| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus trotz Kaspersky Anti-Virus; was machen?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
06.12.2014, 15:18
| #16 | |
 |  Virus trotz Kaspersky Anti-Virus; was machen?Zitat:
__________________ Proud member of Unite |
|
06.12.2014, 15:29
| #17 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Virus trotz Kaspersky Anti-Virus; was machen? Ich übernehme ab hier:
__________________Schritt 1   Bitte starte FRST erneut, markiere auch die checkbox  und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ |
|
06.12.2014, 17:02
| #18 |
 | Virus trotz Kaspersky Anti-Virus; was machen? FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Max (administrator) on MAX-PC on 06-12-2014 16:59:52
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]
Chrome:
=======
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=", "hxxp://search.fbdownloader.com/?channel=de"
CHR DefaultSearchKeyword: Default -> vosteran.com
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-08]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Vosteran New Tab) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2014-12-06]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 16:59 - 2014-12-06 16:59 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-12-06 02:02 - 2014-12-06 02:03 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 01:43 - 2014-12-06 01:43 - 00000615 _____ () C:\Users\Max\Desktop\ckfiles.txt
2014-12-06 01:41 - 2014-12-06 01:41 - 00468480 _____ () C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 01:24 - 2014-12-06 01:36 - 153463376 _____ (Steinberg Media Technologies GmbH) C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 01:24 - 2014-12-06 01:29 - 58948264 _____ () C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-06 00:33 - 2014-12-06 00:33 - 00000000 ____D () C:\AV-CLS
2014-12-05 23:51 - 2014-12-05 23:51 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 23:11 - 2014-12-05 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 23:11 - 2014-12-05 23:11 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-12-05 23:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-05 23:10 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 23:10 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 23:08 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-05 23:08 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-05 23:08 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-05 23:08 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 23:03 - 2014-12-05 23:07 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-05 21:31 - 00021075 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-06 17:00 - 00022687 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-06 16:59 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-06 16:59 - 02118144 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:21 - 2014-12-05 20:21 - 00774944 _____ () C:\Users\Max\Downloads\ReimageRepair.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ___HD () C:\Users\Max\AppData\Roaming\GoldenGate
2014-12-05 20:19 - 2014-12-05 20:29 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-06 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-06 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-06 16:57 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\WorldofTanks
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\StormFall
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 17:00 - 2012-07-18 20:50 - 01705997 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 16:57 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 16:56 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 16:56 - 2010-11-21 04:47 - 00772934 _____ () C:\Windows\PFRO.log
2014-12-06 16:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 16:56 - 2009-07-14 05:51 - 00024735 _____ () C:\Windows\setupact.log
2014-12-06 02:04 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 02:04 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 01:50 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-06 01:42 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-06 01:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 01:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 01:32 - 2012-07-30 14:39 - 00010016 _____ () C:\Windows\DPINST.LOG
2014-12-06 01:32 - 2012-07-30 14:39 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-12-06 01:32 - 2012-07-30 14:39 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-12-06 01:31 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 23:43 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-12-05 23:33 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:33 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:12 - 2014-04-07 16:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA
2014-12-05 23:11 - 2012-07-18 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-05 23:11 - 2012-07-18 21:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-05 23:10 - 2012-07-18 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-05 21:18 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:39 - 2014-03-19 13:21 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Common
2014-12-05 20:39 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Visicom Media
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 21:22 - 2014-09-26 00:15 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-17 23:18 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00009450 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2013-02-25 23:32 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2012-07-18 21:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2012-07-18 21:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2012-07-18 21:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:29 - 2012-07-18 21:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 22:51 - 2014-07-10 23:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip
2014-11-07 16:41 - 2014-04-07 15:12 - 00000000 ____D () C:\ProgramData\Package Cache
Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe
C:\Users\Max\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\Max\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Max\AppData\Local\Temp\nvStInst.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe
C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Max\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 14:27
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014
Ran by Max at 2014-12-06 17:01:02
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-18 21:24 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2012-07-18 20:59 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: DataMgr => "C:\Users\Max\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: Intermediate => "C:\Users\Max\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Max\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: SCheck => "C:\Users\Max\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: Seventh => "C:\Users\Max\AppData\Roaming\Seventh\Seventh.exe"
MSCONFIG\startupreg: Sixth => "C:\Users\Max\AppData\Roaming\Sixth\Sixth.exe"
MSCONFIG\startupreg: Snoozer => "C:\Users\Max\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Max\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: Switcher => "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/06/2014 04:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 11:54:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/05/2014 11:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 11:10:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-12-04 21:53:43.825
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.822
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.802
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.801
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.799
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16346.33 MB
Available physical RAM: 13508.07 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 29733.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:771.51 GB) (Free:625.1 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
06.12.2014, 17:11
| #19 | |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen? Hi, bitte Deinem Kaspersky sagen, er soll beim Zoek-Download und Scan die Klappe halten - ergo: Echtzeitschutz vor Schritt 1 deaktivieren: Schritt 1 Download von  ZOEK (by Smeenk)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2014, 18:07
| #20 |
| | Virus trotz Kaspersky Anti-Virus; was machen? Zoek.exe v5.0.0.0 Updated 03-December-2014 Tool run by Max on 06.12.2014 at 17:19:51,84. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Max\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 06.12.2014 17:20:35 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\Avira deleted successfully C:\PROGRA~2\DebugMode deleted successfully C:\PROGRA~2\ManyCam deleted successfully C:\PROGRA~2\Rainlendar2 deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26 deleted successfully C:\PROGRA~3\Guitar Pro 6 deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\Visicom Media deleted successfully C:\Users\Max\AppData\Roaming\Common deleted successfully C:\Users\Max\AppData\Roaming\Splashtop deleted successfully C:\Users\Max\AppData\Roaming\TP deleted successfully C:\Users\Max\AppData\Local\StormFall deleted successfully C:\Users\Max\AppData\Local\WorldofTanks deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Users\Max\Desktop\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by E Dev R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [AVP15.0.0] - Kaspersky Anti-Virus Service 15.0.0 - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 15.0.0\avp.exe R2 - [cvhsvc] - Client Virtualization Handler - c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe R2 - [FastTrackProAudioDevMon] - Fast Track Pro Audio Device Monitor - c:\program files (x86)\m-audio\fast track pro\audiodevmon.exe R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe R2 - [sftlist] - Application Virtualization Client - c:\program files (x86)\microsoft application virtualization client\sftlist.exe R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe R2 - [UMVPFSrv] - UMVPFSrv - c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe R2 - [WMPNetworkSvc] - Windows Media Player-Netzwerkfreigabedienst - c:\program files\windows media player\wmpnetwk.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files (x86)\microsoft application virtualization client\sftvsa.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update-Dienst (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [SeaPort] - SeaPort - c:\program files (x86)\microsoft\bingbar\seaport.exe [x] S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Gatewaydienst auf Anwendungsebene - c:\windows\system32\alg.exe S3 - [BBSvc] - Bing Bar Update Service - c:\program files (x86)\microsoft\bingbar\bbsvc.exe [x] S3 - [COMSysApp] - COM+-Systemanwendung - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center-Empfängerdienst - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center-Planerdienst - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation-Schriftartcache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe S3 - [gupdatem] - Google Update-Dienst (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe S3 - [PerfHost] - Leistungsindikator-DLL-Host - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - RPC-Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP-Trap - c:\windows\system32\snmptrap.exe S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtueller Datenträger - c:\windows\system32\vds.exe S3 - [VSS] - Volumeschattenkopie - c:\windows\system32\vssvc.exe S3 - [wbengine] - Blockebenen-Sicherungsmodul - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI-Leistungsadapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET-Zustandsdienst - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.search.suggest.enabled", false); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\prefs.js: ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs__1729_.backup ==== Deleting Files \ Folders ====================== C:\Users\Max\.android deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\Users\Max\ChromeExtensions deleted C:\Users\Max\AppData\Roaming\WB.CFG deleted C:\Users\Max\AppData\Roaming\GoldenGate deleted C:\PROGRA~3\Package Cache deleted C:\PROGRA~3\EmailNotifier deleted C:\Users\Max\AppData\Local\cache deleted C:\Users\Max\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito deleted C:\Users\Max\Downloads\ReimageRepair.exe deleted C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\jetpack deleted "C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E}" deleted "C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 16347 MB CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz CPU Speed: 3397,5 MHz Sound Card: Lautsprecher (VIA High Definiti | Line 1/2 (2- M-Audio Fast Track | Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; PnP-Monitor (Standard) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: SAMSUNG Mobile USB Remote NDIS Network Device | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) CD / DVD Drives: 2x (D: | J: | ) D: HL-DT-STDVDRAM GH24NS90 | J: DTSOFT BDROM Ports: COM1 LPT1 Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 771,5GB | K: 160,0GB | Q: 0,0MB Hard Disks - Free: C: 625,0GB | K: 159,9GB | Q: 0,0MB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 05/11/12 | ALASKA - 1072009 Time Zone: Mitteleuropäische Zeit Motherboard *: Gigabyte Technology Co., Ltd. H77M-D3H Country: Deutschland Language: DEU ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Anti-Virus On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Anti-Virus disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Firefox 34.0.5 Internet Explorer Version: 11.0.9600.17420 Mozilla Firefox version: 34.0.5 (x86 de) Google Chrome version: 39.0.2171.71 Adobe Reader version: 11.0.9.29 Flash Player version: 15.0.0.239 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-12-03 20:44:04 F9F4905664C5B42B49E78EFA12D1A6B6 20 ----a-w- C:\Windows\ˆø' 2014-11-30 06:39:57 0DD37FF1ADA43B8955C6525DE7ACFD42 802013673 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Max\AppData\Local\Temp ==== 2014-12-06 00:32:08 05499C8E0A5EF56CE4988017F2485764 925184 ------w- C:\Users\Max\AppData\Local\Temp\eLicenserInst\eLicenser Driver Package\x64\DPInst.exe 2014-12-05 23:33:02 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\OSProvider.dll 2014-12-05 23:33:02 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismCorePS.dll 2014-12-05 23:33:02 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\IntlProvider.dll 2014-12-05 23:33:02 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismProv.dll 2014-12-05 23:33:02 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DmiProvider.dll 2014-12-05 23:33:02 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\UnattendProvider.dll 2014-12-05 23:33:02 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\wdscore.dll 2014-12-05 23:33:02 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\TransmogProvider.dll 2014-12-05 23:33:02 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\WimProvider.dll 2014-12-05 23:33:02 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\CbsProvider.dll 2014-12-05 23:33:02 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismCore.dll 2014-12-05 23:33:02 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\FolderProvider.dll 2014-12-05 23:33:02 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\CompatProvider.dll 2014-12-05 23:33:02 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismHost.exe 2014-12-05 23:33:02 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\MsiProvider.dll 2014-12-05 23:33:02 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\SmiProvider.dll 2014-12-05 22:42:17 18958A2E7C65349F9FB41B31E3C5A623 901363 ----a-w- C:\Users\Max\AppData\Local\Temp\Rar$EXa0.606\Multi_AV.exe 2014-12-05 22:09:01 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Users\Max\AppData\Local\Temp\nvStInst.exe 2014-12-05 20:17:40 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\libiconv2.dll 2014-12-05 20:17:40 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\libintl3.dll 2014-12-05 20:17:40 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\pcre3.dll 2014-12-05 20:17:40 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\regex2.dll 2014-12-05 20:17:40 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-12-05 19:29:09 6AACB4C3D5421477B6020C40505FE3BE 116064 ----a-w- C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe 2014-12-05 19:29:05 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Max\AppData\Local\Temp\17736377.Uninstall\uninstaller.exe 2014-12-05 19:21:33 6DC42EA47296B08B1047682161051FA6 13263976 ----a-w- C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe 2014-12-05 19:20:28 DE3DD2C419C7B383E6FD7997A782D5D1 95232 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\node_modules\gameo_utils\build\Release\gameo_utils.dll 2014-12-05 19:20:28 9EE20E6E2E3F94714D44F739B9A228F4 17048240 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\plugins\NPSWF32_14_0_0_179.dll 2014-12-05 19:20:28 76DCCDD092768DAB0D19714799F21686 414208 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\node_modules\goldengate\build\Release\goldengate.dll 2014-12-05 19:19:36 FEE30971F3E6330C0A82FBFC49C47B4B 35312668 ----a-w- C:\Users\Max\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE 2014-12-03 20:44:50 8C47303CE87AEAE0E0283EC1E2072BEB 126976 ------w- C:\Users\Max\AppData\Local\Temp\{1647D81D-7ACA-444E-952E-945FDAF4A4D0}\{1E03C8BE-0848-430F-BECA-7D7709401626}\InstallHelper.dll 2014-12-03 20:38:15 F4AD2428504B14403FECF254E3B82A86 941848 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\UnSetup.exe 2014-12-03 20:38:15 3EA4B01045BB503A0ADDEFE7FBD97D5D 55128 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\InstallData\Interop.IWshRuntimeLibrary.dll 2014-12-03 20:37:09 E2169AD646E94984BDECFDDBA604C1C8 204800 ----a-w- C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll 2014-12-03 20:37:08 153E62901A65D7D26113EBB58683B735 375992 ----a-w- C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe 2014-12-03 20:33:12 465B712B806D518BEF251F1CD02AFC4C 74177 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\4137b8eca8706c173ba3d2bdbda97f53\FRAPS19D.EXE 2014-12-03 20:32:51 3C16B7CAAF77B766734D52093F2DCCA1 370512 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\dmr_72.exe 2014-11-27 23:01:10 E77E38246C4F8A3F372B833CF88815A4 36352 ----a-w- C:\Users\Max\AppData\Local\Temp\2186639\x64\wmi64.exe 2014-11-27 09:04:24 4BE307353A509F66785DC83AFA915330 367448 ------w- C:\Users\Max\AppData\Local\Temp\is765589038\30AB373D_stp\Couponmonkey.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-12-05 22:11:11 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll 2014-12-05 22:11:10 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll 2014-12-05 22:11:08 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll 2014-12-05 22:10:48 7F2B1D9656D673A6D1383A30F2F8820B 1291280 ----a-w- C:\Windows\SysWOW64\nvspbridge.dll 2014-12-05 22:10:48 71D73785949F5FD3CD18CEF3D2FD7500 2197680 ----a-w- C:\Windows\SysWOW64\nvspcap.dll 2014-12-05 22:10:11 F21877BF9917249CA16BBAF0833434C2 615624 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-12-05 22:08:56 3CE5D0F1FC2127723B3AF13CAC41496F 32584 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll 2014-12-05 22:08:55 EC054B6480A3C290A35320C518F2DA5E 303600 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll 2014-12-05 22:08:55 D30378B2EACC727AC577B781F4E4E464 923792 ----a-w- C:\Windows\SysWOW64\NvIFR.dll 2014-12-05 22:08:55 B02837FC74C47836100CABB814DE6C87 156840 ----a-w- C:\Windows\SysWOW64\nvinit.dll 2014-12-05 22:08:55 8A9D062C89C6343CC8F57AEBF607EB97 871648 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll 2014-12-05 22:08:55 8695BF11BB2C0A5EBFFA5CC15FFFDC6D 11397744 ----a-w- C:\Windows\SysWOW64\nvopencl.dll 2014-12-05 22:08:55 84DC24633E189CFF0912AA5291D3598D 4011208 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll 2014-12-05 22:08:55 7CDA6A1347F4C38C18A541B0C0209274 17259664 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll 2014-12-05 22:08:55 76FC4D850951BAD50BC24A5DC1DB099C 24557712 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll 2014-12-05 22:08:55 36DC7A09D440B6D863E8AD87AFD17249 11336432 ----a-w- C:\Windows\SysWOW64\nvcuda.dll 2014-12-05 22:08:55 018B444F632D7CDE2F01AAFB75149B6F 900928 ----a-w- C:\Windows\SysWOW64\NvFBC.dll 2014-12-05 04:05:33 717E9CA09CB53DC2BBB2DAF78D713828 183808 ----a-w- C:\Windows\SysWOW64\xvidvfw.dll 2014-12-05 04:05:33 2AE2C164587549B3872E5EB109FB12F8 810496 ----a-w- C:\Windows\SysWOW64\xvidcore.dll 2014-12-05 04:05:33 201E4F170E3B59E6AB6784122C67E926 112640 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll 2014-12-05 04:05:33 0903FEFCBD4B28C747DE7EE8201F14D1 714 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll.manifest ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-05 22:11:11 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll 2014-12-05 22:11:10 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll 2014-12-05 22:11:08 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll 2014-12-05 22:10:48 BD6E0701DEFADBC0CB1AF58FE538E850 2800296 ----a-w- C:\Windows\Sysnative\nvspcap64.dll 2014-12-05 22:10:48 3CF726DAA01DED40935F170521DA57A7 1715224 ----a-w- C:\Windows\Sysnative\nvspbridge64.dll 2014-12-05 22:08:56 57E904259962D850CB825BAACD3C5C9F 35144 ----a-w- C:\Windows\Sysnative\nvaudcap64v.dll 2014-12-05 22:08:55 D5424A3E2384876DCB5F3685C86F8E2A 4292416 ----a-w- C:\Windows\Sysnative\nvcuvid.dll 2014-12-05 22:08:55 BDEC06F2C95004ADC3B7104DFA32B8E9 352016 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll 2014-12-05 22:08:55 B26BF1B9402896AC3B756979C808B55C 20922512 ----a-w- C:\Windows\Sysnative\nvcompiler.dll 2014-12-05 22:08:55 AA6A70C2A692BDAC567BAB57521FC324 13944952 ----a-w- C:\Windows\Sysnative\nvcuda.dll 2014-12-05 22:08:55 851FBA69C8CDE4C000FD2BEC79B2EEAB 20986592 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll 2014-12-05 22:08:55 5C580DF5662F2A5974A98D461F745AA5 935240 ----a-w- C:\Windows\Sysnative\NvFBC64.dll 2014-12-05 22:08:55 4DEE167489A95AAC0D1357BB6FC3E7FD 1876296 ----a-w- C:\Windows\Sysnative\nvdispco6434475.dll 2014-12-05 22:08:55 357B2D46EE9EC3D8A794C31CAAF4EBB1 1540424 ----a-w- C:\Windows\Sysnative\nvdispgenco6434475.dll 2014-12-05 22:08:55 2CDFC8CB13FE7953E57F2B217AD58550 174856 ----a-w- C:\Windows\Sysnative\nvinitx.dll 2014-12-05 22:08:55 217AEFFF4AFB65176E4E01E791F29FDC 14032984 ----a-w- C:\Windows\Sysnative\nvopencl.dll 2014-12-05 22:08:55 20477E757C88F5630B118C2B409753DF 19966344 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll 2014-12-05 22:08:55 14D26D0296CF1F2A4BF9C633401A701A 31520 ----a-w- C:\Windows\Sysnative\nvhdap64.dll 2014-12-05 22:08:55 00BC15E8285B91588AB6E496BDB04BD3 31893136 ----a-w- C:\Windows\Sysnative\nvoglv64.dll 2014-12-05 22:08:55 00BA523771F2F27AEC3DA4B024640526 964928 ----a-w- C:\Windows\Sysnative\NvIFR64.dll ====== C:\Windows\Sysnative\drivers ===== 2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys 2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys 2014-12-05 22:08:55 185B4FFECD886A424B57B58AE173FBBE 13213512 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys 2014-11-13 00:26:23 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-11-07 15:37:00 CD81447AB991F3E7F1FCF59CEA07D1E0 793800 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-11-07 15:37:00 7ED6B6805B3E1BC9DC2418F1C5C920B4 243808 ----a-w- C:\Windows\Sysnative\drivers\klhk.sys 2014-11-07 15:37:00 2A88EFE87B5F23BA47FF7AF2DEAEB98F 141320 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2014-12-05 17:16:08 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-12-05 00:23:06 -------- d-----w- C:\PROGRA~2\M-Audio 2014-12-05 00:23:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Digidesign 2014-12-04 23:54:15 -------- d-----w- C:\PROGRA~2\RandyRants.com 2014-12-04 23:49:03 -------- d-----w- C:\PROGRA~2\AutoHotkey 2014-12-04 23:09:12 -------- d-----w- C:\PROGRA~2\Microsoft Keyboard Layout Creator 1.4 2014-11-07 15:37:07 -------- d-----w- C:\PROGRA~2\Kaspersky Lab ======= C: ===== 2014-12-05 19:38:15 8D987BE841B404B83E6CE18C33C44C88 55 ----a-w- C:\AdwCleanerDebug.txt ====== C:\Users\Max\AppData\Roaming ====== 2014-12-05 22:11:46 -------- d-----w- C:\Users\Max\AppData\Local\NVIDIA Corporation 2014-12-05 00:43:27 -------- d-----w- C:\Users\Max\AppData\Local\M-Audio 2014-12-05 00:29:02 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\M-Audio 2014-12-04 23:54:15 -------- d-----w- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com 2014-12-04 23:09:27 -------- d-----w- C:\Users\Max\AppData\Local\MSKLC 2014-12-03 20:26:29 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieBrowserModeList 2014-12-03 20:26:28 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieUserList 2014-12-03 20:26:28 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieSiteList 2014-11-20 20:12:09 -------- d-----w- C:\Users\Max\AppData\Roaming\Visicom Media 2014-11-06 23:59:20 -------- d-----w- C:\Users\Max\AppData\Roaming\Bao_Nguyen 2014-11-06 23:59:20 -------- d-----w- C:\Users\Max\AppData\Local\Bao_Nguyen ====== C:\Users\Max ====== 2014-12-06 01:02:38 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe 2014-12-06 00:41:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Max\Desktop\CKScanner.exe 2014-12-06 00:24:58 81DAB3952B9FD6CB00773AD5161FAEF1 153463376 ----a-w- C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe 2014-12-06 00:24:54 01FACBE85DCDC89D142DE17A61F101BD 58948264 ----a-w- C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe 2014-12-05 22:51:02 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe 2014-12-05 22:10:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-12-05 22:03:11 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe 2014-12-05 20:17:17 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Max\Downloads\JRT.exe 2014-12-05 19:55:05 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-05 19:36:37 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\Max\Downloads\AdwCleaner_4.104.exe 2014-12-05 19:22:58 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\Downloads\FRST64.exe 2014-12-05 19:18:16 F1D529A60AA57EDC3A98E76480C2BB52 803152 ----a-w- C:\Users\Max\Downloads\FileOpenerSetup.exe 2014-12-05 17:45:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-12-05 17:15:13 6B3348A473A331468C7F110E0ECD14B3 244264 ----a-w- C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe 2014-12-05 04:00:42 BB6412B73307F1C3CD32BE58A56E671D 100117000 ----a-w- C:\Users\Max\Downloads\SplitCamSetup.exe 2014-12-05 00:43:27 -------- d-----w- C:\ProgramData\M-Audio 2014-12-05 00:23:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio 2014-12-05 00:21:40 -------- d-----w- C:\ProgramData\AVID 2014-12-04 23:49:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey 2014-12-04 23:48:50 97BC6AD7EF40955712CA1E4E8E195104 2047357 ----a-w- C:\Users\Max\Downloads\AutoHotkey104805_Install.exe 2014-12-04 23:08:16 7BB68B4DB54BADDD6F1C15895BE35B5F 10597792 ----a-w- C:\Users\Max\Downloads\MSKLC.exe 2014-12-04 23:04:22 513D270678DAA215C06AAC55B68B5AF8 301688 ----a-w- C:\Users\Max\Downloads\dpclat.exe 2014-12-03 20:33:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps 2014-12-03 20:32:44 925E5FC04B298E37BCD99AF2A3B9CDD8 1174352 ----a-w- C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe 2014-12-03 20:26:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe 2014-11-27 22:57:41 2AD9820E4B17E78110A6AA06BF5C1CE2 4184008 ----a-w- C:\Users\Max\Downloads\tdsskiller.exe 2014-11-27 22:57:18 D1CF834179B085457AEB6152A260CD80 164003712 ----a-w- C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe 2014-11-07 15:37:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2014-11-07 15:37:07 -------- d-----w- C:\ProgramData\Kaspersky Lab ====== C: exe-files == 2014-12-06 15:59:46 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0F0ANW5V\FRST64[1].exe 2014-12-06 01:02:38 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe 2014-12-06 00:41:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Max\Desktop\CKScanner.exe 2014-12-06 00:32:08 05499C8E0A5EF56CE4988017F2485764 925184 ------w- C:\Users\Max\AppData\Local\Temp\eLicenserInst\eLicenser Driver Package\x64\DPInst.exe 2014-12-06 00:24:58 81DAB3952B9FD6CB00773AD5161FAEF1 153463376 ----a-w- C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe 2014-12-06 00:24:54 01FACBE85DCDC89D142DE17A61F101BD 58948264 ----a-w- C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe 2014-12-05 23:33:02 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismHost.exe 2014-12-05 22:51:02 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe 2014-12-05 22:42:17 18958A2E7C65349F9FB41B31E3C5A623 901363 ----a-w- C:\Users\Max\AppData\Local\Temp\Rar$EXa0.606\Multi_AV.exe 2014-12-05 22:11:56 99CD14EFE0F5A39FD6FA63B0D62F5E88 4451032 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\00006942\DAO.19113547.exe 2014-12-05 22:11:56 28970D295417AA1D81979E397BE4717F 334784 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\000067a9\DRS update.19048648.exe 2014-12-05 22:11:56 053A3499F9FA53C8CA808033C0F2B8E2 429800 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\00006943\CoProc update.19113656.exe 2014-12-05 22:11:16 024299B2B0E1C11320A4592570D8DE20 1149760 ----a-w- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 2014-12-05 22:10:48 E4AD0AFE043D17AE714B63A55FABF4A9 3679040 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe 2014-12-05 22:10:48 BEB10564C6245948B59FDAA7495A02D7 86160 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe 2014-12-05 22:10:48 4DD746CD8F9EF8A8D07B13CF21FCEDB6 127296 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedVisualizer.exe 2014-12-05 22:10:45 EE15D4E3AB44C67505F25DD38DF6DA85 638784 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-12-05 22:10:45 C9FBCB16A6E8F829D3EBB6951DC29F77 5102912 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe 2014-12-05 22:10:45 C982FE172EA1C7B840C4243C5AB3F8BE 19821376 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 2014-12-05 22:10:44 BB5C9345CB1892DF6A2728233F9B3E25 4816200 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe 2014-12-05 22:10:44 5BEAC67EE916146E380099B9C6796841 597992 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe 2014-12-05 22:10:11 F21877BF9917249CA16BBAF0833434C2 615624 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe 2014-12-05 22:10:11 E135479F83909D3596A18E5F92A7E3AF 896328 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe 2014-12-05 22:10:11 C1A1BECD74232ADE9DEEBF46ED207446 436424 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe 2014-12-05 22:10:11 A9425CB7D5A698EA49BE0DF55A448E68 409800 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 2014-12-05 22:10:11 89AE9D8AD1E09F6E565A8FE1ED2F30C2 834888 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe 2014-12-05 22:10:11 31E342F7F7F573D7EA8836B62362C51A 1909064 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe 2014-12-05 22:10:11 1FB211EF360CEAAF40997A4F0E13D1EE 2612224 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe 2014-12-05 22:10:11 0F4D0B9B315AB94517E43E5FC12FAF31 1109824 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe 2014-12-05 22:10:11 0B3B2F24B4312119DF4B2F750A01E214 8357704 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe 2014-12-05 22:10:08 D6A687B5E24257B5D3991C0D9BC45BBC 1796928 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 2014-12-05 22:09:57 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE 2014-12-05 22:09:01 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Users\Max\AppData\Local\Temp\nvStInst.exe 2014-12-05 22:08:56 1AA224A6535CB25057F17512EE09D3E9 18959720 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{F4B175E6-46FB-4D01-9B8D-95A6515A551A}\3DVision.exe 2014-12-05 22:08:55 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F18B2EE3-6801-45EE-B73D-CE2F8411DABA}\dbInstaller.exe 2014-12-05 22:08:55 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe 2014-12-05 22:08:55 AAB541C139C9BC98D7788045031B1A5A 85383656 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F18B2EE3-6801-45EE-B73D-CE2F8411DABA}\NvCplSetupInt.exe 2014-12-05 22:07:58 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\setup.exe 2014-12-05 22:07:54 F4B7FA4858FC2DA365B6F119E03DD7F0 2728736 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nwiz.exe 2014-12-05 22:07:54 D9DDC41CCA78407D273B70AF4C6FAB81 18184000 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe 2014-12-05 22:07:54 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\setup.exe 2014-12-05 22:07:54 A35F9D3872B1740148A3EAB9E6B95741 479520 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nvTaskBar.exe 2014-12-05 22:07:54 523499F8D0B0C313F7888B8D9450E4A3 197440 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Update.Core\WLMerger.exe 2014-12-05 22:07:53 EE15D4E3AB44C67505F25DD38DF6DA85 638784 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe 2014-12-05 22:07:53 E4AD0AFE043D17AE714B63A55FABF4A9 3679040 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps64.exe 2014-12-05 22:07:53 D6A687B5E24257B5D3991C0D9BC45BBC 1796928 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Network.Service\NVNetworkService.exe 2014-12-05 22:07:53 C9FBCB16A6E8F829D3EBB6951DC29F77 5102912 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe 2014-12-05 22:07:53 C982FE172EA1C7B840C4243C5AB3F8BE 19821376 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe 2014-12-05 22:07:53 BEB10564C6245948B59FDAA7495A02D7 86160 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe 2014-12-05 22:07:53 4DD746CD8F9EF8A8D07B13CF21FCEDB6 127296 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe 2014-12-05 22:07:53 12AB2C8AAB31F84C7AB82010DDCCE1C8 2831168 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps.exe 2014-12-05 22:07:53 0E063925CE9A2CCF520B257D4684AB09 3999040 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe 2014-12-05 22:07:52 F57258F04743DF38C491030652095359 521024 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\DXSETUP.exe 2014-12-05 22:07:52 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe 2014-12-05 22:07:52 BB5C9345CB1892DF6A2728233F9B3E25 4816200 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe 2014-12-05 22:07:52 AAB541C139C9BC98D7788045031B1A5A 85383656 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe 2014-12-05 22:07:52 7484ABE3354FE9D818C419D47DCBE28D 916800 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService32.exe 2014-12-05 22:07:52 5BEAC67EE916146E380099B9C6796841 597992 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience\7z.exe 2014-12-05 22:07:52 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe 2014-12-05 22:07:52 478D7132376A9B209C06CB5136F5436A 744736 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nvAppBar.exe 2014-12-05 22:07:52 381474F8A4477CF4951553EF530B0ED5 2465088 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Update.Core\NvBackend.exe 2014-12-05 22:07:52 1AA224A6535CB25057F17512EE09D3E9 18959720 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVision\3DVision.exe 2014-12-05 22:07:52 024299B2B0E1C11320A4592570D8DE20 1149760 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService64.exe 2014-12-05 22:03:11 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe 2014-12-05 20:17:40 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\erunt\ERUNT.EXE 2014-12-05 20:17:17 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Max\Downloads\JRT.exe 2014-12-05 19:55:05 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe 2014-12-05 19:36:37 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\Max\Downloads\AdwCleaner_4.104.exe 2014-12-05 19:29:09 6AACB4C3D5421477B6020C40505FE3BE 116064 ----a-w- C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe 2014-12-05 19:29:05 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Max\AppData\Local\Temp\17736377.Uninstall\uninstaller.exe 2014-12-05 19:22:58 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\Downloads\FRST64.exe 2014-12-05 19:22:58 AEED85060B2A31847910E7FE2A27F433 2117632 ----a-w- C:\Users\Max\Downloads\FRST-OlderVersion\FRST64.exe 2014-12-05 19:21:33 6DC42EA47296B08B1047682161051FA6 13263976 ----a-w- C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe 2014-12-05 19:19:36 FEE30971F3E6330C0A82FBFC49C47B4B 35312668 ----a-w- C:\Users\Max\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE 2014-12-05 19:18:16 F1D529A60AA57EDC3A98E76480C2BB52 803152 ----a-w- C:\Users\Max\Downloads\FileOpenerSetup.exe 2014-12-05 17:45:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe 2014-12-05 17:16:09 B015BE6E7E2E47EDF38186C3CCCD41CF 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe 2014-12-05 17:16:08 B4E9C7383A705628AD491CF0F87D901F 114800 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 2014-12-05 17:15:13 6B3348A473A331468C7F110E0ECD14B3 244264 ----a-w- C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe 2014-12-05 04:00:42 BB6412B73307F1C3CD32BE58A56E671D 100117000 ----a-w- C:\Users\Max\Downloads\SplitCamSetup.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_853F67D554F05449430E7E.exe 2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe 2014-12-04 23:49:03 4B670AE0775B0C21C293C3714AEDDBE5 50484 ----a-w- C:\Program Files (x86)\AutoHotkey\uninst.exe 2014-12-04 23:48:50 97BC6AD7EF40955712CA1E4E8E195104 2047357 ----a-w- C:\Users\Max\Downloads\AutoHotkey104805_Install.exe 2014-12-04 23:08:16 7BB68B4DB54BADDD6F1C15895BE35B5F 10597792 ----a-w- C:\Users\Max\Downloads\MSKLC.exe 2014-12-04 23:04:22 513D270678DAA215C06AAC55B68B5AF8 301688 ----a-w- C:\Users\Max\Downloads\dpclat.exe 2014-12-03 20:38:15 F4AD2428504B14403FECF254E3B82A86 941848 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\UnSetup.exe 2014-12-03 20:37:08 153E62901A65D7D26113EBB58683B735 375992 ----a-w- C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe 2014-12-03 20:33:15 E4420337B6889E38F3C7221FDA0123E1 21730 ----a-w- C:\Fraps\uninstall.exe 2014-12-03 20:33:12 465B712B806D518BEF251F1CD02AFC4C 74177 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\4137b8eca8706c173ba3d2bdbda97f53\FRAPS19D.EXE 2014-12-03 20:32:51 3C16B7CAAF77B766734D52093F2DCCA1 370512 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\dmr_72.exe 2014-12-03 20:32:44 925E5FC04B298E37BCD99AF2A3B9CDD8 1174352 ----a-w- C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe === C: other files == 2014-12-05 22:10:45 D6E22C63F1F2B2B5B5E95F70BEBDB2BC 20800 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 2014-12-05 22:09:57 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys 2014-12-05 22:09:57 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys 2014-12-05 22:08:56 D2DF95CDE541021B7908503C6FE8F306 434832 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{0D05D2E1-8C3B-499B-9A60-2C43A5488DF7}\nvstusb32.sys 2014-12-05 22:08:56 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{96DC57F9-1714-40CD-B9D4-90BC49E22080}\NVSWCFilter32.sys 2014-12-05 22:08:56 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5D5F0A93-57D9-4C4F-A450-FABC8AC7C34E}\nvvad32v.sys 2014-12-05 22:08:56 61E742FCFC9621DFD173B7AD7841CE4C 451216 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{0D05D2E1-8C3B-499B-9A60-2C43A5488DF7}\nvstusb64.sys 2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys 2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5D5F0A93-57D9-4C4F-A450-FABC8AC7C34E}\nvvad64v.sys 2014-12-05 22:08:56 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{96DC57F9-1714-40CD-B9D4-90BC49E22080}\NVSWCFilter64.sys 2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys 2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda64v.sys 2014-12-05 22:08:55 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda32.sys 2014-12-05 22:08:55 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda32v.sys 2014-12-05 22:08:55 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda64.sys 2014-12-05 22:08:55 185B4FFECD886A424B57B58AE173FBBE 13213512 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys 2014-12-05 22:07:58 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\NVI2SystemService64.sys 2014-12-05 22:07:58 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\NVI2SystemService32.sys 2014-12-05 22:07:57 D6E22C63F1F2B2B5B5E95F70BEBDB2BC 20800 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys 2014-12-05 22:07:57 D2DF95CDE541021B7908503C6FE8F306 434832 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys 2014-12-05 22:07:57 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter32.sys 2014-12-05 22:07:57 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys 2014-12-05 22:07:57 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService64.sys 2014-12-05 22:07:57 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NvVAD\nvvad32v.sys 2014-12-05 22:07:57 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys 2014-12-05 22:07:57 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys 2014-12-05 22:07:57 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys 2014-12-05 22:07:57 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService32.sys 2014-12-05 22:07:57 61E742FCFC9621DFD173B7AD7841CE4C 451216 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys 2014-12-05 22:07:57 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NvVAD\nvvad64v.sys 2014-12-05 22:07:57 1ECE29EE5DBD4401C6C4ECA7FACC5E90 19776 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys 2014-12-05 22:07:57 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter64.sys 2014-12-05 22:07:57 12D54AD8AF6AD1A2B66E882A67CD4D7E 39056 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Miracast.VirtualAudio\nvvadarm.sys 2014-12-05 20:17:40 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\prelim.bat 2014-12-05 20:17:40 EBAA7BD799FC68980A6A8594BB14A950 190569 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\misc.bat 2014-12-05 20:17:40 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\TDL4.bat 2014-12-05 20:17:40 BC28D90D34DB7AC6BB5789BF3C9E8FDB 14957 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\get.bat 2014-12-05 20:17:40 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\medfos.bat 2014-12-05 20:17:40 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\surfvox.bat 2014-12-05 20:17:40 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\searchlnk.bat 2014-12-05 20:17:40 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\firefox.bat 2014-12-05 20:17:40 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\ev_clear.bat 2014-12-05 20:17:40 813FA9E2180EE3BB5EFCE744009B5611 10880 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\runvalues.bat 2014-12-05 20:17:40 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\ask.bat 2014-12-05 20:17:40 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\iexplore.bat 2014-12-05 20:17:40 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\delfolders.bat 2014-12-05 20:17:40 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\mws.bat 2014-12-05 20:17:40 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\chrome.bat 2014-12-03 20:45:07 A211A94BF8BF1A63B92462001A4FC10A 90 ----a-w- C:\Windows\Temp\temp\devcon.bat 2014-11-29 21:32:39 4BD976B1FCCFAE54875CD4D7BD7EC339 3921 ----a-w- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\extensions\simplesiteblocker@example.com.xpi ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Windows\CurrentVersion\Run] "SplitCam"="C:\Program Files (x86)\SplitCam\SplitCam.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SplitCam"="C:\Program Files (x86)\SplitCam\SplitCam.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmazonMP3DownloaderHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AmazonMP3DownloaderHelper" "hkey"="HKCU" "command"="C:\\Users\\Max\\AppData\\Local\\Program Files\\Amazon\\MP3 Downloader\\AmazonMP3DownloaderHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DataMgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DataMgr" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\DataMgr\\DataMgr.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Intermediate] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Intermediate" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Intermediate\\Intermediate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="mobilegeni daemon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Mobogenie\\DaemonProcess.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NvBackend" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PriceMeterW] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PriceMeterW" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Local\\PriceMeter\\pricemeterw.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Rainlendar2] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Rainlendar2" "hkey"="HKCU" "command"="C:\\Program Files (x86)\\Rainlendar2\\Rainlendar2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SCheck" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\SCheck\\SCheck.exe\" check " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Seventh] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Seventh" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Seventh\\Seventh.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sixth] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Sixth" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Sixth\\Sixth.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Snoozer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Snoozer" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\Snz\\Snz.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SSync" "hkey"="HKCU" "command"="\"C:\\Users\\Max\\AppData\\Roaming\\SSync\\SSync.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchospt] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="svchospt" "hkey"="HKLM" "command"="C:\\Windows\\SysWOW64\\svchospt.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Switcher] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Switcher" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Switcher\\Switcher.exe\" /quiet" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="USB3MON" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk] "path"="C:\\Users\\Max\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\net.lnk" "backup"="C:\\Windows\\pss\\net.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\Max\\AppData\\Roaming\\WINDOW~1\\net.exe " "item"="net" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VIAKaraokeService] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc] ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26.11.2014 18:37] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.08.2013 15:29] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.08.2013 15:29] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "url_advisor@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com" [07.11.2014 16:42] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default - Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com - Undetermined - content_blocker@kaspersky.com - Simple Site Blocker - %ProfilePath%\extensions\simplesiteblocker@example.com.xpi - 12989559-84f2-47aa-a442-5e69f9d26720 - %ProfilePath%\extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default 8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash E09A55AB513C4D5145F1C318ED024747 - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll - AmazonMP3DownloaderPlugin ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho[] oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] Google Voice Search Hotword (Beta) - Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn Vosteran New Tab - Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce ==== Chromium Fix ====================== C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage-journal deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oilkkkefbalmbfppgjmgjoefbclebkce_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="hxxp://www.google.com" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="hxxp://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {56E26B6C-BB82-48de-BEB0-8F3664DE7835} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH" {7588F513-7B9E-45dc-914D-B207EFFC6D9A} Google Url="hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intermediate deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PriceMeterW deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCheck deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seventh deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sixth deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snoozer deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSync deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\fnsdk8k5.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=821 folders=166 44484454 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Max\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Max\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 06.12.2014 at 18:06:19,70 ====================== |
|
06.12.2014, 18:13
| #21 |
| | Virus trotz Kaspersky Anti-Virus; was machen? 18:08:45.0135 0x1414 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34 18:08:47.0722 0x1414 ============================================================ 18:08:47.0722 0x1414 Current date / time: 2014/12/06 18:08:47.0722 18:08:47.0722 0x1414 SystemInfo: 18:08:47.0722 0x1414 18:08:47.0722 0x1414 OS Version: 6.1.7601 ServicePack: 1.0 18:08:47.0722 0x1414 Product type: Workstation 18:08:47.0722 0x1414 ComputerName: MAX-PC 18:08:47.0722 0x1414 UserName: Max 18:08:47.0722 0x1414 Windows directory: C:\Windows 18:08:47.0722 0x1414 System windows directory: C:\Windows 18:08:47.0722 0x1414 Running under WOW64 18:08:47.0722 0x1414 Processor architecture: Intel x64 18:08:47.0722 0x1414 Number of processors: 8 18:08:47.0722 0x1414 Page size: 0x1000 18:08:47.0722 0x1414 Boot type: Normal boot 18:08:47.0722 0x1414 ============================================================ 18:08:48.0895 0x1414 KLMD registered as C:\Windows\system32\drivers\06954410.sys 18:08:49.0203 0x1414 System UUID: {546EEF6E-57D3-5B7E-5A30-110EFBE4C9A4} 18:08:49.0533 0x1414 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 18:08:49.0553 0x1414 ============================================================ 18:08:49.0553 0x1414 \Device\Harddisk0\DR0: 18:08:49.0553 0x1414 MBR partitions: 18:08:49.0553 0x1414 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x13FFF800 18:08:49.0553 0x1414 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14000000, BlocksNum 0x60706000 18:08:49.0553 0x1414 ============================================================ 18:08:49.0604 0x1414 C: <-> \Device\Harddisk0\DR0\Partition2 18:08:49.0623 0x1414 K: <-> \Device\Harddisk0\DR0\Partition1 18:08:49.0623 0x1414 ============================================================ 18:08:49.0623 0x1414 Initialize success 18:08:49.0623 0x1414 ============================================================ 18:09:15.0170 0x1470 ============================================================ 18:09:15.0170 0x1470 Scan started 18:09:15.0170 0x1470 Mode: Manual; SigCheck; TDLFS; 18:09:15.0170 0x1470 ============================================================ 18:09:15.0170 0x1470 KSN ping started 18:09:17.0920 0x1470 KSN ping finished: true 18:09:18.0411 0x1470 ================ Scan system memory ======================== 18:09:18.0411 0x1470 System memory - ok 18:09:18.0411 0x1470 ================ Scan services ============================= 18:09:18.0493 0x1470 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 18:09:18.0539 0x1470 1394ohci - ok 18:09:18.0559 0x1470 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 18:09:18.0573 0x1470 ACPI - ok 18:09:18.0586 0x1470 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 18:09:18.0613 0x1470 AcpiPmi - ok 18:09:18.0683 0x1470 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 18:09:18.0692 0x1470 AdobeARMservice - ok 18:09:18.0786 0x1470 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 18:09:18.0797 0x1470 AdobeFlashPlayerUpdateSvc - ok 18:09:18.0819 0x1470 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 18:09:18.0836 0x1470 adp94xx - ok 18:09:18.0847 0x1470 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 18:09:18.0860 0x1470 adpahci - ok 18:09:18.0875 0x1470 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 18:09:18.0886 0x1470 adpu320 - ok 18:09:18.0906 0x1470 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 18:09:18.0935 0x1470 AeLookupSvc - ok 18:09:18.0997 0x1470 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 18:09:19.0018 0x1470 AFD - ok 18:09:19.0032 0x1470 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 18:09:19.0040 0x1470 agp440 - ok 18:09:19.0049 0x1470 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 18:09:19.0071 0x1470 ALG - ok 18:09:19.0086 0x1470 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 18:09:19.0093 0x1470 aliide - ok 18:09:19.0116 0x1470 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 18:09:19.0123 0x1470 amdide - ok 18:09:19.0132 0x1470 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 18:09:19.0145 0x1470 AmdK8 - ok 18:09:19.0148 0x1470 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 18:09:19.0163 0x1470 AmdPPM - ok 18:09:19.0172 0x1470 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 18:09:19.0181 0x1470 amdsata - ok 18:09:19.0196 0x1470 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 18:09:19.0207 0x1470 amdsbs - ok 18:09:19.0217 0x1470 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 18:09:19.0225 0x1470 amdxata - ok 18:09:19.0235 0x1470 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 18:09:19.0278 0x1470 AppID - ok 18:09:19.0296 0x1470 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 18:09:19.0326 0x1470 AppIDSvc - ok 18:09:19.0354 0x1470 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 18:09:19.0367 0x1470 Appinfo - ok 18:09:19.0377 0x1470 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 18:09:19.0386 0x1470 arc - ok 18:09:19.0398 0x1470 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 18:09:19.0407 0x1470 arcsas - ok 18:09:19.0486 0x1470 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 18:09:19.0496 0x1470 aspnet_state - ok 18:09:19.0517 0x1470 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 18:09:19.0562 0x1470 AsyncMac - ok 18:09:19.0589 0x1470 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 18:09:19.0596 0x1470 atapi - ok 18:09:19.0647 0x1470 [ 417B9BAB376E8E50F6770196656FD348, 8E9856FA16AF6AFA2B9619335DA54799502FFDA7B481802C3DA4A54919D2DAFB ] athur C:\Windows\system32\DRIVERS\athurx.sys 18:09:19.0720 0x1470 athur - ok 18:09:19.0772 0x1470 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 18:09:19.0802 0x1470 AudioEndpointBuilder - ok 18:09:19.0816 0x1470 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll 18:09:19.0838 0x1470 AudioSrv - ok 18:09:19.0882 0x1470 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe 18:09:19.0898 0x1470 AVP15.0.0 - ok 18:09:19.0917 0x1470 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 18:09:19.0933 0x1470 AxInstSV - ok 18:09:19.0961 0x1470 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 18:09:19.0987 0x1470 b06bdrv - ok 18:09:20.0004 0x1470 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 18:09:20.0022 0x1470 b57nd60a - ok 18:09:20.0027 0x1470 BBSvc - ok 18:09:20.0040 0x1470 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 18:09:20.0061 0x1470 BDESVC - ok 18:09:20.0069 0x1470 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 18:09:20.0099 0x1470 Beep - ok 18:09:20.0127 0x1470 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 18:09:20.0152 0x1470 BFE - ok 18:09:20.0175 0x1470 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 18:09:20.0226 0x1470 BITS - ok 18:09:20.0239 0x1470 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 18:09:20.0257 0x1470 blbdrive - ok 18:09:20.0277 0x1470 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 18:09:20.0302 0x1470 bowser - ok 18:09:20.0308 0x1470 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 18:09:20.0319 0x1470 BrFiltLo - ok 18:09:20.0326 0x1470 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 18:09:20.0336 0x1470 BrFiltUp - ok 18:09:20.0359 0x1470 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 18:09:20.0371 0x1470 Browser - ok 18:09:20.0384 0x1470 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 18:09:20.0412 0x1470 Brserid - ok 18:09:20.0425 0x1470 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 18:09:20.0444 0x1470 BrSerWdm - ok 18:09:20.0457 0x1470 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 18:09:20.0467 0x1470 BrUsbMdm - ok 18:09:20.0470 0x1470 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 18:09:20.0478 0x1470 BrUsbSer - ok 18:09:20.0490 0x1470 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 18:09:20.0505 0x1470 BTHMODEM - ok 18:09:20.0523 0x1470 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 18:09:20.0552 0x1470 bthserv - ok 18:09:20.0564 0x1470 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 18:09:20.0593 0x1470 cdfs - ok 18:09:20.0605 0x1470 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 18:09:20.0622 0x1470 cdrom - ok 18:09:20.0632 0x1470 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 18:09:20.0660 0x1470 CertPropSvc - ok 18:09:20.0672 0x1470 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 18:09:20.0684 0x1470 circlass - ok 18:09:20.0697 0x1470 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 18:09:20.0711 0x1470 CLFS - ok 18:09:20.0761 0x1470 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:09:20.0770 0x1470 clr_optimization_v2.0.50727_32 - ok 18:09:20.0796 0x1470 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 18:09:20.0805 0x1470 clr_optimization_v2.0.50727_64 - ok 18:09:20.0854 0x1470 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:09:20.0865 0x1470 clr_optimization_v4.0.30319_32 - ok 18:09:20.0878 0x1470 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 18:09:20.0890 0x1470 clr_optimization_v4.0.30319_64 - ok 18:09:20.0906 0x1470 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys 18:09:20.0924 0x1470 CmBatt - ok 18:09:20.0945 0x1470 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 18:09:20.0952 0x1470 cmdide - ok 18:09:20.0989 0x1470 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys 18:09:21.0010 0x1470 CNG - ok 18:09:21.0022 0x1470 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys 18:09:21.0030 0x1470 Compbatt - ok 18:09:21.0038 0x1470 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 18:09:21.0049 0x1470 CompositeBus - ok 18:09:21.0051 0x1470 COMSysApp - ok 18:09:21.0114 0x1470 cpuz134 - ok 18:09:21.0120 0x1470 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 18:09:21.0128 0x1470 crcdisk - ok 18:09:21.0159 0x1470 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll 18:09:21.0171 0x1470 CryptSvc - ok 18:09:21.0233 0x1470 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE 18:09:21.0255 0x1470 cvhsvc - ok 18:09:21.0280 0x1470 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 18:09:21.0325 0x1470 DcomLaunch - ok 18:09:21.0342 0x1470 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 18:09:21.0377 0x1470 defragsvc - ok 18:09:21.0390 0x1470 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 18:09:21.0427 0x1470 DfsC - ok 18:09:21.0455 0x1470 [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys 18:09:21.0464 0x1470 dg_ssudbus - ok 18:09:21.0481 0x1470 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 18:09:21.0505 0x1470 Dhcp - ok 18:09:21.0519 0x1470 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 18:09:21.0546 0x1470 discache - ok 18:09:21.0564 0x1470 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 18:09:21.0572 0x1470 Disk - ok 18:09:21.0594 0x1470 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 18:09:21.0613 0x1470 Dnscache - ok 18:09:21.0633 0x1470 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 18:09:21.0674 0x1470 dot3svc - ok 18:09:21.0694 0x1470 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 18:09:21.0729 0x1470 DPS - ok 18:09:21.0756 0x1470 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 18:09:21.0768 0x1470 drmkaud - ok 18:09:21.0790 0x1470 [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys 18:09:21.0801 0x1470 dtsoftbus01 - ok 18:09:21.0836 0x1470 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 18:09:21.0861 0x1470 DXGKrnl - ok 18:09:21.0875 0x1470 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 18:09:21.0904 0x1470 EapHost - ok 18:09:21.0981 0x1470 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 18:09:22.0086 0x1470 ebdrv - ok 18:09:22.0114 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe 18:09:22.0128 0x1470 EFS - ok 18:09:22.0184 0x1470 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 18:09:22.0209 0x1470 ehRecvr - ok 18:09:22.0222 0x1470 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 18:09:22.0244 0x1470 ehSched - ok 18:09:22.0263 0x1470 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 18:09:22.0281 0x1470 elxstor - ok 18:09:22.0295 0x1470 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 18:09:22.0308 0x1470 ErrDev - ok 18:09:22.0327 0x1470 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys 18:09:22.0333 0x1470 etdrv - ok 18:09:22.0354 0x1470 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 18:09:22.0399 0x1470 EventSystem - ok 18:09:22.0417 0x1470 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 18:09:22.0447 0x1470 exfat - ok 18:09:22.0466 0x1470 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 18:09:22.0497 0x1470 fastfat - ok 18:09:22.0583 0x1470 [ DA3D456D51197ED22631C066B5B32569, B8B7975E6702D7FB6FC9FD1EE81CB440B2C50921C080CB1B3C44226BC4DA22A7 ] FastTrackProAudioDevMon C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe 18:09:22.0638 0x1470 FastTrackProAudioDevMon - ok 18:09:22.0658 0x1470 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 18:09:22.0683 0x1470 Fax - ok 18:09:22.0690 0x1470 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 18:09:22.0699 0x1470 fdc - ok 18:09:22.0707 0x1470 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 18:09:22.0752 0x1470 fdPHost - ok 18:09:22.0758 0x1470 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 18:09:22.0788 0x1470 FDResPub - ok 18:09:22.0795 0x1470 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 18:09:22.0803 0x1470 FileInfo - ok 18:09:22.0816 0x1470 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 18:09:22.0856 0x1470 Filetrace - ok 18:09:22.0858 0x1470 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 18:09:22.0866 0x1470 flpydisk - ok 18:09:22.0880 0x1470 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 18:09:22.0893 0x1470 FltMgr - ok 18:09:22.0937 0x1470 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 18:09:22.0973 0x1470 FontCache - ok 18:09:23.0005 0x1470 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 18:09:23.0013 0x1470 FontCache3.0.0.0 - ok 18:09:23.0023 0x1470 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 18:09:23.0031 0x1470 FsDepends - ok 18:09:23.0054 0x1470 [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys 18:09:23.0060 0x1470 fssfltr - ok 18:09:23.0117 0x1470 [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe 18:09:23.0175 0x1470 fsssvc - ok 18:09:23.0192 0x1470 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 18:09:23.0200 0x1470 Fs_Rec - ok 18:09:23.0231 0x1470 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 18:09:23.0244 0x1470 fvevol - ok 18:09:23.0264 0x1470 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 18:09:23.0272 0x1470 gagp30kx - ok 18:09:23.0310 0x1470 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys 18:09:23.0316 0x1470 gdrv - ok 18:09:23.0386 0x1470 [ 024299B2B0E1C11320A4592570D8DE20, 16FB3982E718F2834D1272D400F92AD6319A0C197227C5D61AF87B3C8D2D4759 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 18:09:23.0422 0x1470 GfExperienceService - ok 18:09:23.0454 0x1470 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 18:09:23.0496 0x1470 gpsvc - ok 18:09:23.0560 0x1470 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:09:23.0568 0x1470 gupdate - ok 18:09:23.0572 0x1470 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 18:09:23.0579 0x1470 gupdatem - ok 18:09:23.0604 0x1470 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys 18:09:23.0610 0x1470 GVTDrv64 - ok 18:09:23.0616 0x1470 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 18:09:23.0634 0x1470 hcw85cir - ok 18:09:23.0657 0x1470 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 18:09:23.0680 0x1470 HdAudAddService - ok 18:09:23.0689 0x1470 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 18:09:23.0708 0x1470 HDAudBus - ok 18:09:23.0719 0x1470 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 18:09:23.0735 0x1470 HidBatt - ok 18:09:23.0746 0x1470 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 18:09:23.0759 0x1470 HidBth - ok 18:09:23.0762 0x1470 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 18:09:23.0773 0x1470 HidIr - ok 18:09:23.0783 0x1470 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 18:09:23.0810 0x1470 hidserv - ok 18:09:23.0836 0x1470 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 18:09:23.0844 0x1470 HidUsb - ok 18:09:23.0859 0x1470 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 18:09:23.0887 0x1470 hkmsvc - ok 18:09:23.0906 0x1470 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 18:09:23.0920 0x1470 HomeGroupListener - ok 18:09:23.0941 0x1470 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 18:09:23.0963 0x1470 HomeGroupProvider - ok 18:09:23.0966 0x1470 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 18:09:23.0975 0x1470 HpSAMD - ok 18:09:23.0999 0x1470 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 18:09:24.0052 0x1470 HTTP - ok 18:09:24.0062 0x1470 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 18:09:24.0069 0x1470 hwpolicy - ok 18:09:24.0082 0x1470 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys 18:09:24.0093 0x1470 i8042prt - ok 18:09:24.0118 0x1470 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 18:09:24.0134 0x1470 iaStorV - ok 18:09:24.0171 0x1470 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe 18:09:24.0191 0x1470 ICCS - detected UnsignedFile.Multi.Generic ( 1 ) 18:09:26.0890 0x1470 Detect skipped due to KSN trusted 18:09:26.0890 0x1470 ICCS - ok 18:09:26.0949 0x1470 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 18:09:26.0954 0x1470 IDriverT - detected UnsignedFile.Multi.Generic ( 1 ) 18:09:29.0810 0x1470 Detect skipped due to KSN trusted 18:09:29.0810 0x1470 IDriverT - ok 18:09:29.0869 0x1470 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 18:09:29.0895 0x1470 idsvc - ok 18:09:29.0903 0x1470 IEEtwCollectorService - ok 18:09:29.0912 0x1470 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 18:09:29.0919 0x1470 iirsp - ok 18:09:29.0952 0x1470 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 18:09:29.0980 0x1470 IKEEXT - ok 18:09:30.0000 0x1470 [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 18:09:30.0018 0x1470 Intel(R) Capability Licensing Service Interface - ok 18:09:30.0045 0x1470 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 18:09:30.0053 0x1470 intelide - ok 18:09:30.0064 0x1470 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 18:09:30.0073 0x1470 intelppm - ok 18:09:30.0090 0x1470 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 18:09:30.0122 0x1470 IPBusEnum - ok 18:09:30.0130 0x1470 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 18:09:30.0158 0x1470 IpFilterDriver - ok 18:09:30.0192 0x1470 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 18:09:30.0222 0x1470 iphlpsvc - ok 18:09:30.0231 0x1470 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 18:09:30.0245 0x1470 IPMIDRV - ok 18:09:30.0251 0x1470 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 18:09:30.0289 0x1470 IPNAT - ok 18:09:30.0294 0x1470 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 18:09:30.0311 0x1470 IRENUM - ok 18:09:30.0320 0x1470 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 18:09:30.0327 0x1470 isapnp - ok 18:09:30.0359 0x1470 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 18:09:30.0372 0x1470 iScsiPrt - ok 18:09:30.0379 0x1470 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys 18:09:30.0385 0x1470 iusb3hcs - ok 18:09:30.0399 0x1470 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys 18:09:30.0411 0x1470 iusb3hub - ok 18:09:30.0437 0x1470 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys 18:09:30.0457 0x1470 iusb3xhc - ok 18:09:30.0496 0x1470 [ 166FC0B36842135BC2D3C32DF70ED0D6, 83319957ECEFFF372C683C56DC6ECD34CD4B16A98F3F602E48108B124D07D975 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 18:09:30.0504 0x1470 jhi_service - ok 18:09:30.0517 0x1470 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 18:09:30.0525 0x1470 kbdclass - ok 18:09:30.0542 0x1470 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 18:09:30.0551 0x1470 kbdhid - ok 18:09:30.0555 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe 18:09:30.0563 0x1470 KeyIso - ok 18:09:30.0602 0x1470 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys 18:09:30.0617 0x1470 kl1 - ok 18:09:30.0639 0x1470 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys 18:09:30.0648 0x1470 klflt - ok 18:09:30.0688 0x1470 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys 18:09:30.0698 0x1470 klhk - ok 18:09:30.0720 0x1470 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys 18:09:30.0742 0x1470 KLIF - ok 18:09:30.0751 0x1470 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys 18:09:30.0757 0x1470 KLIM6 - ok 18:09:30.0783 0x1470 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys 18:09:30.0789 0x1470 klkbdflt - ok 18:09:30.0806 0x1470 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys 18:09:30.0812 0x1470 klmouflt - ok 18:09:30.0814 0x1470 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys 18:09:30.0820 0x1470 klpd - ok 18:09:30.0827 0x1470 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys 18:09:30.0833 0x1470 kltdi - ok 18:09:30.0841 0x1470 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys 18:09:30.0850 0x1470 kneps - ok 18:09:30.0874 0x1470 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 18:09:30.0883 0x1470 KSecDD - ok 18:09:30.0917 0x1470 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 18:09:30.0927 0x1470 KSecPkg - ok 18:09:30.0936 0x1470 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 18:09:30.0966 0x1470 ksthunk - ok 18:09:30.0988 0x1470 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 18:09:31.0031 0x1470 KtmRm - ok 18:09:31.0053 0x1470 [ B8040D3B97B16B89701E31A17353856C, 41690ACB26536B0AA1CC3B5388F824C9C1CD9648957C8488BAE5F3D57BEE3D85 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys 18:09:31.0061 0x1470 L1C - ok 18:09:31.0073 0x1470 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 18:09:31.0113 0x1470 LanmanServer - ok 18:09:31.0130 0x1470 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 18:09:31.0164 0x1470 LanmanWorkstation - ok 18:09:31.0186 0x1470 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 18:09:31.0224 0x1470 lltdio - ok 18:09:31.0236 0x1470 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 18:09:31.0278 0x1470 lltdsvc - ok 18:09:31.0286 0x1470 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 18:09:31.0321 0x1470 lmhosts - ok 18:09:31.0362 0x1470 [ C56E64BA70DC822B84D100A6F8D690D3, 1F511FBDDDD6E8CC83C8D0BD152BBE8C4C9E103D2DDED93564DC0FB9962DD040 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 18:09:31.0373 0x1470 LMS - ok 18:09:31.0398 0x1470 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 18:09:31.0408 0x1470 LSI_FC - ok 18:09:31.0413 0x1470 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 18:09:31.0423 0x1470 LSI_SAS - ok 18:09:31.0434 0x1470 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 18:09:31.0443 0x1470 LSI_SAS2 - ok 18:09:31.0449 0x1470 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 18:09:31.0459 0x1470 LSI_SCSI - ok 18:09:31.0473 0x1470 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 18:09:31.0512 0x1470 luafv - ok 18:09:31.0619 0x1470 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys 18:09:31.0716 0x1470 LVUVC64 - ok 18:09:31.0739 0x1470 [ 6AA6B239CFCD14870EB186FE0651A434, 8D3378CCE6E020B9F464E2160F0F1A7F16AAEBC7825370BE7A02FFAB4883DBEA ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv.sys 18:09:31.0747 0x1470 ManyCam - ok 18:09:31.0786 0x1470 [ 75D01CE9C57DB0B57114BB3B01D40A74, E7F4D3EED220EC8558B2EB934DE691AEB2AE4F195C9ACA673579C81BEF501496 ] MAUSBFASTTRACKPRO C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys 18:09:31.0795 0x1470 MAUSBFASTTRACKPRO - ok 18:09:31.0808 0x1470 MBAMSwissArmy - ok 18:09:31.0817 0x1470 [ 4C017AF4CBC57A36C75A270184CC86CB, F6FC22955BD047145B3E43400576530FE351AD68AA2A2EA4F80FF463435F5360 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys 18:09:31.0823 0x1470 mcaudrv_simple - ok 18:09:31.0836 0x1470 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 18:09:31.0849 0x1470 Mcx2Svc - ok 18:09:31.0858 0x1470 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 18:09:31.0866 0x1470 megasas - ok 18:09:31.0873 0x1470 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 18:09:31.0886 0x1470 MegaSR - ok 18:09:31.0900 0x1470 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 18:09:31.0906 0x1470 MEIx64 - ok 18:09:31.0911 0x1470 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 18:09:31.0947 0x1470 MMCSS - ok 18:09:31.0960 0x1470 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 18:09:31.0991 0x1470 Modem - ok 18:09:32.0000 0x1470 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 18:09:32.0029 0x1470 monitor - ok 18:09:32.0038 0x1470 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 18:09:32.0046 0x1470 mouclass - ok 18:09:32.0055 0x1470 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 18:09:32.0073 0x1470 mouhid - ok 18:09:32.0081 0x1470 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 18:09:32.0090 0x1470 mountmgr - ok 18:09:32.0137 0x1470 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 18:09:32.0146 0x1470 MozillaMaintenance - ok 18:09:32.0160 0x1470 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 18:09:32.0171 0x1470 mpio - ok 18:09:32.0186 0x1470 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 18:09:32.0215 0x1470 mpsdrv - ok 18:09:32.0239 0x1470 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 18:09:32.0284 0x1470 MpsSvc - ok 18:09:32.0304 0x1470 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 18:09:32.0315 0x1470 MRxDAV - ok 18:09:32.0341 0x1470 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 18:09:32.0353 0x1470 mrxsmb - ok 18:09:32.0370 0x1470 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 18:09:32.0384 0x1470 mrxsmb10 - ok 18:09:32.0396 0x1470 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 18:09:32.0408 0x1470 mrxsmb20 - ok 18:09:32.0422 0x1470 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 18:09:32.0430 0x1470 msahci - ok 18:09:32.0442 0x1470 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 18:09:32.0452 0x1470 msdsm - ok 18:09:32.0464 0x1470 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 18:09:32.0477 0x1470 MSDTC - ok 18:09:32.0481 0x1470 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 18:09:32.0516 0x1470 Msfs - ok 18:09:32.0522 0x1470 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 18:09:32.0549 0x1470 mshidkmdf - ok 18:09:32.0560 0x1470 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 18:09:32.0567 0x1470 msisadrv - ok 18:09:32.0589 0x1470 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 18:09:32.0628 0x1470 MSiSCSI - ok 18:09:32.0630 0x1470 msiserver - ok 18:09:32.0645 0x1470 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 18:09:32.0676 0x1470 MSKSSRV - ok 18:09:32.0683 0x1470 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 18:09:32.0712 0x1470 MSPCLOCK - ok 18:09:32.0720 0x1470 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 18:09:32.0747 0x1470 MSPQM - ok 18:09:32.0765 0x1470 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 18:09:32.0780 0x1470 MsRPC - ok 18:09:32.0786 0x1470 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 18:09:32.0793 0x1470 mssmbios - ok 18:09:32.0806 0x1470 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 18:09:32.0833 0x1470 MSTEE - ok 18:09:32.0843 0x1470 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 18:09:32.0852 0x1470 MTConfig - ok 18:09:32.0866 0x1470 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 18:09:32.0874 0x1470 Mup - ok 18:09:32.0899 0x1470 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 18:09:32.0943 0x1470 napagent - ok 18:09:32.0975 0x1470 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 18:09:33.0001 0x1470 NativeWifiP - ok 18:09:33.0046 0x1470 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 18:09:33.0072 0x1470 NDIS - ok 18:09:33.0083 0x1470 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 18:09:33.0110 0x1470 NdisCap - ok 18:09:33.0118 0x1470 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 18:09:33.0145 0x1470 NdisTapi - ok 18:09:33.0157 0x1470 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 18:09:33.0183 0x1470 Ndisuio - ok 18:09:33.0194 0x1470 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 18:09:33.0234 0x1470 NdisWan - ok 18:09:33.0246 0x1470 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 18:09:33.0272 0x1470 NDProxy - ok 18:09:33.0275 0x1470 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 18:09:33.0312 0x1470 NetBIOS - ok 18:09:33.0325 0x1470 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 18:09:33.0356 0x1470 NetBT - ok 18:09:33.0363 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe 18:09:33.0372 0x1470 Netlogon - ok 18:09:33.0390 0x1470 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 18:09:33.0426 0x1470 Netman - ok 18:09:33.0472 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:09:33.0483 0x1470 NetMsmqActivator - ok 18:09:33.0487 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:09:33.0498 0x1470 NetPipeActivator - ok 18:09:33.0515 0x1470 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 18:09:33.0552 0x1470 netprofm - ok 18:09:33.0557 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:09:33.0568 0x1470 NetTcpActivator - ok 18:09:33.0572 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 18:09:33.0582 0x1470 NetTcpPortSharing - ok 18:09:33.0600 0x1470 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 18:09:33.0607 0x1470 nfrd960 - ok 18:09:33.0641 0x1470 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll 18:09:33.0661 0x1470 NlaSvc - ok 18:09:33.0672 0x1470 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 18:09:33.0699 0x1470 Npfs - ok 18:09:33.0709 0x1470 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 18:09:33.0737 0x1470 nsi - ok 18:09:33.0744 0x1470 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 18:09:33.0782 0x1470 nsiproxy - ok 18:09:33.0844 0x1470 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 18:09:33.0900 0x1470 Ntfs - ok 18:09:33.0909 0x1470 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 18:09:33.0944 0x1470 Null - ok 18:09:33.0965 0x1470 [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys 18:09:33.0975 0x1470 NVHDA - ok 18:09:34.0264 0x1470 [ 185B4FFECD886A424B57B58AE173FBBE, 7CFD51694091035639B900EC64FAD62CC1E5F3DC520F59CC27540B170A957C60 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 18:09:34.0517 0x1470 nvlddmkm - ok 18:09:34.0592 0x1470 [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 18:09:34.0643 0x1470 NvNetworkService - ok 18:09:34.0656 0x1470 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 18:09:34.0666 0x1470 nvraid - ok 18:09:34.0683 0x1470 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 18:09:34.0693 0x1470 nvstor - ok 18:09:34.0734 0x1470 [ D6E22C63F1F2B2B5B5E95F70BEBDB2BC, 5BE351CB15218EBC7F0C9B5919A8949BD61FEC6182123B589DF50B44C8A3CA9E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 18:09:34.0740 0x1470 NvStreamKms - ok 18:09:35.0150 0x1470 [ C982FE172EA1C7B840C4243C5AB3F8BE, 7CC5BC1F9817E8E0910775FB1EC943345900829D4702538CA7A6138FDF0FAA7F ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe 18:09:35.0647 0x1470 NvStreamSvc - ok 18:09:35.0692 0x1470 [ E1CE82592245B9E9621F17FBF457DB4E, 98B021623B10EBF7ED370BC2516D8377C09E9E2BB49BD96F492F55006B1B8CC4 ] nvsvc C:\Windows\system32\nvvsvc.exe 18:09:35.0715 0x1470 nvsvc - ok 18:09:35.0731 0x1470 [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 18:09:35.0737 0x1470 nvvad_WaveExtensible - ok 18:09:35.0750 0x1470 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 18:09:35.0760 0x1470 nv_agp - ok 18:09:35.0774 0x1470 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 18:09:35.0820 0x1470 ohci1394 - ok 18:09:35.0974 0x1470 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:09:36.0005 0x1470 ose - ok 18:09:36.0159 0x1470 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:09:36.0286 0x1470 osppsvc - ok 18:09:36.0317 0x1470 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 18:09:36.0336 0x1470 p2pimsvc - ok 18:09:36.0355 0x1470 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 18:09:36.0374 0x1470 p2psvc - ok 18:09:36.0388 0x1470 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys 18:09:36.0406 0x1470 Parport - ok 18:09:36.0414 0x1470 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 18:09:36.0422 0x1470 partmgr - ok 18:09:36.0435 0x1470 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 18:09:36.0462 0x1470 PcaSvc - ok 18:09:36.0470 0x1470 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 18:09:36.0481 0x1470 pci - ok 18:09:36.0499 0x1470 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 18:09:36.0506 0x1470 pciide - ok 18:09:36.0519 0x1470 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 18:09:36.0530 0x1470 pcmcia - ok 18:09:36.0544 0x1470 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 18:09:36.0552 0x1470 pcw - ok 18:09:36.0569 0x1470 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 18:09:36.0617 0x1470 PEAUTH - ok 18:09:36.0664 0x1470 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 18:09:36.0678 0x1470 PerfHost - ok 18:09:36.0721 0x1470 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 18:09:36.0798 0x1470 pla - ok 18:09:36.0830 0x1470 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 18:09:36.0856 0x1470 PlugPlay - ok 18:09:36.0861 0x1470 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 18:09:36.0879 0x1470 PNRPAutoReg - ok 18:09:36.0886 0x1470 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 18:09:36.0902 0x1470 PNRPsvc - ok 18:09:36.0931 0x1470 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 18:09:36.0969 0x1470 PolicyAgent - ok 18:09:36.0989 0x1470 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 18:09:37.0019 0x1470 Power - ok 18:09:37.0036 0x1470 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 18:09:37.0065 0x1470 PptpMiniport - ok 18:09:37.0068 0x1470 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 18:09:37.0086 0x1470 Processor - ok 18:09:37.0116 0x1470 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll 18:09:37.0139 0x1470 ProfSvc - ok 18:09:37.0148 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe 18:09:37.0156 0x1470 ProtectedStorage - ok 18:09:37.0167 0x1470 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 18:09:37.0206 0x1470 Psched - ok 18:09:37.0258 0x1470 [ 3A6898A1E5B03C892DAEB114275C914E, 2778E73AEC6435C34D5C590846E26C092E2E0F48185FF9160E9241F0CBAAA8B3 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys 18:09:37.0262 0x1470 PxHlpa64 - detected UnsignedFile.Multi.Generic ( 1 ) 18:09:40.0177 0x1470 PxHlpa64 ( UnsignedFile.Multi.Generic ) - warning 18:09:42.0970 0x1470 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 18:09:43.0016 0x1470 ql2300 - ok 18:09:43.0028 0x1470 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 18:09:43.0038 0x1470 ql40xx - ok 18:09:43.0052 0x1470 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 18:09:43.0070 0x1470 QWAVE - ok 18:09:43.0077 0x1470 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 18:09:43.0090 0x1470 QWAVEdrv - ok 18:09:43.0099 0x1470 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 18:09:43.0126 0x1470 RasAcd - ok 18:09:43.0145 0x1470 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 18:09:43.0182 0x1470 RasAgileVpn - ok 18:09:43.0194 0x1470 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 18:09:43.0224 0x1470 RasAuto - ok 18:09:43.0237 0x1470 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 18:09:43.0275 0x1470 Rasl2tp - ok 18:09:43.0292 0x1470 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 18:09:43.0328 0x1470 RasMan - ok 18:09:43.0341 0x1470 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 18:09:43.0371 0x1470 RasPppoe - ok 18:09:43.0374 0x1470 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 18:09:43.0403 0x1470 RasSstp - ok 18:09:43.0418 0x1470 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 18:09:43.0451 0x1470 rdbss - ok 18:09:43.0459 0x1470 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 18:09:43.0470 0x1470 rdpbus - ok 18:09:43.0477 0x1470 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 18:09:43.0503 0x1470 RDPCDD - ok 18:09:43.0512 0x1470 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 18:09:43.0547 0x1470 RDPENCDD - ok 18:09:43.0553 0x1470 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 18:09:43.0580 0x1470 RDPREFMP - ok 18:09:43.0608 0x1470 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 18:09:43.0632 0x1470 RDPWD - ok 18:09:43.0644 0x1470 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 18:09:43.0656 0x1470 rdyboost - ok 18:09:43.0665 0x1470 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 18:09:43.0695 0x1470 RemoteAccess - ok 18:09:43.0720 0x1470 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 18:09:43.0751 0x1470 RemoteRegistry - ok 18:09:43.0772 0x1470 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 18:09:43.0810 0x1470 RpcEptMapper - ok 18:09:43.0819 0x1470 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 18:09:43.0829 0x1470 RpcLocator - ok 18:09:43.0847 0x1470 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 18:09:43.0885 0x1470 RpcSs - ok 18:09:43.0895 0x1470 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 18:09:43.0924 0x1470 rspndr - ok 18:09:43.0931 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe 18:09:43.0939 0x1470 SamSs - ok 18:09:43.0949 0x1470 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 18:09:43.0958 0x1470 sbp2port - ok 18:09:43.0971 0x1470 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 18:09:44.0003 0x1470 SCardSvr - ok 18:09:44.0012 0x1470 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 18:09:44.0038 0x1470 scfilter - ok 18:09:44.0065 0x1470 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 18:09:44.0118 0x1470 Schedule - ok 18:09:44.0133 0x1470 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 18:09:44.0160 0x1470 SCPolicySvc - ok 18:09:44.0201 0x1470 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys 18:09:44.0207 0x1470 ScreamBAudioSvc - ok 18:09:44.0244 0x1470 [ 1CA5A783B10EC897FCE91CF220D6C517, DCBCD9E90C73F883B9A55D972CF99F25373049B7684E6738E1E213A20369A5E6 ] scvad_simple C:\Windows\system32\drivers\SplitCamAudio.sys 18:09:44.0262 0x1470 scvad_simple - ok 18:09:44.0277 0x1470 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 18:09:44.0290 0x1470 SDRSVC - ok 18:09:44.0297 0x1470 SeaPort - ok 18:09:44.0302 0x1470 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 18:09:44.0334 0x1470 secdrv - ok 18:09:44.0345 0x1470 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 18:09:44.0373 0x1470 seclogon - ok 18:09:44.0380 0x1470 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 18:09:44.0409 0x1470 SENS - ok 18:09:44.0417 0x1470 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 18:09:44.0428 0x1470 SensrSvc - ok 18:09:44.0440 0x1470 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys 18:09:44.0456 0x1470 Serenum - ok 18:09:44.0470 0x1470 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys 18:09:44.0490 0x1470 Serial - ok 18:09:44.0497 0x1470 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 18:09:44.0513 0x1470 sermouse - ok 18:09:44.0527 0x1470 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 18:09:44.0565 0x1470 SessionEnv - ok 18:09:44.0573 0x1470 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 18:09:44.0584 0x1470 sffdisk - ok 18:09:44.0590 0x1470 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 18:09:44.0601 0x1470 sffp_mmc - ok 18:09:44.0603 0x1470 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 18:09:44.0618 0x1470 sffp_sd - ok 18:09:44.0620 0x1470 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 18:09:44.0629 0x1470 sfloppy - ok 18:09:44.0671 0x1470 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys 18:09:44.0692 0x1470 Sftfs - ok 18:09:44.0747 0x1470 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe 18:09:44.0764 0x1470 sftlist - ok 18:09:44.0780 0x1470 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys 18:09:44.0792 0x1470 Sftplay - ok 18:09:44.0813 0x1470 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys 18:09:44.0820 0x1470 Sftredir - ok 18:09:44.0843 0x1470 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys 18:09:44.0850 0x1470 Sftvol - ok 18:09:44.0858 0x1470 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe 18:09:44.0869 0x1470 sftvsa - ok 18:09:44.0899 0x1470 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 18:09:44.0938 0x1470 SharedAccess - ok 18:09:44.0952 0x1470 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 18:09:44.0987 0x1470 ShellHWDetection - ok 18:09:45.0007 0x1470 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 18:09:45.0014 0x1470 SiSRaid2 - ok 18:09:45.0029 0x1470 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 18:09:45.0038 0x1470 SiSRaid4 - ok 18:09:45.0042 0x1470 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 18:09:45.0081 0x1470 Smb - ok 18:09:45.0091 0x1470 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 18:09:45.0101 0x1470 SNMPTRAP - ok 18:09:45.0103 0x1470 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 18:09:45.0110 0x1470 spldr - ok 18:09:45.0147 0x1470 [ 64065FFE37680ACACE4D2C8F3CF20541, F6D2883509C6B49180385AE850A6A50052C6450B7CC3DAFDEF551895EE37D444 ] splitcam_hd_driver C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys 18:09:45.0154 0x1470 splitcam_hd_driver - ok 18:09:45.0191 0x1470 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 18:09:45.0211 0x1470 Spooler - ok 18:09:45.0292 0x1470 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 18:09:45.0410 0x1470 sppsvc - ok 18:09:45.0425 0x1470 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 18:09:45.0454 0x1470 sppuinotify - ok 18:09:45.0479 0x1470 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 18:09:45.0508 0x1470 srv - ok 18:09:45.0526 0x1470 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 18:09:45.0548 0x1470 srv2 - ok 18:09:45.0562 0x1470 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 18:09:45.0573 0x1470 srvnet - ok 18:09:45.0587 0x1470 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 18:09:45.0619 0x1470 SSDPSRV - ok 18:09:45.0632 0x1470 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 18:09:45.0661 0x1470 SstpSvc - ok 18:09:45.0689 0x1470 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C, B206AA8F4BA7C1E15561B4F2011FA483C5401B0300914F747804A116CCE972BF ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys 18:09:45.0699 0x1470 ssudmdm - ok 18:09:45.0751 0x1470 [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 18:09:45.0768 0x1470 Steam Client Service - ok 18:09:45.0812 0x1470 [ A9425CB7D5A698EA49BE0DF55A448E68, 2DB5B00D6AAB6D0D60EFE5FE26C50FD1AB3D4F9E2BA2EAD8A0BE1F1AF9082C12 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe 18:09:45.0825 0x1470 Stereo Service - ok 18:09:45.0836 0x1470 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 18:09:45.0843 0x1470 stexstor - ok 18:09:45.0876 0x1470 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 18:09:45.0914 0x1470 stisvc - ok 18:09:45.0919 0x1470 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 18:09:45.0926 0x1470 swenum - ok 18:09:45.0942 0x1470 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 18:09:45.0981 0x1470 swprv - ok 18:09:46.0023 0x1470 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 18:09:46.0087 0x1470 SysMain - ok 18:09:46.0096 0x1470 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 18:09:46.0112 0x1470 TabletInputService - ok 18:09:46.0126 0x1470 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 18:09:46.0182 0x1470 TapiSrv - ok 18:09:46.0188 0x1470 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 18:09:46.0218 0x1470 TBS - ok 18:09:46.0263 0x1470 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 18:09:46.0319 0x1470 Tcpip - ok 18:09:46.0372 0x1470 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 18:09:46.0414 0x1470 TCPIP6 - ok 18:09:46.0444 0x1470 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 18:09:46.0452 0x1470 tcpipreg - ok 18:09:46.0466 0x1470 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 18:09:46.0483 0x1470 TDPIPE - ok 18:09:46.0500 0x1470 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 18:09:46.0514 0x1470 TDTCP - ok 18:09:46.0526 0x1470 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 18:09:46.0554 0x1470 tdx - ok 18:09:46.0562 0x1470 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 18:09:46.0570 0x1470 TermDD - ok 18:09:46.0599 0x1470 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 18:09:46.0625 0x1470 TermService - ok 18:09:46.0638 0x1470 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 18:09:46.0651 0x1470 Themes - ok 18:09:46.0670 0x1470 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 18:09:46.0698 0x1470 THREADORDER - ok 18:09:46.0702 0x1470 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 18:09:46.0740 0x1470 TrkWks - ok 18:09:46.0774 0x1470 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 18:09:46.0804 0x1470 TrustedInstaller - ok 18:09:46.0829 0x1470 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 18:09:46.0847 0x1470 tssecsrv - ok 18:09:46.0856 0x1470 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 18:09:46.0865 0x1470 TsUsbFlt - ok 18:09:46.0868 0x1470 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 18:09:46.0886 0x1470 TsUsbGD - ok 18:09:46.0899 0x1470 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 18:09:46.0931 0x1470 tunnel - ok 18:09:46.0934 0x1470 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 18:09:46.0943 0x1470 uagp35 - ok 18:09:46.0957 0x1470 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 18:09:46.0991 0x1470 udfs - ok 18:09:47.0000 0x1470 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 18:09:47.0011 0x1470 UI0Detect - ok 18:09:47.0017 0x1470 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 18:09:47.0026 0x1470 uliagpkx - ok 18:09:47.0042 0x1470 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 18:09:47.0055 0x1470 umbus - ok 18:09:47.0060 0x1470 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 18:09:47.0068 0x1470 UmPass - ok 18:09:47.0124 0x1470 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe 18:09:47.0138 0x1470 UMVPFSrv - ok 18:09:47.0205 0x1470 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9, 0D256DC2A6B867E7077DD3A5C18FF0345D2FEEC7A2245B037530761248BC9FB1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 18:09:47.0217 0x1470 UNS - ok 18:09:47.0232 0x1470 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 18:09:47.0277 0x1470 upnphost - ok 18:09:47.0311 0x1470 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 18:09:47.0333 0x1470 usbaudio - ok 18:09:47.0344 0x1470 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 18:09:47.0354 0x1470 usbccgp - ok 18:09:47.0379 0x1470 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 18:09:47.0396 0x1470 usbcir - ok 18:09:47.0421 0x1470 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys 18:09:47.0429 0x1470 usbehci - ok 18:09:47.0458 0x1470 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 18:09:47.0475 0x1470 usbhub - ok 18:09:47.0494 0x1470 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys 18:09:47.0502 0x1470 usbohci - ok 18:09:47.0513 0x1470 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys 18:09:47.0523 0x1470 usbprint - ok 18:09:47.0559 0x1470 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys 18:09:47.0570 0x1470 usbrndis6 - ok 18:09:47.0573 0x1470 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 18:09:47.0588 0x1470 USBSTOR - ok 18:09:47.0613 0x1470 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 18:09:47.0627 0x1470 usbuhci - ok 18:09:47.0641 0x1470 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys 18:09:47.0660 0x1470 usbvideo - ok 18:09:47.0672 0x1470 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 18:09:47.0705 0x1470 UxSms - ok 18:09:47.0722 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe 18:09:47.0731 0x1470 VaultSvc - ok 18:09:47.0750 0x1470 [ 4006E66939B4D716C990256CF93D4BC1, 5E9366D8B684768B0188077C05B52B29D43B9A401A73D81045B9823458334223 ] VBAudioVACMME C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys 18:09:47.0756 0x1470 VBAudioVACMME - ok 18:09:47.0765 0x1470 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 18:09:47.0772 0x1470 vdrvroot - ok 18:09:47.0794 0x1470 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 18:09:47.0844 0x1470 vds - ok 18:09:47.0856 0x1470 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 18:09:47.0866 0x1470 vga - ok 18:09:47.0878 0x1470 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 18:09:47.0913 0x1470 VgaSave - ok 18:09:47.0928 0x1470 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 18:09:47.0940 0x1470 vhdmp - ok 18:09:48.0013 0x1470 [ E8AF45C4FE2457D003E1842806F38748, 8A76560E89BC73E9792D0AA3094A524CCAF4CC379B38EC0C96CD4FB6F9C9CCBE ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys 18:09:48.0059 0x1470 VIAHdAudAddService - ok 18:09:48.0082 0x1470 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 18:09:48.0089 0x1470 viaide - ok 18:09:48.0096 0x1470 [ 05D6657A9CCFD269D05D41BFFDCE9498, BAB97FBE22442174737AA4C7A881AE69A6105AE19F1F0C5D93D9DEEAA7100C78 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe 18:09:48.0103 0x1470 VIAKaraokeService - ok 18:09:48.0114 0x1470 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 18:09:48.0122 0x1470 volmgr - ok 18:09:48.0134 0x1470 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 18:09:48.0148 0x1470 volmgrx - ok 18:09:48.0164 0x1470 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 18:09:48.0178 0x1470 volsnap - ok 18:09:48.0198 0x1470 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 18:09:48.0208 0x1470 vsmraid - ok 18:09:48.0248 0x1470 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 18:09:48.0320 0x1470 VSS - ok 18:09:48.0332 0x1470 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 18:09:48.0353 0x1470 vwifibus - ok 18:09:48.0366 0x1470 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 18:09:48.0379 0x1470 vwififlt - ok 18:09:48.0400 0x1470 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 18:09:48.0419 0x1470 vwifimp - ok 18:09:48.0440 0x1470 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 18:09:48.0477 0x1470 W32Time - ok 18:09:48.0487 0x1470 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 18:09:48.0499 0x1470 WacomPen - ok 18:09:48.0514 0x1470 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 18:09:48.0542 0x1470 WANARP - ok 18:09:48.0545 0x1470 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 18:09:48.0571 0x1470 Wanarpv6 - ok 18:09:48.0612 0x1470 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 18:09:48.0674 0x1470 wbengine - ok 18:09:48.0686 0x1470 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 18:09:48.0704 0x1470 WbioSrvc - ok 18:09:48.0723 0x1470 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 18:09:48.0745 0x1470 wcncsvc - ok 18:09:48.0756 0x1470 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 18:09:48.0770 0x1470 WcsPlugInService - ok 18:09:48.0778 0x1470 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 18:09:48.0785 0x1470 Wd - ok 18:09:48.0824 0x1470 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 18:09:48.0848 0x1470 Wdf01000 - ok 18:09:48.0862 0x1470 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll 18:09:48.0887 0x1470 WdiServiceHost - ok 18:09:48.0890 0x1470 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll 18:09:48.0904 0x1470 WdiSystemHost - ok 18:09:48.0937 0x1470 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 18:09:48.0958 0x1470 WebClient - ok 18:09:48.0969 0x1470 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 18:09:49.0009 0x1470 Wecsvc - ok 18:09:49.0015 0x1470 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 18:09:49.0044 0x1470 wercplsupport - ok 18:09:49.0066 0x1470 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 18:09:49.0096 0x1470 WerSvc - ok 18:09:49.0106 0x1470 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 18:09:49.0132 0x1470 WfpLwf - ok 18:09:49.0144 0x1470 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 18:09:49.0151 0x1470 WIMMount - ok 18:09:49.0165 0x1470 WinDefend - ok 18:09:49.0175 0x1470 WinHttpAutoProxySvc - ok 18:09:49.0214 0x1470 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 18:09:49.0246 0x1470 Winmgmt - ok 18:09:49.0298 0x1470 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll 18:09:49.0396 0x1470 WinRM - ok 18:09:49.0432 0x1470 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 18:09:49.0444 0x1470 WinUsb - ok 18:09:49.0469 0x1470 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 18:09:49.0511 0x1470 Wlansvc - ok 18:09:49.0550 0x1470 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe 18:09:49.0557 0x1470 wlcrasvc - ok 18:09:49.0626 0x1470 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE 18:09:49.0674 0x1470 wlidsvc - ok 18:09:49.0686 0x1470 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 18:09:49.0707 0x1470 WmiAcpi - ok 18:09:49.0723 0x1470 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 18:09:49.0748 0x1470 wmiApSrv - ok 18:09:49.0755 0x1470 WMPNetworkSvc - ok 18:09:49.0768 0x1470 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 18:09:49.0777 0x1470 WPCSvc - ok 18:09:49.0791 0x1470 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 18:09:49.0804 0x1470 WPDBusEnum - ok 18:09:49.0809 0x1470 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 18:09:49.0846 0x1470 ws2ifsl - ok 18:09:49.0857 0x1470 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 18:09:49.0880 0x1470 wscsvc - ok 18:09:49.0882 0x1470 WSearch - ok 18:09:49.0940 0x1470 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 18:09:50.0013 0x1470 wuauserv - ok 18:09:50.0040 0x1470 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 18:09:50.0050 0x1470 WudfPf - ok 18:09:50.0064 0x1470 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 18:09:50.0077 0x1470 WUDFRd - ok 18:09:50.0102 0x1470 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 18:09:50.0118 0x1470 wudfsvc - ok 18:09:50.0140 0x1470 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 18:09:50.0161 0x1470 WwanSvc - ok 18:09:50.0177 0x1470 XFDriver64 - ok 18:09:50.0192 0x1470 ================ Scan global =============================== 18:09:50.0204 0x1470 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 18:09:50.0232 0x1470 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 18:09:50.0242 0x1470 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 18:09:50.0251 0x1470 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 18:09:50.0263 0x1470 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 18:09:50.0268 0x1470 [ Global ] - ok 18:09:50.0269 0x1470 ================ Scan MBR ================================== 18:09:50.0286 0x1470 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 18:09:50.0428 0x1470 \Device\Harddisk0\DR0 - ok 18:09:50.0428 0x1470 ================ Scan VBR ================================== 18:09:50.0430 0x1470 [ D7E31CD7547993BD4C4DFA14B69B452B ] \Device\Harddisk0\DR0\Partition1 18:09:50.0461 0x1470 \Device\Harddisk0\DR0\Partition1 - ok 18:09:50.0462 0x1470 [ 960266048CE9D70E476D262D5BAFAA0E ] \Device\Harddisk0\DR0\Partition2 18:09:50.0482 0x1470 \Device\Harddisk0\DR0\Partition2 - ok 18:09:50.0483 0x1470 ================ Scan generic autorun ====================== 18:09:50.0551 0x1470 [ 381474F8A4477CF4951553EF530B0ED5, 6C2CB69E072EC2BF8C4EBB93DB400CF9358CC7C4FDA24E3B9B422FFAD089462F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 18:09:50.0610 0x1470 NvBackend - ok 18:09:50.0618 0x1470 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 18:09:50.0642 0x1470 ShadowPlay - ok 18:09:50.0688 0x1470 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 18:09:50.0742 0x1470 Sidebar - ok 18:09:50.0759 0x1470 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 18:09:50.0785 0x1470 mctadmin - ok 18:09:50.0821 0x1470 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 18:09:50.0855 0x1470 Sidebar - ok 18:09:50.0859 0x1470 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 18:09:50.0873 0x1470 mctadmin - ok 18:09:50.0874 0x1470 SplitCam - ok 18:09:50.0875 0x1470 Waiting for KSN requests completion. In queue: 169 18:09:51.0875 0x1470 Waiting for KSN requests completion. In queue: 169 18:09:52.0875 0x1470 Waiting for KSN requests completion. In queue: 169 18:09:53.0876 0x1470 Waiting for KSN requests completion. In queue: 169 18:09:54.0904 0x1470 AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x40000 ( disabled : updated ) 18:09:54.0906 0x1470 Win FW state via NFP2: enabled 18:09:57.0582 0x1470 ============================================================ 18:09:57.0582 0x1470 Scan finished 18:09:57.0582 0x1470 ============================================================ 18:09:57.0586 0x1468 Detected object count: 1 18:09:57.0586 0x1468 Actual detected object count: 1 18:12:03.0000 0x1468 PxHlpa64 ( UnsignedFile.Multi.Generic ) - skipped by user 18:12:03.0000 0x1468 PxHlpa64 ( UnsignedFile.Multi.Generic ) - User select action: Skip |
|
06.12.2014, 18:20
| #22 |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen? Prima!  So gehts weiter: (Bitte Anleitung von ESET genau befolgen, keine Funde löschen lassen! Bitte das Log wie beschrieben suchen und posten. Erst danach ESET deinstallieren.) Schritt 1 ESET Online Scanner
Schritt 2 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Scan. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.  Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2014, 20:40
| #23 |
| | Virus trotz Kaspersky Anti-Virus; was machen? ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=e418aa4558fcf047ba6c94a3610fa621 # engine=21431 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2014-12-06 06:40:15 # local_time=2014-12-06 07:40:15 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='Kaspersky Anti-Virus' # compatibility_mode=1297 16777213 100 100 7251 21963897 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 100889 169521065 0 0 # scanned=195344 # found=7 # cleaned=0 # scan_time=3619 sh=A7E55C336AB5504ED0AE3BBD292CF508769FE131 ft=1 fh=3ba8fc19ca14dfb1 vn="Variante von Win32/Adware.Adpeak.Q Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\007\nkdytjtjsw32.exe.vir" sh=281D834970C90ECD048476AE1136529645770B59 ft=1 fh=efc6b242fb35efa3 vn="Win32/AdWare.Snoozer.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Roaming\Snz\Snz.exe.vir" sh=457335C7D7CF3B76BDA5156BDFC9D2E55F5EB26E ft=1 fh=733834ea60493ef0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Documents\VesrchiedenesExterneFestplatte\Downloads\Integrated_CT2325506.exe" sh=A42746BED8197CE59F7181649CD9AC70F79BB263 ft=1 fh=9db60c75f362b3ab vn="Variante von Win32/InstallCore.RA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe" sh=4166FF2B539249C501AD5C82ECC3D31B73B363EF ft=1 fh=c71c0011e8464a4f vn="Variante von Win32/InstallCore.JW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\COMPUTER_BILD-Download-Manager_fuer_Cryptload_1.1.8.exe" sh=4B61C7AD2DE57CA534748AA440347C798B716F13 ft=1 fh=1ebee16eba4b502c vn="Variante von Win32/InstallCore.SF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\FileOpenerSetup.exe" sh=D57F3E1A299D21C8756399BF6D3862B22D423BD4 ft=1 fh=44c22873969d6f1e vn="Win32/WinloadSDA.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\Moorhuhn-2-Setup.exe" FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014 02
Ran by Max at 2014-12-06 20:39:17
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: - Steinberg Media Technologies GmbH)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version: - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
06-12-2014 16:20:25 zoek.exe restore point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-07-18 21:24 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2012-07-18 20:59 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-11-26 18:37 - 2014-11-26 18:37 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
========================= Accounts: ==========================
Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/06/2014 08:35:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/06/2014 06:36:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/06/2014 06:36:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/06/2014 05:40:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2014 05:28:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1188
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/06/2014 05:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x10a8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (12/06/2014 05:39:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/06/2014 05:29:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/06/2014 05:29:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/06/2014 05:29:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/06/2014 05:29:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/06/2014 05:29:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/06/2014 04:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 11:54:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (12/05/2014 11:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/05/2014 11:10:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (12/06/2014 08:35:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (12/06/2014 06:36:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Downloads\esetsmartinstaller_deu.exe
Error: (12/06/2014 06:36:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Downloads\esetsmartinstaller_deu.exe
Error: (12/06/2014 05:40:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2014 05:28:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425118801d0116e1df422efC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf2efb030-7d64-11e4-bb28-025536366034
Error: (12/06/2014 05:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d664800000030000142510a801d0116d5fc07374C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf071bf67-7d64-11e4-bb28-025536366034
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-12-04 21:53:43.825
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.823
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.822
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.802
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.801
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-04 21:53:43.799
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.449
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-12-03 22:29:23.418
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 16346.33 MB
Available physical RAM: 12184.09 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 28322.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:771.51 GB) (Free:625.57 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014 02
Ran by Max (administrator) on MAX-PC on 06-12-2014 20:38:49
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\wmi64.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\user.js
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]
Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR StartMenuInternet: Google Chrome - chrome.exe
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 18:35 - 2014-12-06 18:35 - 02347384 _____ (ESET) C:\Users\Max\Downloads\esetsmartinstaller_deu.exe
2014-12-06 18:07 - 2014-12-06 18:08 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller(1).exe
2014-12-06 17:35 - 2014-12-06 17:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-06 17:20 - 2014-12-06 18:06 - 00066850 _____ () C:\zoek-results.log
2014-12-06 17:19 - 2014-12-06 17:33 - 00000000 ____D () C:\zoek_backup
2014-12-06 17:19 - 2014-12-06 17:19 - 01295360 _____ () C:\Users\Max\Desktop\zoek.exe
2014-12-06 16:59 - 2014-12-06 20:38 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-12-06 02:02 - 2014-12-06 02:03 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 01:43 - 2014-12-06 01:43 - 00000615 _____ () C:\Users\Max\Desktop\ckfiles.txt
2014-12-06 01:41 - 2014-12-06 01:41 - 00468480 _____ () C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 01:24 - 2014-12-06 01:36 - 153463376 _____ (Steinberg Media Technologies GmbH) C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 01:24 - 2014-12-06 01:29 - 58948264 _____ () C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-06 00:33 - 2014-12-06 00:33 - 00000000 ____D () C:\AV-CLS
2014-12-05 23:51 - 2014-12-05 23:51 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 23:11 - 2014-12-05 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 23:11 - 2014-12-05 23:11 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-12-05 23:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 23:10 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 23:10 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 23:08 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-05 23:08 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-05 23:08 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-05 23:08 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 23:03 - 2014-12-05 23:07 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-06 17:01 - 00021780 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-06 20:39 - 00018565 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-06 20:38 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-06 20:38 - 02119168 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-06 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-06 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-06 19:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-06 20:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 20:36 - 2012-07-18 20:50 - 01729480 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 19:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 18:32 - 2009-07-14 05:51 - 00030102 _____ () C:\Windows\setupact.log
2014-12-06 18:06 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 17:46 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-06 17:46 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 17:39 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 17:39 - 2010-11-21 04:47 - 00773478 _____ () C:\Windows\PFRO.log
2014-12-06 17:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 17:29 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-06 17:28 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-06 17:04 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-06 02:04 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 02:04 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 01:50 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-06 01:32 - 2012-07-30 14:39 - 00010016 _____ () C:\Windows\DPINST.LOG
2014-12-06 01:32 - 2012-07-30 14:39 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-12-06 01:32 - 2012-07-30 14:39 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-12-06 01:31 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 23:43 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-12-05 23:12 - 2014-04-07 16:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA
2014-12-05 23:11 - 2012-07-18 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-05 23:11 - 2012-07-18 21:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-05 23:10 - 2012-07-18 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-17 23:18 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00009702 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2013-02-25 23:32 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2012-07-18 21:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2012-07-18 21:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2012-07-18 21:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:29 - 2012-07-18 21:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-25 14:27
==================== End Of Log ============================
--- --- --- |
|
06.12.2014, 20:50
| #24 |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen? Hat es Dir die Sprache verschlagen oder gibts keine Probleme mehr? 
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2014, 21:41
| #25 |
| | Virus trotz Kaspersky Anti-Virus; was machen? Hey Danke für die Hilfe bisher läuft alles irgendwie wieder besser !! Vielen Dank )).. Nur abundzumal sprang das Bild runter im Browser, ohne das ich gescrollt habe, und manche tabs im explorer fangen an blinken (manchmal), was ursprünglcih auch nicht so war. mhh.. doch ich habe sogar das Gefühl das mein PC um einiges leiser geworden ist !! Vielen Dank erstmal Soll ich Kaspersky vllt nocheinmal Neuinstallieren? Da ich meine bei der erstinstallation eine Fehlermeldung gesehn zu haben, die ich aber schnell weggeklickt habe, und seitdem hat Kasperky auch nichts von einer Unvollständigkeit gemeldet oder so :/ |
|
06.12.2014, 21:45
| #26 |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen? Welche Browser sind/waren denn betroffen? Kannst Du bitte mal schauen welche Addons Du im Firefox einsehen kannst. Würde gerne wissen was das ist: {12989559-84f2-47aa-a442-5e69f9d26720}
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2014, 22:59
| #27 |
| | Virus trotz Kaspersky Anti-Virus; was machen? Modul zum Sperren von gefährlichen Webseiten; habe ich galube ich als einziges aktives AddOn. Was das ist kann ich auch nicht Beantworten.. :/ |
|
06.12.2014, 23:12
| #28 |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen? Schritt 1  Drücke bitte die  + R Taste und schreibe notepad in das Ausführen Fenster.Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument: Code:
ATTFilter CloseProcesses:
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
EmptyTemp:
Nach dem Reboot: Schritt 2 Bitte starte FRST erneut, und drücke auf Scan. Bitte poste mir den Inhalt des Logs.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
06.12.2014, 23:21
| #29 |
| | Virus trotz Kaspersky Anti-Virus; was machen? mhh .. in welchem ordner denn abspeichern?? :O die Textdatei? ?? |
|
06.12.2014, 23:22
| #30 |
| /// TB-Ausbilder /// Anleitungs-Guru | Virus trotz Kaspersky Anti-Virus; was machen?Code:
ATTFilter C:\Users\Max\Downloads
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
Linear-Darstellung
