam geworden, Schadsoftware bei Mbam gefunden
    Log-Analyse und Auswertung - 09.12.2015 (11)
  3. Windows bzw. ganzer Rechner läuft sehr sehr langsam.....
    Plagegeister aller Art und deren Bekämpfung - 28.09.2015 (11)
  4. Rechner sehr langsam
    Log-Analyse und Auswertung - 11.08.2015 (3)
  5. Mein Rechner ist sehr sehr langsam, woran kann es liegen und was kann man dagegen tun?
    Plagegeister aller Art und deren Bekämpfung - 30.07.2015 (27)
  6. Rechner langsam - Schadsoftware?
    Plagegeister aller Art und deren Bekämpfung - 24.06.2014 (7)
  7. rechner sehr sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (18)
  8. XP Rechner - sehr langsam !
    Log-Analyse und Auswertung - 30.05.2013 (3)
  9. Rechner sehr langsam
    Log-Analyse und Auswertung - 16.03.2012 (3)
  10. Rechner ist sehr langsam
    Log-Analyse und Auswertung - 26.12.2009 (1)
  11. Rechner sehr langsam
    Log-Analyse und Auswertung - 18.10.2009 (1)
  12. Mein rechner ist seit eine viren attake sehr sehr langsam
    Log-Analyse und Auswertung - 10.02.2009 (0)
  13. Rechner sehr langsam....
    Mülltonne - 03.01.2009 (0)
  14. Rechner sehr langsam!
    Alles rund um Windows - 30.03.2007 (1)
  15. Rechner sehr langsam
    Mülltonne - 16.07.2006 (1)
  16. Rechner sehr langsam.....
    Log-Analyse und Auswertung - 24.01.2006 (11)
  17. Rechner sehr langsam
    Plagegeister aller Art und deren Bekämpfung - 25.05.2004 (7)

Zum Thema Rechner sehr langsam... Schadsoftware? - Hallo, in der letzten Zeit ist mein Rechner total langsam geworden, insbesondere beim Surfen mit Mozilla.. Hier die Logdaten.. Code: Alles auswählen Aufklappen ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool - Rechner sehr langsam... Schadsoftware?...
Archiv
Du betrachtest: Rechner sehr langsam... Schadsoftware? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.