Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Massive Lagspikes, vermutlich verursacht durch Chrome

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 23.04.2015, 17:59   #1
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Hi,

ich habe seit ca. 1 Woche das Problem, dass ich beim surfen und spielen ich zwischendrin massive Lagspikes habe und man mich somit nicht mehr im TS versteht und das Spiel unspielbar wird durch rubberbanding und lags.
Ich habe das Gefühl es liegt an Google Chrome, da ich wenn ich Chrome schließe ich lagfrei spielen kann (kein Langzeittest).
Meine Frage an euch Profis: Wie kann ich das Problem beheben und weiterhin Chrome nutzen?

Edit: Windows 7 Ultimate 64 Bit

Hier der Malwarebytes Anti Malware Log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 22.04.2015
Suchlauf-Zeit: 20:46:31
Logdatei: Log.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.04.22.05
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: zingaRo

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 371151
Verstrichene Zeit: 4 Min, 58 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 8
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64, In Quarantäne, [b1ece18e2f5b7bbbc5d74aa14ab9b54b],
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [5b42b8b7117978be08fab18a39cc8f71],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [68359ed1286294a2006e757a57ac8779],
PUP.Optional.DealKeeper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Deal Keeper, In Quarantäne, [316c6b04008afe385f792cc0e81b2dd3],
PUP.Optional.DealKeeper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Deal Keeper, In Quarantäne, [cdd0f07f038789ad3a9fa84442c12bd5],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [2875b6b905857fb7934f64acc63e48b8],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [1489b8b746446acc417148de679edf21],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [0d90e58ac8c2df579cd11fd08d76e61a],

Registrierungswerte: 2
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\extensions\faststartff@gmail.com, In Quarantäne, [c6d7c1aecac0f442a65a71d419ec9f61]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\INSTALLCORE|tb, 0F1S1Q1K0I1S1U2X, In Quarantäne, [1489b8b746446acc417148de679edf21]

Registrierungsdaten: 7
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[adf0f07f6228cf67f73e46bf42c4728e]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[d6c7343bb2d806304fe660a533d32ed2]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[f4a94827e0aa3afc7f5c8e76ba4c6b95]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}),Ersetzt,[9ffe4e2105857fb76cc6c24339cd926e]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[623bf57a2a6085b17eb428ddd92d956b]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[524b1f5097f3ff37ba7892737b8be31d]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}),Ersetzt,[bbe2c7a8b2d8171f76bcdb2a937317e9]

Ordner: 2
PUP.Optional.SearchProtect.A, C:\Users\zingaRo\AppData\Local\SearchProtect, In Quarantäne, [cfcedc93eb9f41f5bdfd2d740bf8f40c],
PUP.Optional.SearchProtect.A, C:\Users\zingaRo\AppData\Local\SearchProtect\Logs, In Quarantäne, [cfcedc93eb9f41f5bdfd2d740bf8f40c],

Dateien: 9
PUP.Optional.RegCleanPro, C:\Windows\System32\roboot64.exe, In Quarantäne, [3c617bf49ded38fe5a9eebe1c63b5ea2],
PUP.Optional.Somoto, C:\Users\zingaRo\AppData\Local\Temp\bitool.dll, In Quarantäne, [bae369063e4c191d9ac5599e43bfc937],
PUP.Optional.InstallCore, C:\Users\zingaRo\AppData\Local\Temp\JDSetup130508504551650272.exe, In Quarantäne, [c2dba3cc553583b37965dd8ac540ca36],
PUP.Optional.Somoto, C:\Users\zingaRo\AppData\Local\Temp\nsrF8ED.tmp, In Quarantäne, [5f3e0a658208b87e8253382b0005cb35],
PUP.Optional.SearchHijacker.A, C:\Users\zingaRo\AppData\Local\Temp\is1201216051\2EF59781_stp\July15_www.sweet-page.com.exe, In Quarantäne, [5a43115e018984b251d9b311dd24ec14],
PUP.Optional.SkyTech.A, C:\Users\zingaRo\AppData\Local\Temp\4553606\4553606.zip, In Quarantäne, [fca1214e3f4b41f5fef3956f1be7ab55],
PUP.Optional.SkyTech.A, C:\Users\zingaRo\AppData\Local\Temp\4553606\4553606.zipDir\Engine.dll, In Quarantäne, [039af07f008a1b1bf8f945bf13ef32ce],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys, In Quarantäne, [b1ece18e2f5b7bbbc5d74aa14ab9b54b],
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [4855551a008a8caa52af1427ff0631cf],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Geändert von hannesbannes (23.04.2015 um 18:10 Uhr)

Alt 23.04.2015, 19:17   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 23.04.2015, 19:26   #3
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Hi,

danke für die schnelle Antwort. Hier die beiden Dateien als Anhang.
Habe übrigens probiert Firefox zu benutzen. Habe dennoch diese massiven Pingeinbrüche was mich vollkommen unverständlich im TS macht
__________________
Angehängte Dateien
Dateityp: txt Addition.txt (22,9 KB, 104x aufgerufen)

Alt 24.04.2015, 12:56   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.04.2015, 13:13   #5
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Sorry, hier noch mal richtig eingefügt.

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-04-2015
Ran by zingaRo (administrator) on ZINGARO-PC on 23-04-2015 20:23:12
Running from D:\Downloads
Loaded Profiles: zingaRo (Available profiles: zingaRo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\System32\hale.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2014-07-27] ()
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-09] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [HotKeyMan] => C:\Program Files\Hotkeyman\HotKeyMan.exe
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [appnhost] => C:\Users\zingaRo\AppData\Local\Mixesoft\AppNHost\appnhost.exe
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [GoogleChromeAutoLaunch_9ED792177584901FE5BC343ED119EBE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [51840 2015-03-04] (Locktime Software)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\MountPoints2: {44daa0cd-db69-11e4-878f-bc5ff4c9bbf1} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\MountPoints2: {86dee987-abca-11e4-9177-bc5ff4c9bbf1} - F:\LaunchU3.exe -a
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\MountPoints2: {8f1d25c3-8acb-11e4-893a-bc5ff4c9bbf1} - F:\Autorun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-01] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = www.bing.com
HKU\S-1-5-21-1841660470-402669-2913087601-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1841660470-402669-2913087601-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF user.js: detected! => C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\user.js [2014-07-27]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\sweet-page.xml [2014-07-26]
FF Extension: Adblock Plus - C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-08]
CHR Extension: (Google Drive) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-08]
CHR Extension: (YouTube) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-08]
CHR Extension: (Google Search) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-08]
CHR Extension: (Click&Clean) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-08-08]
CHR Extension: (BetaFish Adblocker) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-08]
CHR Extension: (Bookmark Manager) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Avast Online Security) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-08]
CHR Extension: (Speed Dial 2) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2014-10-14]
CHR Extension: (Auto HD For YouTube™) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-08]
CHR Extension: (Click&Clean App) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-08-08]
CHR Extension: (Gmail) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-01] (AVAST Software)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [329344 2015-03-04] (Locktime Software)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-07-27] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-08-04] (Microsoft Corporation) [File not signed]
S1 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-05-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-07] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [98080 2015-03-22] (<Turtle Entertainment>)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [8704 2014-08-13] (Windows (R) Win 7 DDK provider) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [125360 2015-03-04] (Locktime Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2012-01-05] ()
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [38400 2014-08-13] (SteelSeries ApS) [File not signed]
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2015-01-19] (Nicomsoft Ltd.)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 ESEADriver2; \??\C:\Users\zingaRo\AppData\Local\Temp\ESEADriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 20:23 - 2015-04-23 20:23 - 00000000 ____D () C:\FRST
2015-04-22 20:46 - 2015-04-23 19:05 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-22 20:46 - 2015-04-22 20:46 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-22 20:46 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-22 20:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-22 20:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-22 20:29 - 2015-04-22 20:29 - 00001156 _____ () C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Locktime Software
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Locktime
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\ProgramData\Locktime
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Program Files\Locktime Software
2015-04-21 20:57 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-21 20:56 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-21 20:56 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-21 18:56 - 2015-04-22 23:48 - 00000211 _____ () C:\Users\zingaRo\Desktop\passwörter jeff.txt
2015-04-17 20:05 - 2015-04-17 20:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 11:34 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 11:34 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 11:34 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 11:34 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 11:34 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 11:34 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 11:34 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 11:34 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 11:34 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 11:34 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 11:34 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:34 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 11:34 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 11:34 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 11:34 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 11:34 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 11:34 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 11:34 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 11:34 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 11:34 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:34 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:34 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 11:34 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 11:34 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 11:34 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 11:34 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 11:34 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 11:34 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:34 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 11:34 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 11:34 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 11:34 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 11:34 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 11:34 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 11:34 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 11:34 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 11:34 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 11:34 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 11:34 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 11:34 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 11:34 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 11:34 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 11:34 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 11:34 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 11:34 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:34 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 11:34 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 11:34 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 11:34 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:34 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 11:34 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 11:34 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 11:34 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 11:34 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:34 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 11:34 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:34 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 11:34 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 11:34 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 11:34 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 11:34 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 11:34 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 11:34 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 11:34 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 11:34 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 11:34 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 11:34 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 11:34 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 11:34 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:34 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 11:34 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 11:34 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 11:34 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 11:34 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 11:34 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 11:34 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 11:34 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 11:34 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:34 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 11:34 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 11:34 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 11:34 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 11:34 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 11:34 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 11:34 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 11:34 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 11:34 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 11:34 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 11:34 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 11:34 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 11:34 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 11:33 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 11:33 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 11:33 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-06 03:16 - 2015-04-06 03:16 - 00000165 _____ () C:\Users\zingaRo\Desktop\arena.txt
2015-04-05 09:56 - 2015-04-05 09:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-03 11:07 - 2015-04-03 11:09 - 00000000 ____D () C:\Users\zingaRo\Documents\Heroes of the Storm
2015-03-31 10:57 - 2015-03-30 15:25 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-30 13:48 - 2015-03-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Dolby Advanced Audio v2
2015-03-30 13:48 - 2015-03-30 13:48 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-30 13:29 - 2012-01-05 15:08 - 00046728 _____ () C:\Windows\system32\Drivers\ren2cap.sys
2015-03-30 13:28 - 2015-03-30 13:28 - 00000000 _____ () C:\END

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-23 20:19 - 2014-07-26 13:00 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\TS3Client
2015-04-23 20:09 - 2014-07-26 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-23 20:07 - 2014-07-26 13:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-23 19:41 - 2014-07-26 12:36 - 01944391 _____ () C:\Windows\WindowsUpdate.log
2015-04-23 19:09 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-23 19:09 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 16:11 - 2014-08-08 19:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-23 14:31 - 2014-07-26 17:08 - 00000000 ____D () C:\Users\zingaRo\AppData\Local\Battle.net
2015-04-23 09:42 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-23 09:42 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-23 09:42 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 09:36 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-23 09:36 - 2010-11-21 05:47 - 01013410 _____ () C:\Windows\PFRO.log
2015-04-23 09:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-23 09:36 - 2009-07-14 06:51 - 00155209 _____ () C:\Windows\setupact.log
2015-04-22 23:13 - 2014-07-26 17:25 - 00000000 ____D () C:\JDownloader v2.0
2015-04-22 20:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\TAPI
2015-04-22 10:20 - 2014-07-26 18:26 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\vlc
2015-04-22 00:18 - 2014-07-26 12:38 - 00041574 _____ () C:\Windows\DPINST.LOG
2015-04-22 00:18 - 2014-07-26 12:38 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-04-22 00:18 - 2014-07-26 12:38 - 00000000 ____D () C:\Program Files\SteelSeries
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-19 02:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 14:52 - 2014-12-11 10:02 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 14:52 - 2014-07-26 14:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 02:01 - 2015-01-07 02:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 02:01 - 2014-07-26 12:50 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 02:00 - 2014-07-26 14:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 01:58 - 2014-07-26 14:39 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 01:58 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2015-04-15 19:12 - 2014-08-08 19:01 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 23:07 - 2014-07-26 13:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 23:07 - 2014-07-26 13:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 23:07 - 2014-07-26 13:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-09 02:58 - 2014-07-26 14:17 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2014-07-26 12:51 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-07-26 12:51 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2014-07-26 12:51 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-07-26 12:51 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-07-26 12:51 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-03 11:07 - 2014-07-26 17:08 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-31 10:58 - 2014-10-22 10:58 - 00000000 ____D () C:\Users\zingaRo\AppData\Local\Adobe
2015-03-28 05:44 - 2014-07-26 12:57 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-07-26 12:51 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-07-26 12:57 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-07-26 12:51 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2015-03-30 13:48 - 2015-03-30 13:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\zingaRo\AppData\Local\Temp\EslWireSetup-1.18.0.8101-x64.exe
C:\Users\zingaRo\AppData\Local\Temp\JDSetup130508617470237284.exe
C:\Users\zingaRo\AppData\Local\Temp\JDSetup130508619239518481.exe
C:\Users\zingaRo\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\zingaRo\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\zingaRo\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\zingaRo\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\zingaRo\AppData\Local\Temp\nv3DVStreaming.dll
C:\Users\zingaRo\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\zingaRo\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\zingaRo\AppData\Local\Temp\nvStInst.exe
C:\Users\zingaRo\AppData\Local\Temp\ose00000.exe
C:\Users\zingaRo\AppData\Local\Temp\proxy_vole4958387584412489546.dll
C:\Users\zingaRo\AppData\Local\Temp\Setup.exe
C:\Users\zingaRo\AppData\Local\Temp\vcredist_x64.exe
C:\Users\zingaRo\AppData\Local\Temp\vlc-2.1.5-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 22:09

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2015
Ran by zingaRo at 2015-04-23 20:23:34
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1841660470-402669-2913087601-500 - Administrator - Disabled)
Gast (S-1-5-21-1841660470-402669-2913087601-501 - Limited - Disabled)
zingaRo (S-1-5-21-1841660470-402669-2913087601-1000 - Administrator - Enabled) => C:\Users\zingaRo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 8.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.8.000 - Asmedia Technology)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5306 - CDBurnerXP)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
ESEA Client (HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\ESEA) (Version: 5.0.0.0 - E-Sports Entertainment LLC)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version:  - Turtle Entertainment GmbH)
Final Fantasy XIII Fullscreen Edition MULTi5 1.0 (HKLM-x32\...\Final Fantasy XIII Fullscreen Edition MULTi5 1.0) (Version:  - )
Fly'N (HKLM-x32\...\Fly'N_is1) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
HP LaserJet 200 color MFP M276 (HKLM-x32\...\{CC38C23C-7824-4DBB-AC73-997CD0BBFEC7}) (Version: 5.0.14057.1503 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM276DSService (x32 Version: 001.001.05874 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.8 - HP) Hidden
HPLaserJet200color-MFPM276_HelpLearnCenter_SI (HKLM-x32\...\{0F044C7A-6EE1-4F03-90AC-329AAF2FCF12}) (Version: 1.01.0000 - Hewlett-Packard)
HPLJDXPHelper (x32 Version: 020.021.004 - HP) Hidden
HPLJUTCore (x32 Version: 004.005.0001 - HP) Hidden
HPLJUTM276 (x32 Version: 3.00.0003 - HP) Hidden
hppFaxDrvM276 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.027.00856 - Hewlett-Packard) Hidden
hppM276LaserJetService (x32 Version: 001.019.00639 - Hewlett-Packard) Hidden
hppSendFaxM276 (x32 Version: 003.000.00002 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 050.037.00142 - Hewlett Packard) Hidden
hpStatusAlertsM276 (x32 Version: 050.034.00131 - Hewlett-Packard) Hidden
Intel(R) Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.0.0.102 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Life Is Strange (HKLM-x32\...\Life Is Strange_is1) (Version:  - SQUARE ENIX)
LJDXPHelperUI (x32 Version: 020.021.004 - HP) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 37.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 de)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 36.0.1 - Mozilla)
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.10.0) (Version: 4.0.10.0 - Locktime Software)
NetLimiter 4 (Version: 4.0.10.0 - Locktime Software) Hidden
NVIDIA 3D Vision Controller-Treiber 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafiktreiber 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Ori and the Blind Forest (HKLM-x32\...\Ori and the Blind Forest_is1) (Version:  - )
Papers Please v1.0.41 (HKLM-x32\...\UGFwZXJzUGxlYXNldjEwNDE=_is1) (Version: 1 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
This War of Mine (HKLM-x32\...\{5FD7B6B3-08C7-4FEE-9C37-A2134C699885}}_is1) (Version: 1 - 11 bit studios)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-04-2015 03:00:10 Windows Update
07-04-2015 02:13:39 Removed LogMeIn Hamachi
10-04-2015 15:30:35 Windows Update
14-04-2015 14:01:16 Windows Update
16-04-2015 01:56:57 Windows Update
21-04-2015 18:07:13 Windows Update
21-04-2015 20:57:42 NVIDIA PhysX wird entfernt
22-04-2015 20:29:33 Installed NetLimiter 4

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {3305290A-27D4-4B9F-9B55-4A47E5F6DA1F} - System32\Tasks\{8EC1A9AD-F260-4B0D-AC62-525F5E188462} => C:\Program Files (x86)\HP\HP LaserJet 200 color MFP M276\Bin\HPScan.exe [2011-11-01] (Hewlett-Packard Co.)
Task: {4CA161CB-75A7-4407-B4C1-D04A67195B2D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-08] (Google Inc.)
Task: {7FF236D9-F7BE-4B6F-A22B-C0C0ABD296A2} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {85AD4A8C-FE32-46F7-A451-AB687F0872A6} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {8F731DB7-EDC2-47A5-8A71-8C55A6EBA924} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {918A7FD8-1862-4106-AE77-ABD798FFF13A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {A2BF8B83-2346-4D59-AC60-2054F3BC04F8} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-01] (AVAST Software)
Task: {C809E1FB-0C58-4859-86D9-16CB7F07286E} - System32\Tasks\{A3A18D47-597F-4C67-B56A-1A504FFECD07} => C:\Program Files (x86)\HP\HP LaserJet 200 color MFP M276\Bin\HPScan.exe [2011-11-01] (Hewlett-Packard Co.)
Task: {D4660EDD-7E63-4233-ABEA-699AEF333D18} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {F71C3429-3F1F-4CAC-83A6-A8A43E2AACB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-08] (Google Inc.)
Task: {FDE742A1-3D42-4ECC-80B9-30BC281E632E} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2012-06-14] (Hewlett Packard)
Task: {FE18F637-4B50-43ED-858D-8EF66471DD2E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-07-26 12:51 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-03-22 01:23 - 2014-01-28 12:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2015-03-22 01:23 - 2014-10-09 16:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2014-07-27 02:03 - 2014-07-27 02:03 - 02169856 ___SH () C:\Windows\System32\hale.exe
2014-01-10 07:26 - 2014-01-10 07:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-08-01 13:05 - 2014-08-01 13:05 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2015-01-20 00:31 - 2015-01-20 00:31 - 02911744 _____ () C:\Program Files\AVAST Software\Avast\defs\15011901\algo.dll
2015-04-21 20:58 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-01 13:05 - 2014-08-01 13:05 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-10 07:28 - 2014-01-10 07:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-04-15 19:12 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 19:12 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2014-02-28 15:33 - 2014-02-28 15:33 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:45 - 2014-02-27 15:45 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-07-11 16:02 - 2014-08-09 08:35 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-07-11 16:02 - 2014-08-09 08:35 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-07-11 16:04 - 2014-08-09 08:35 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-07-14 10:21 - 2014-08-09 08:35 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-12-05 18:10 - 2015-03-10 08:37 - 00775680 _____ () d:\Steam\SDL2.dll
2015-01-20 01:30 - 2014-12-02 02:29 - 05002752 _____ () d:\Steam\v8.dll
2015-01-20 01:30 - 2014-12-02 02:29 - 01612800 _____ () d:\Steam\icui18n.dll
2015-01-20 01:30 - 2014-12-02 02:29 - 01210368 _____ () d:\Steam\icuuc.dll
2014-12-05 18:10 - 2015-04-14 01:44 - 02371776 _____ () d:\Steam\video.dll
2014-08-30 16:18 - 2014-12-01 23:31 - 02396672 _____ () d:\Steam\libavcodec-56.dll
2014-08-30 16:18 - 2014-12-01 23:31 - 00442880 _____ () d:\Steam\libavutil-54.dll
2014-08-30 16:18 - 2014-12-01 23:31 - 00479744 _____ () d:\Steam\libavformat-56.dll
2014-08-30 16:18 - 2014-12-01 23:31 - 00332800 _____ () d:\Steam\libavresample-2.dll
2014-08-30 16:18 - 2014-12-01 23:31 - 00485888 _____ () d:\Steam\libswscale-3.dll
2014-12-05 18:10 - 2015-04-14 01:44 - 00702656 _____ () D:\Steam\bin\chromehtml.DLL
2014-07-26 13:02 - 2015-02-25 03:58 - 34641288 _____ () D:\Steam\bin\libcef.dll
2014-08-14 20:44 - 2015-02-25 03:58 - 01709960 _____ () D:\Steam\bin\ffmpegsumo.dll
2015-04-15 19:12 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1841660470-402669-2913087601-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\zingaRo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Netzwerkcontroller
Description: Netzwerkcontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2015 09:36:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/23/2015 09:36:25 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/22/2015 08:52:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP DS Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/22/2015 08:52:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/22/2015 08:52:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Ereignisprotokoll" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/22/2015 08:52:42 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Ereignisprotokoll" wurde mit folgendem Fehler beendet: 
%%15007

Error: (04/22/2015 07:27:05 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/22/2015 07:26:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Deal Keeper" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/22/2015 07:26:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Deal Keeper" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/22/2015 00:02:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/22/2015 00:02:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Deal Keeper" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/23/2015 09:36:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Percentage of memory in use: 35%
Total physical RAM: 8122.35 MB
Available physical RAM: 5212.45 MB
Total Pagefile: 16242.89 MB
Available Pagefile: 11436.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:165.42 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:343.19 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 85A9044F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 8BC6542B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         


Alt 25.04.2015, 11:15   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Massive Lagspikes, vermutlich verursacht durch Chrome

Alt 25.04.2015, 14:00   #7
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Hi,

vielen Dank noch mal für die Mühe die ihr euch wegen meines Problems macht.
Habe Avast für die Laufzeit von ComboFix für 1h deaktiviert.
Beim ersten Durchlauf hat er mir dann "C:\End" angezeigt und es ging ewig nicht weiter.
Der zweite Versuch war erfolgreich.
Hier der Logfile:

Code:
ATTFilter
ComboFix 15-04-19.01 - zingaRo 25.04.2015  14:44:43.2.8 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8122.5296 [GMT 2:00]
ausgeführt von:: c:\users\zingaRo\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-03-25 bis 2015-04-25  ))))))))))))))))))))))))))))))
.
.
2015-04-25 12:51 . 2015-04-25 12:51	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-04-25 12:51 . 2015-04-25 12:51	--------	d-----w-	c:\users\admin\AppData\Local\temp
2015-04-24 05:55 . 2015-04-04 06:25	12032440	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{88D95C5E-08A3-4C9D-967C-E7882933FF51}\mpengine.dll
2015-04-23 18:23 . 2015-04-23 18:23	--------	d-----w-	C:\FRST
2015-04-22 18:46 . 2015-04-25 12:35	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-04-22 18:46 . 2015-04-22 18:46	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-04-22 18:46 . 2015-04-22 18:46	--------	d-----w-	c:\programdata\Malwarebytes
2015-04-22 18:46 . 2015-04-14 07:37	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-04-22 18:46 . 2015-04-14 07:37	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-04-22 18:46 . 2015-04-14 07:37	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-04-22 18:29 . 2015-04-22 18:29	--------	d-----w-	c:\users\zingaRo\AppData\Roaming\Locktime
2015-04-22 18:29 . 2015-04-22 18:29	--------	d-sh--w-	c:\windows\SysWow64\AI_RecycleBin
2015-04-22 18:29 . 2015-04-22 18:29	--------	d-----w-	c:\programdata\Locktime
2015-04-22 18:29 . 2015-04-22 18:29	--------	d-----w-	c:\program files\Locktime Software
2015-04-22 18:29 . 2015-04-22 18:29	--------	d-----w-	c:\users\zingaRo\AppData\Roaming\Locktime Software
2015-04-21 18:57 . 2015-04-08 20:32	560968	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-04-15 09:33 . 2015-03-04 04:55	367552	----a-w-	c:\windows\system32\clfs.sys
2015-04-15 09:33 . 2015-03-04 04:41	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-04-15 09:33 . 2015-03-04 04:10	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-04-05 01:00 . 2015-04-05 01:00	--------	d-s---w-	c:\windows\SysWow64\GWX
2015-04-05 01:00 . 2015-04-05 01:00	--------	d-s---w-	c:\windows\system32\GWX
2015-03-31 08:57 . 2015-03-30 13:25	33856	---ha-w-	c:\windows\system32\hamachi.sys
2015-03-30 11:48 . 2015-03-30 11:57	--------	d-----w-	c:\program files (x86)\Dolby Advanced Audio v2
2015-03-30 11:47 . 2015-03-30 11:47	--------	d-----w-	C:\DRIVERS
2015-03-30 11:29 . 2012-01-05 13:08	46728	----a-w-	c:\windows\system32\drivers\ren2cap.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-04-15 23:58 . 2014-07-26 12:39	128913832	----a-w-	c:\windows\system32\MRT.exe
2015-04-14 21:07 . 2014-07-26 11:03	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-14 21:07 . 2014-07-26 11:03	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-09 00:58 . 2014-07-26 12:17	14617288	----a-w-	c:\windows\SysWow64\nvwgf2um.dll
2015-04-09 00:58 . 2014-07-26 10:51	78480	----a-w-	c:\windows\system32\OpenCL.dll
2015-04-09 00:58 . 2014-07-26 10:51	66704	----a-w-	c:\windows\SysWow64\OpenCL.dll
2015-04-09 00:58 . 2014-07-26 10:48	3317344	----a-w-	c:\windows\system32\nvapi64.dll
2015-04-09 00:58 . 2014-07-26 10:48	2935416	----a-w-	c:\windows\SysWow64\nvapi.dll
2015-04-09 00:58 . 2014-07-26 10:48	17176128	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-04-09 00:58 . 2014-07-26 10:48	12689592	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-04-08 21:30 . 2014-07-26 10:51	6841488	----a-w-	c:\windows\system32\nvcpl.dll
2015-04-08 21:30 . 2014-07-26 10:51	3478344	----a-w-	c:\windows\system32\nvsvc64.dll
2015-04-08 21:30 . 2014-07-26 10:51	936264	----a-w-	c:\windows\system32\nvvsvc.exe
2015-04-08 21:30 . 2014-07-26 10:51	62608	----a-w-	c:\windows\system32\nvshext.dll
2015-04-08 21:30 . 2014-07-26 10:51	2558608	----a-w-	c:\windows\system32\nvsvcr.dll
2015-04-08 21:30 . 2014-07-26 10:51	385168	----a-w-	c:\windows\system32\nvmctray.dll
2015-04-08 17:52 . 2014-07-26 10:51	4336074	----a-w-	c:\windows\system32\nvcoproc.bin
2015-03-28 03:44 . 2014-07-26 10:57	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-03-28 03:44 . 2014-07-26 10:51	1316000	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-03-28 03:43 . 2014-07-26 10:57	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-03-28 03:43 . 2014-07-26 10:51	1570672	----a-w-	c:\windows\system32\nvspcap64.dll
2015-03-22 16:20 . 2015-03-22 16:20	98080	----a-w-	c:\windows\system32\drivers\ESLWireACD.sys
2015-03-17 04:56 . 2015-04-15 09:34	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-03-13 19:41 . 2015-03-18 14:42	1896136	----a-w-	c:\windows\system32\nvdispco6434788.dll
2015-03-13 19:41 . 2015-03-18 14:42	1557648	----a-w-	c:\windows\system32\nvdispgenco6434788.dll
2015-02-26 03:25 . 2015-03-11 13:53	3204096	----a-w-	c:\windows\system32\win32k.sys
2015-02-24 02:17 . 2010-11-21 03:27	295552	------w-	c:\windows\system32\MpSigStub.exe
2015-02-20 04:41 . 2015-03-11 13:53	41984	----a-w-	c:\windows\system32\lpk.dll
2015-02-20 04:40 . 2015-03-11 13:53	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-02-20 04:40 . 2015-03-11 13:53	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-02-20 04:40 . 2015-03-11 13:53	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-02-20 04:13 . 2015-03-11 13:53	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-02-20 04:13 . 2015-03-11 13:53	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-02-20 04:13 . 2015-03-11 13:53	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-02-20 04:12 . 2015-03-11 13:53	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-02-20 03:29 . 2015-03-11 13:53	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-02-20 03:09 . 2015-03-11 13:53	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-02-17 14:26 . 2015-02-17 14:26	1217184	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-02-16 15:20 . 2015-02-16 15:20	33856	---ha-w-	c:\windows\system32\drivers\hamachi.sys
2015-02-13 05:22 . 2015-03-11 13:53	14177280	----a-w-	c:\windows\system32\shell32.dll
2015-02-09 07:17 . 2015-02-09 07:17	40640	----a-w-	c:\windows\system32\drivers\RzSurroundVAD.sys
2015-02-07 10:04 . 2014-10-21 06:19	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-02-04 10:23 . 2015-02-04 10:23	875688	----a-w-	c:\windows\SysWow64\msvcr120_clr0400.dll
2015-02-04 10:13 . 2015-02-04 10:13	869536	----a-w-	c:\windows\system32\msvcr120_clr0400.dll
2015-02-04 03:16 . 2015-03-11 13:52	465920	----a-w-	c:\windows\system32\WMPhoto.dll
2015-02-04 02:54 . 2015-03-11 13:52	417792	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2015-02-03 09:11 . 2015-02-03 09:11	245760	----a-w-	c:\windows\system32\DriverInstallCACMD.exe
2015-02-03 09:11 . 2015-02-03 09:11	69632	----a-w-	c:\windows\system32\DriverInstallCA.dll
2015-02-03 03:34 . 2015-03-11 13:53	693176	----a-w-	c:\windows\system32\winload.efi
2015-02-03 03:34 . 2015-03-11 13:53	94656	----a-w-	c:\windows\system32\drivers\mountmgr.sys
2015-02-03 03:33 . 2015-03-11 13:53	616360	----a-w-	c:\windows\system32\winresume.efi
2015-02-03 03:31 . 2015-03-11 13:53	782848	----a-w-	c:\windows\system32\wmdrmsdk.dll
2015-02-03 03:31 . 2015-03-11 13:53	14632960	----a-w-	c:\windows\system32\wmp.dll
2015-02-03 03:31 . 2015-03-11 13:53	229376	----a-w-	c:\windows\system32\wintrust.dll
2015-02-03 03:31 . 2015-03-11 13:53	1424896	----a-w-	c:\windows\system32\WindowsCodecs.dll
2015-02-03 03:31 . 2015-03-11 13:53	215552	----a-w-	c:\windows\system32\ubpm.dll
2015-02-03 03:31 . 2015-03-11 13:53	5120	----a-w-	c:\windows\system32\msdxm.ocx
2015-02-03 03:31 . 2015-03-11 13:53	5120	----a-w-	c:\windows\system32\dxmasf.dll
2015-02-03 03:31 . 2015-03-11 13:53	63488	----a-w-	c:\windows\system32\setbcdlocale.dll
2015-02-03 03:31 . 2015-03-11 13:53	1574400	----a-w-	c:\windows\system32\quartz.dll
2015-02-03 03:31 . 2015-03-11 13:53	500224	----a-w-	c:\windows\system32\AUDIOKSE.dll
2015-02-03 03:31 . 2015-03-11 13:53	371712	----a-w-	c:\windows\system32\qdvd.dll
2015-02-03 03:31 . 2015-03-11 13:53	188416	----a-w-	c:\windows\system32\pcasvc.dll
2015-02-03 03:31 . 2015-03-11 13:53	37376	----a-w-	c:\windows\system32\pcadm.dll
2015-02-03 03:31 . 2015-03-11 13:53	9728	----a-w-	c:\windows\system32\spwmp.dll
2015-02-03 03:31 . 2015-03-11 13:53	641024	----a-w-	c:\windows\system32\msscp.dll
2015-02-03 03:31 . 2015-03-11 13:53	325632	----a-w-	c:\windows\system32\msnetobj.dll
2015-02-03 03:31 . 2015-03-11 13:53	11264	----a-w-	c:\windows\system32\msmmsp.dll
2015-02-03 03:31 . 2015-03-11 13:53	432128	----a-w-	c:\windows\system32\mfplat.dll
2015-02-03 03:31 . 2015-03-11 13:53	4121600	----a-w-	c:\windows\system32\mf.dll
2015-02-03 03:31 . 2015-03-11 13:53	206848	----a-w-	c:\windows\system32\mfps.dll
2015-02-03 03:30 . 2015-03-11 13:53	631808	----a-w-	c:\windows\system32\evr.dll
2015-02-03 03:30 . 2015-03-11 13:53	284672	----a-w-	c:\windows\system32\EncDump.dll
2015-02-03 03:30 . 2015-03-11 13:53	1202176	----a-w-	c:\windows\system32\drmv2clt.dll
2015-02-03 03:30 . 2015-03-11 13:53	497664	----a-w-	c:\windows\system32\drmmgrtn.dll
2015-02-03 03:30 . 2015-03-11 13:53	1480192	----a-w-	c:\windows\system32\crypt32.dll
2015-02-03 03:30 . 2015-03-11 13:53	1069056	----a-w-	c:\windows\system32\cryptui.dll
2015-02-03 03:30 . 2015-03-11 13:53	82432	----a-w-	c:\windows\system32\cryptsp.dll
2015-02-03 03:30 . 2015-03-11 13:53	140288	----a-w-	c:\windows\system32\cryptnet.dll
2015-02-03 03:30 . 2015-03-11 13:53	187904	----a-w-	c:\windows\system32\cryptsvc.dll
2015-02-03 03:30 . 2015-03-11 13:53	842240	----a-w-	c:\windows\system32\blackbox.dll
2015-02-03 03:30 . 2015-03-11 13:53	680960	----a-w-	c:\windows\system32\audiosrv.dll
2015-02-03 03:30 . 2015-03-11 13:53	296448	----a-w-	c:\windows\system32\AudioSes.dll
2015-02-03 03:30 . 2015-03-11 13:53	440832	----a-w-	c:\windows\system32\AudioEng.dll
2015-02-03 03:30 . 2015-03-11 13:53	32256	----a-w-	c:\windows\system32\appidsvc.dll
2015-02-03 03:30 . 2015-03-11 13:53	58880	----a-w-	c:\windows\system32\appidapi.dll
2015-02-03 03:30 . 2015-03-11 13:53	55808	----a-w-	c:\windows\system32\rrinstaller.exe
2015-02-03 03:30 . 2015-03-11 13:53	9728	----a-w-	c:\windows\system32\pcalua.exe
2015-02-03 03:30 . 2015-03-11 13:53	11264	----a-w-	c:\windows\system32\pcawrk.exe
2015-02-03 03:30 . 2015-03-11 13:53	24576	----a-w-	c:\windows\system32\mfpmp.exe
2015-02-03 03:30 . 2015-03-11 13:53	126464	----a-w-	c:\windows\system32\audiodg.exe
2015-02-03 03:30 . 2015-03-11 13:53	17920	----a-w-	c:\windows\system32\appidcertstorecheck.exe
2015-02-03 03:30 . 2015-03-11 13:53	146944	----a-w-	c:\windows\system32\appidpolicyconverter.exe
2015-02-03 03:30 . 2015-03-11 13:53	12625920	----a-w-	c:\windows\system32\wmploc.DLL
2015-02-03 03:29 . 2015-03-11 13:53	8704	----a-w-	c:\windows\system32\pcaevts.dll
2015-02-03 03:28 . 2015-03-11 13:53	2048	----a-w-	c:\windows\system32\mferror.dll
2015-02-03 03:19 . 2015-03-11 13:53	663552	----a-w-	c:\windows\system32\drivers\PEAuth.sys
2015-02-03 03:12 . 2015-03-11 13:53	617984	----a-w-	c:\windows\SysWow64\wmdrmsdk.dll
2015-02-03 03:12 . 2015-03-11 13:53	179200	----a-w-	c:\windows\SysWow64\wintrust.dll
2015-02-03 03:12 . 2015-03-11 13:53	1230848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-07-27 00:03	2169856	--sha-w-	c:\windows\System32\hale.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[-] 2014-07-27 . D186BABDFAE7C0D93C9F6AE63957EE96 . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
"GoogleChromeAutoLaunch_9ED792177584901FE5BC343ED119EBE7"="c:\program files (x86)\Google\Chrome\Application\chrome.exe" [2015-04-13 812872]
"NetLimiter"="c:\program files\Locktime Software\NetLimiter 4\nlclientapp.exe" [2015-03-04 51840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-11 292848]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-01 4085896]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2014-05-28 455512]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2014-01-10 1861968]
"StatusAlerts"="c:\program files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2013-05-30 96056]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AsrSetupDrv;AsrSetupDrv;c:\windows\SysWOW64\Drivers\AsrSetupDrv.sys;c:\windows\SysWOW64\Drivers\AsrSetupDrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 ESEADriver2;ESEADriver2;c:\users\zingaRo\AppData\Local\Temp\ESEADriver2.sys;c:\users\zingaRo\AppData\Local\Temp\ESEADriver2.sys [x]
R3 hidkmdf;Filter Driver Service for HID-KMDF Interface layer;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 REN2CAP_DRIVER;Hear;c:\windows\system32\drivers\ren2cap.sys;c:\windows\SYSNATIVE\drivers\ren2cap.sys [x]
R3 RZSURROUNDVADService;Razer Surround Audio Service;c:\windows\system32\drivers\RzSurroundVAD.sys;c:\windows\SYSNATIVE\drivers\RzSurroundVAD.sys [x]
R3 sshid;SteelSeries HID Service;c:\windows\system32\DRIVERS\sshid.sys;c:\windows\SYSNATIVE\DRIVERS\sshid.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 ESLWireAC;ESLWireAC;c:\windows\system32\drivers\ESLWireACD.sys;c:\windows\SYSNATIVE\drivers\ESLWireACD.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 EslWireHelper;ESL Wire Helper Service;c:\program files\EslWire\service\WireHelperSvc.exe;c:\program files\EslWire\service\WireHelperSvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HP DS Service;HP DS Service;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe;c:\program files (x86)\HP\HPBDSService\HPBDSService.exe [x]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe;c:\program files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 nldrv;nldrv;c:\program files\Locktime Software\NetLimiter 4\nldrv.sys;c:\program files\Locktime Software\NetLimiter 4\nldrv.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
S3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;c:\windows\system32\DRIVERS\e1d62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1d62x64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - NAL
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-04-15 17:11	988488	----a-w-	c:\program files (x86)\Google\Chrome\Application\42.0.2311.90\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-04-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-26 21:07]
.
2015-04-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-08 17:00]
.
2015-02-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-08-08 17:00]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-01 11:05	634872	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-03-28 2673296]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-03-28 1570672]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2013-03-29 13513288]
"Chew7Hale"="c:\windows\System32\hale.exe" [2014-07-27 2169856]
"HP LaserJet 200 color MFP M276 Series Fax"="c:\program files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe" [2011-10-09 3706424]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
uDefault_Search_URL = www.google.com
mStart Page = www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~2\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\
FF - prefs.js: browser.startup.homepage - www.google.de
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-HotKeyMan - c:\program files\Hotkeyman\HotKeyMan.exe
Wow6432Node-HKCU-Run-appnhost - c:\users\zingaRo\AppData\Local\Mixesoft\AppNHost\appnhost.exe
AddRemove-Final Fantasy XIII Fullscreen Edition MULTi5 1.0 - d:\final fantasy xiii\Uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-04-25  14:58:08 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-04-25 12:58
.
Vor Suchlauf: 13 Verzeichnis(se), 182.911.143.936 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 182.315.540.480 Bytes frei
.
- - End Of File - - E28FED7E011CC59C5A338F738A3745AE
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 26.04.2015, 06:23   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.04.2015, 11:01   #9
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Hi,

ich habe bereits bevor ich zu diesem tollen Board gelangte einen mbam scan laufen lassen.
Daher füge ich den ersten Scan noch bei.
Hier die Logfiles:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 22.04.2015
Suchlauf-Zeit: 20:46:31
Logdatei: mbam1.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.04.22.05
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: zingaRo

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 371151
Verstrichene Zeit: 4 Min, 58 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 8
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64, In Quarantäne, [b1ece18e2f5b7bbbc5d74aa14ab9b54b], 
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\sweet-pageSoftware, In Quarantäne, [5b42b8b7117978be08fab18a39cc8f71], 
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [68359ed1286294a2006e757a57ac8779], 
PUP.Optional.DealKeeper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Deal Keeper, In Quarantäne, [316c6b04008afe385f792cc0e81b2dd3], 
PUP.Optional.DealKeeper.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Deal Keeper, In Quarantäne, [cdd0f07f038789ad3a9fa84442c12bd5], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [2875b6b905857fb7934f64acc63e48b8], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [1489b8b746446acc417148de679edf21], 
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [0d90e58ac8c2df579cd11fd08d76e61a], 

Registrierungswerte: 2
PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\extensions\faststartff@gmail.com, In Quarantäne, [c6d7c1aecac0f442a65a71d419ec9f61]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\INSTALLCORE|tb, 0F1S1Q1K0I1S1U2X, In Quarantäne, [1489b8b746446acc417148de679edf21]

Registrierungsdaten: 7
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[adf0f07f6228cf67f73e46bf42c4728e]
PUP.Optional.SweetPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[d6c7343bb2d806304fe660a533d32ed2]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[f4a94827e0aa3afc7f5c8e76ba4c6b95]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}),Ersetzt,[9ffe4e2105857fb76cc6c24339cd926e]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[623bf57a2a6085b17eb428ddd92d956b]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/?type=hp&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773),Ersetzt,[524b1f5097f3ff37ba7892737b8be31d]
PUP.Optional.SweetPage.A, HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.sweet-page.com/web/?type=ds&ts=1406376955&from=cor&uid=WDCXWD10EZEX-00UD2A0_WD-WMC3F002177321773&q={searchTerms}),Ersetzt,[bbe2c7a8b2d8171f76bcdb2a937317e9]

Ordner: 2
PUP.Optional.SearchProtect.A, C:\Users\zingaRo\AppData\Local\SearchProtect, In Quarantäne, [cfcedc93eb9f41f5bdfd2d740bf8f40c], 
PUP.Optional.SearchProtect.A, C:\Users\zingaRo\AppData\Local\SearchProtect\Logs, In Quarantäne, [cfcedc93eb9f41f5bdfd2d740bf8f40c], 

Dateien: 9
PUP.Optional.RegCleanPro, C:\Windows\System32\roboot64.exe, In Quarantäne, [3c617bf49ded38fe5a9eebe1c63b5ea2], 
PUP.Optional.Somoto, C:\Users\zingaRo\AppData\Local\Temp\bitool.dll, In Quarantäne, [bae369063e4c191d9ac5599e43bfc937], 
PUP.Optional.InstallCore, C:\Users\zingaRo\AppData\Local\Temp\JDSetup130508504551650272.exe, In Quarantäne, [c2dba3cc553583b37965dd8ac540ca36], 
PUP.Optional.Somoto, C:\Users\zingaRo\AppData\Local\Temp\nsrF8ED.tmp, In Quarantäne, [5f3e0a658208b87e8253382b0005cb35], 
PUP.Optional.SearchHijacker.A, C:\Users\zingaRo\AppData\Local\Temp\is1201216051\2EF59781_stp\July15_www.sweet-page.com.exe, In Quarantäne, [5a43115e018984b251d9b311dd24ec14], 
PUP.Optional.SkyTech.A, C:\Users\zingaRo\AppData\Local\Temp\4553606\4553606.zip, In Quarantäne, [fca1214e3f4b41f5fef3956f1be7ab55], 
PUP.Optional.SkyTech.A, C:\Users\zingaRo\AppData\Local\Temp\4553606\4553606.zipDir\Engine.dll, In Quarantäne, [039af07f008a1b1bf8f945bf13ef32ce], 
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{55dce8ba-9dec-4013-937e-adbf9317d990}Gw64.sys, In Quarantäne, [b1ece18e2f5b7bbbc5d74aa14ab9b54b], 
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [4855551a008a8caa52af1427ff0631cf], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 26.04.2015
Suchlauf-Zeit: 11:43:41
Logdatei: mbam2.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.04.26.01
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: zingaRo

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 377772
Verstrichene Zeit: 3 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 1
PUP.Optional.SweetPage.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\sweet-page.xml, In Quarantäne, [fc2d99d8deac9f9715dc49f48382c43c], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.202 - Bericht erstellt 26/04/2015 um 11:49:45
# Aktualisiert 23/04/2015 von Xplode
# Datenbank : 2015-04-23.2 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : zingaRo - ZINGARO-PC
# Gestarted von : C:\Users\zingaRo\Desktop\AdwCleaner_4.202.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\zingaRo\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik
Ordner Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Datei Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage
Datei Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0.localstorage-journal
Datei Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpfpebmajhhopeonhlcgidhclcccjcik_0
Datei Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage
Datei Gelöscht : C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal
Datei Gelöscht : C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Local AppWizard-Generated Applications
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\dll-files.com

***** [ Internetbrowser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v37.0.1 (x86 de)


-\\ Google Chrome v42.0.2311.90

[C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : jpfpebmajhhopeonhlcgidhclcccjcik
[C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : gighmmpiobklfepjocnamgkkbiglidom

*************************

AdwCleaner[R0].txt - [3499 Bytes] - [26/04/2015 11:48:59]
AdwCleaner[S0].txt - [3233 Bytes] - [26/04/2015 11:49:45]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3292  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.3 (04.25.2015:1)
OS: Windows 7 Ultimate x64
Ran by zingaRo on 26.04.2015 at 11:52:06,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Windows\syswow64\ai_recyclebin



~~~ FireFox

Emptied folder: C:\Users\zingaRo\AppData\Roaming\mozilla\firefox\profiles\bgjll1zr.default\minidumps [6 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.04.2015 at 11:53:59,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-04-2015
Ran by zingaRo (administrator) on ZINGARO-PC on 26-04-2015 11:56:39
Running from D:\Downloads
Loaded Profiles: zingaRo (Available profiles: zingaRo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2014-07-27] ()
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-09] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [GoogleChromeAutoLaunch_9ED792177584901FE5BC343ED119EBE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [51840 2015-03-04] (Locktime Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-01] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1841660470-402669-2913087601-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Extension: Adblock Plus - C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-08]
CHR Extension: (Google Drive) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-08]
CHR Extension: (YouTube) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-08]
CHR Extension: (Google Search) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-08]
CHR Extension: (Click&Clean) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-08-08]
CHR Extension: (BetaFish Adblocker) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-26]
CHR Extension: (Bookmark Manager) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Avast Online Security) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-08]
CHR Extension: (Speed Dial 2) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-04-26]
CHR Extension: (Auto HD For YouTube™) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-08]
CHR Extension: (Click&Clean App) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-08-08]
CHR Extension: (Gmail) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-01] (AVAST Software)
S2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [329344 2015-03-04] (Locktime Software)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-07-27] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-08-04] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-05-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-07] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [98080 2015-03-22] (<Turtle Entertainment>)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [8704 2014-08-13] (Windows (R) Win 7 DDK provider) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [125360 2015-03-04] (Locktime Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2012-01-05] ()
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [38400 2014-08-13] (SteelSeries ApS) [File not signed]
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2015-01-19] (Nicomsoft Ltd.)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ESEADriver2; \??\C:\Users\zingaRo\AppData\Local\Temp\ESEADriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 11:53 - 2015-04-26 11:53 - 00001226 _____ () C:\Users\zingaRo\Desktop\JRT.txt
2015-04-26 11:52 - 2015-04-26 11:52 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ZINGARO-PC-Windows-7-Ultimate-(64-bit).dat
2015-04-26 11:52 - 2015-04-26 11:52 - 00000000 ____D () C:\RegBackup
2015-04-26 11:51 - 2015-04-26 11:51 - 02686590 _____ (Thisisu) C:\Users\zingaRo\Desktop\JRT.exe
2015-04-26 11:48 - 2015-04-26 11:49 - 00000000 ____D () C:\AdwCleaner
2015-04-26 11:48 - 2015-04-26 11:48 - 00006929 _____ () C:\Users\zingaRo\Desktop\mbam1.txt
2015-04-26 11:48 - 2015-04-26 11:48 - 00001331 _____ () C:\Users\zingaRo\Desktop\mbam2.txt
2015-04-26 11:45 - 2015-04-26 11:45 - 02224640 _____ () C:\Users\zingaRo\Desktop\AdwCleaner_4.202.exe
2015-04-25 14:58 - 2015-04-25 14:58 - 00024621 _____ () C:\ComboFix.txt
2015-04-25 14:36 - 2015-04-25 14:58 - 00000000 ____D () C:\Qoobox
2015-04-25 14:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-25 14:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-25 14:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-25 14:35 - 2015-04-25 14:56 - 00000000 ____D () C:\Windows\erdnt
2015-04-25 13:35 - 2015-04-25 13:35 - 05619466 ____R (Swearware) C:\Users\zingaRo\Desktop\ComboFix.exe
2015-04-23 20:25 - 2015-04-23 20:25 - 00059068 _____ () C:\FRST.txt
2015-04-23 20:25 - 2015-04-23 20:25 - 00023490 _____ () C:\Addition.txt
2015-04-23 20:23 - 2015-04-26 11:56 - 00000000 ____D () C:\FRST
2015-04-22 20:46 - 2015-04-26 11:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-22 20:46 - 2015-04-22 20:46 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-22 20:46 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-22 20:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-22 20:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-22 20:29 - 2015-04-22 20:29 - 00001156 _____ () C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Locktime Software
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Locktime
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\ProgramData\Locktime
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Program Files\Locktime Software
2015-04-21 20:57 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-21 20:56 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-21 20:56 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-21 18:56 - 2015-04-22 23:48 - 00000211 _____ () C:\Users\zingaRo\Desktop\passwörter jeff.txt
2015-04-17 20:05 - 2015-04-17 20:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 11:34 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 11:34 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 11:34 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 11:34 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 11:34 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 11:34 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 11:34 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 11:34 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 11:34 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 11:34 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 11:34 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:34 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 11:34 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 11:34 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 11:34 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 11:34 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 11:34 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 11:34 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 11:34 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 11:34 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:34 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:34 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 11:34 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 11:34 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 11:34 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 11:34 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 11:34 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 11:34 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:34 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 11:34 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 11:34 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 11:34 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 11:34 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 11:34 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 11:34 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 11:34 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 11:34 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 11:34 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 11:34 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 11:34 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 11:34 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 11:34 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 11:34 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 11:34 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 11:34 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:34 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 11:34 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 11:34 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 11:34 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:34 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 11:34 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 11:34 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 11:34 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 11:34 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:34 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 11:34 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:34 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 11:34 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 11:34 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 11:34 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 11:34 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 11:34 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 11:34 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 11:34 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 11:34 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 11:34 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 11:34 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 11:34 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 11:34 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:34 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 11:34 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 11:34 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 11:34 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 11:34 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 11:34 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 11:34 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 11:34 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 11:34 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:34 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 11:34 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 11:34 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 11:34 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 11:34 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 11:34 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 11:34 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 11:34 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 11:34 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 11:34 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 11:34 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 11:34 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 11:34 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 11:33 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 11:33 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 11:33 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-06 03:16 - 2015-04-06 03:16 - 00000165 _____ () C:\Users\zingaRo\Desktop\arena.txt
2015-04-05 09:56 - 2015-04-05 09:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-03 11:07 - 2015-04-03 11:09 - 00000000 ____D () C:\Users\zingaRo\Documents\Heroes of the Storm
2015-03-31 10:57 - 2015-03-30 15:25 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-30 13:48 - 2015-03-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Dolby Advanced Audio v2
2015-03-30 13:48 - 2015-03-30 13:48 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-30 13:29 - 2012-01-05 15:08 - 00046728 _____ () C:\Windows\system32\Drivers\ren2cap.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 11:52 - 2014-08-08 19:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-26 11:50 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-26 11:50 - 2014-07-26 12:36 - 01104008 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 11:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 11:50 - 2009-07-14 06:51 - 00156889 _____ () C:\Windows\setupact.log
2015-04-26 11:49 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:49 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:48 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-26 11:48 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-26 11:48 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-25 23:22 - 2014-07-26 13:00 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\TS3Client
2015-04-25 23:21 - 2014-07-26 17:08 - 00000000 ____D () C:\Users\zingaRo\AppData\Local\Battle.net
2015-04-25 23:07 - 2014-07-26 13:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-25 15:56 - 2014-07-26 18:26 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\vlc
2015-04-25 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-25 14:52 - 2010-11-21 05:47 - 01014408 _____ () C:\Windows\PFRO.log
2015-04-25 14:52 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-25 14:38 - 2014-07-26 16:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-24 07:51 - 2014-07-26 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-23 21:19 - 2014-07-26 17:25 - 00000000 ____D () C:\JDownloader v2.0
2015-04-22 20:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\TAPI
2015-04-22 00:18 - 2014-07-26 12:38 - 00041574 _____ () C:\Windows\DPINST.LOG
2015-04-22 00:18 - 2014-07-26 12:38 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-04-22 00:18 - 2014-07-26 12:38 - 00000000 ____D () C:\Program Files\SteelSeries
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-19 02:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 14:52 - 2014-12-11 10:02 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 14:52 - 2014-07-26 14:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 02:01 - 2015-01-07 02:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 02:01 - 2014-07-26 12:50 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 02:00 - 2014-07-26 14:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 01:58 - 2014-07-26 14:39 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 01:58 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2015-04-15 19:12 - 2014-08-08 19:01 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 23:07 - 2014-07-26 13:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 23:07 - 2014-07-26 13:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 23:07 - 2014-07-26 13:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-09 02:58 - 2014-07-26 14:17 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2014-07-26 12:51 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-07-26 12:51 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2014-07-26 12:51 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-07-26 12:51 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-07-26 12:51 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-03 11:07 - 2014-07-26 17:08 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-31 10:58 - 2014-10-22 10:58 - 00000000 ____D () C:\Users\zingaRo\AppData\Local\Adobe
2015-03-28 05:44 - 2014-07-26 12:57 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-07-26 12:51 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-07-26 12:57 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-07-26 12:51 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2015-03-30 13:48 - 2015-03-30 13:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\zingaRo\AppData\Local\Temp\Quarantine.exe
C:\Users\zingaRo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-25 15:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 26.04.2015, 18:21   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.04.2015, 22:29   #11
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=6e5163651e4bc04384e9d00029cfc156
# engine=23573
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-04-26 09:13:27
# local_time=2015-04-26 11:13:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=781 16777213 100 97 12381201 23702905 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 40378 181712657 0 0
# scanned=242881
# found=5
# cleaned=0
# scan_time=7404
sh=40CE0A58E99858007E5DCD0BB5BF6A122686A917 ft=1 fh=f92770b35775886c vn="Win32/Somoto.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\BiTool[1].dll"
sh=094EB822930C180CFEBCC25F257F3E906DCE5865 ft=1 fh=7274f38fd1f6763d vn="Win32/Somoto.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\setup[1].exe"
sh=B81622A5B9BB23083D90FAD77D0D5EEF7B6E6A8A ft=1 fh=295a60c62ef2fe00 vn="Variante von Win32/Systweak evtl. unerwünschte Anwendung" ac=I fn="C:\Users\zingaRo\Downloads\dffsetup-hidserv.exe"
sh=9AA22FEF61E442652F0033BE32516718A6667B36 ft=1 fh=0a6d86d4b3839fe8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Better DS3 - CHIP-Installer.exe"
sh=E750C443A83F9B135B499E7917C5A93120384BB3 ft=1 fh=4eedbac881d1fc72 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\DTLite4491-0356.exe"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.00  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 31  
 Java version 32-bit out of Date! 
 Adobe Flash Player 17.0.0.169  
 Mozilla Firefox (37.0.1) 
 Google Chrome (41.0.2272.118) 
 Google Chrome (42.0.2311.90) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2015
Ran by zingaRo (administrator) on ZINGARO-PC on 26-04-2015 23:28:52
Running from D:\Downloads
Loaded Profiles: zingaRo (Available profiles: zingaRo)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3918\Agent.exe
(Blizzard Entertainment) D:\Battle.net\Battle.net.5669\Battle.net.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) D:\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2014-07-27] ()
HKLM\...\Run: [HP LaserJet 200 color MFP M276 Series Fax] => C:\Program Files (x86)\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe [3706424 2011-10-09] (Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-11] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-28] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313248 2012-07-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [51840 2015-03-04] (Locktime Software)
HKU\S-1-5-21-1841660470-402669-2913087601-1000\...\Run: [GoogleChromeAutoLaunch_9ED792177584901FE5BC343ED119EBE7] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-13] (Google Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2014-08-01] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1841660470-402669-2913087601-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1841660470-402669-2913087601-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2014-08-01] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-08-01] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-07] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Extension: Adblock Plus - C:\Users\zingaRo\AppData\Roaming\Mozilla\Firefox\Profiles\bgjll1zr.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-26]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR Profile: C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-08]
CHR Extension: (Google Drive) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-08]
CHR Extension: (YouTube) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-08]
CHR Extension: (Google Search) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-08]
CHR Extension: (Tampermonkey) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-26]
CHR Extension: (Click&Clean) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghgabhipcejejjmhhchfonmamedcbeod [2014-08-08]
CHR Extension: (BetaFish Adblocker) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-26]
CHR Extension: (Bookmark Manager) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Avast Online Security) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-08]
CHR Extension: (Speed Dial 2) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik [2015-04-26]
CHR Extension: (Auto HD For YouTube™) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2014-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Google Wallet) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-08]
CHR Extension: (Click&Clean App) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2014-08-08]
CHR Extension: (Gmail) - C:\Users\zingaRo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-08]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-01] (AVAST Software)
S2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
S2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [164864 2012-05-02] (HP) [File not signed]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
S2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [329344 2015-03-04] (Locktime Software)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2014-07-27] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-08-04] (Microsoft Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-05-01] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-01] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-01] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-01] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-08-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-01] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-01] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2015-01-07] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [487704 2014-03-14] (Intel Corporation)
R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [98080 2015-03-22] (<Turtle Entertainment>)
S3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [8704 2014-08-13] (Windows (R) Win 7 DDK provider) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [125360 2015-03-04] (Locktime Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 REN2CAP_DRIVER; C:\Windows\System32\drivers\ren2cap.sys [46728 2012-01-05] ()
S3 RZSURROUNDVADService; C:\Windows\System32\drivers\RzSurroundVAD.sys [40640 2015-02-09] (Windows (R) Win 7 DDK provider)
S3 sshid; C:\Windows\System32\DRIVERS\sshid.sys [38400 2014-08-13] (SteelSeries ApS) [File not signed]
R2 WinI2C-DDC; C:\Windows\system32\drivers\DDCDrv.sys [20832 2015-01-19] (Nicomsoft Ltd.)
S3 AsrSetupDrv; \??\C:\Windows\SysWOW64\Drivers\AsrSetupDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 ESEADriver2; \??\C:\Users\zingaRo\AppData\Local\Temp\ESEADriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 21:03 - 2015-04-26 21:03 - 00852616 _____ () C:\Users\zingaRo\Desktop\SecurityCheck.exe
2015-04-26 21:00 - 2015-04-26 21:00 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-04-26 11:53 - 2015-04-26 11:53 - 00001226 _____ () C:\Users\zingaRo\Desktop\JRT.txt
2015-04-26 11:52 - 2015-04-26 11:52 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ZINGARO-PC-Windows-7-Ultimate-(64-bit).dat
2015-04-26 11:52 - 2015-04-26 11:52 - 00000000 ____D () C:\RegBackup
2015-04-26 11:51 - 2015-04-26 11:51 - 02686590 _____ (Thisisu) C:\Users\zingaRo\Desktop\JRT.exe
2015-04-26 11:48 - 2015-04-26 11:49 - 00000000 ____D () C:\AdwCleaner
2015-04-26 11:48 - 2015-04-26 11:48 - 00006929 _____ () C:\Users\zingaRo\Desktop\mbam1.txt
2015-04-26 11:48 - 2015-04-26 11:48 - 00001331 _____ () C:\Users\zingaRo\Desktop\mbam2.txt
2015-04-26 11:45 - 2015-04-26 11:45 - 02224640 _____ () C:\Users\zingaRo\Desktop\AdwCleaner_4.202.exe
2015-04-25 14:58 - 2015-04-25 14:58 - 00024621 _____ () C:\ComboFix.txt
2015-04-25 14:36 - 2015-04-25 14:58 - 00000000 ____D () C:\Qoobox
2015-04-25 14:36 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-04-25 14:36 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-04-25 14:36 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-04-25 14:36 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-04-25 14:35 - 2015-04-25 14:56 - 00000000 ____D () C:\Windows\erdnt
2015-04-25 13:35 - 2015-04-25 13:35 - 05619466 ____R (Swearware) C:\Users\zingaRo\Desktop\ComboFix.exe
2015-04-23 20:25 - 2015-04-23 20:25 - 00059068 _____ () C:\FRST.txt
2015-04-23 20:25 - 2015-04-23 20:25 - 00023490 _____ () C:\Addition.txt
2015-04-23 20:23 - 2015-04-26 23:28 - 00000000 ____D () C:\FRST
2015-04-22 20:46 - 2015-04-26 11:43 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-22 20:46 - 2015-04-22 20:46 - 00001098 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-22 20:46 - 2015-04-22 20:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-04-22 20:46 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-22 20:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-22 20:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-22 20:29 - 2015-04-22 20:29 - 00001156 _____ () C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Locktime Software
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Locktime
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetLimiter 4
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\ProgramData\Locktime
2015-04-22 20:29 - 2015-04-22 20:29 - 00000000 ____D () C:\Program Files\Locktime Software
2015-04-21 20:57 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-21 20:56 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-21 20:56 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-21 20:56 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-21 18:56 - 2015-04-22 23:48 - 00000211 _____ () C:\Users\zingaRo\Desktop\passwörter jeff.txt
2015-04-17 20:05 - 2015-04-17 20:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-15 11:34 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 11:34 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 11:34 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 11:34 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 11:34 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 11:34 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 11:34 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 11:34 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 11:34 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 11:34 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 11:34 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 11:34 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 11:34 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 11:34 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 11:34 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 11:34 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 11:34 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 11:34 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 11:34 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 11:34 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 11:34 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 11:34 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 11:34 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 11:34 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 11:34 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 11:34 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 11:34 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 11:34 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 11:34 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 11:34 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 11:34 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 11:34 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 11:34 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 11:34 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 11:34 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 11:34 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 11:34 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 11:34 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 11:34 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 11:34 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 11:34 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 11:34 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 11:34 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 11:34 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 11:34 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 11:34 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 11:34 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 11:34 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 11:34 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 11:34 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 11:34 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 11:34 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 11:34 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 11:34 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 11:34 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 11:34 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 11:34 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 11:34 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 11:34 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 11:34 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 11:34 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 11:34 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 11:34 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 11:34 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 11:34 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 11:34 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 11:34 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 11:34 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 11:34 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 11:34 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 11:34 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 11:34 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 11:34 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 11:34 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 11:34 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 11:34 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 11:34 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 11:34 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 11:34 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 11:34 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 11:34 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 11:34 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 11:34 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 11:34 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 11:34 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 11:34 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 11:34 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 11:34 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 11:34 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 11:34 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 11:34 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 11:34 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 11:34 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 11:34 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 11:34 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 11:34 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 11:34 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 11:34 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 11:34 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 11:33 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 11:33 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 11:33 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-06 03:16 - 2015-04-06 03:16 - 00000165 _____ () C:\Users\zingaRo\Desktop\arena.txt
2015-04-05 09:56 - 2015-04-05 09:56 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-05 03:00 - 2015-04-05 03:00 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-03 11:07 - 2015-04-03 11:09 - 00000000 ____D () C:\Users\zingaRo\Documents\Heroes of the Storm
2015-03-31 10:57 - 2015-03-30 15:25 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2015-03-30 13:48 - 2015-03-30 13:57 - 00000000 ____D () C:\Program Files (x86)\Dolby Advanced Audio v2
2015-03-30 13:48 - 2015-03-30 13:48 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2015-03-30 13:29 - 2012-01-05 15:08 - 00046728 _____ () C:\Windows\system32\Drivers\ren2cap.sys

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-26 23:27 - 2014-07-26 17:08 - 00000000 ____D () C:\Users\zingaRo\AppData\Local\Battle.net
2015-04-26 23:24 - 2014-07-26 12:36 - 01125799 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 23:07 - 2014-07-26 13:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-26 22:35 - 2014-07-26 13:00 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\TS3Client
2015-04-26 21:03 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-26 21:03 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-26 21:03 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-26 16:11 - 2014-08-08 19:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-26 11:58 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:58 - 2009-07-14 06:45 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:50 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-04-26 11:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-26 11:50 - 2009-07-14 06:51 - 00156889 _____ () C:\Windows\setupact.log
2015-04-25 15:56 - 2014-07-26 18:26 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\vlc
2015-04-25 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-25 14:52 - 2010-11-21 05:47 - 01014408 _____ () C:\Windows\PFRO.log
2015-04-25 14:52 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-04-25 14:38 - 2014-07-26 16:04 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-24 07:51 - 2014-07-26 12:48 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-23 21:19 - 2014-07-26 17:25 - 00000000 ____D () C:\JDownloader v2.0
2015-04-22 20:52 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\TAPI
2015-04-22 00:18 - 2014-07-26 12:38 - 00041574 _____ () C:\Windows\DPINST.LOG
2015-04-22 00:18 - 2014-07-26 12:38 - 00000000 ____D () C:\Users\zingaRo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2015-04-22 00:18 - 2014-07-26 12:38 - 00000000 ____D () C:\Program Files\SteelSeries
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-04-21 20:57 - 2014-07-26 12:51 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-04-19 02:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 14:52 - 2014-12-11 10:02 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 14:52 - 2014-07-26 14:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 02:01 - 2015-01-07 02:59 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 02:01 - 2014-07-26 12:50 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 02:00 - 2014-07-26 14:39 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 01:58 - 2014-07-26 14:39 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-16 01:58 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2015-04-15 19:12 - 2014-08-08 19:01 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 23:07 - 2014-07-26 13:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 23:07 - 2014-07-26 13:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-14 23:07 - 2014-07-26 13:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-09 02:58 - 2014-07-26 14:17 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2014-07-26 12:51 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-07-26 12:51 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2014-07-26 12:48 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-08 23:30 - 2014-07-26 12:51 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-07-26 12:51 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-07-26 12:51 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-07-26 12:51 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-03 11:07 - 2014-07-26 17:08 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-03-31 10:58 - 2014-10-22 10:58 - 00000000 ____D () C:\Users\zingaRo\AppData\Local\Adobe
2015-03-28 05:44 - 2014-07-26 12:57 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-03-28 05:44 - 2014-07-26 12:51 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-03-28 05:43 - 2014-07-26 12:57 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-03-28 05:43 - 2014-07-26 12:51 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

==================== Files in the root of some directories =======

2015-03-30 13:48 - 2015-03-30 13:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some content of TEMP:
====================
C:\Users\zingaRo\AppData\Local\Temp\Quarantine.exe
C:\Users\zingaRo\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-25 15:32

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 27.04.2015, 18:49   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\BiTool[1].dll

C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\setup[1].exe

C:\Users\zingaRo\Downloads\dffsetup-hidserv.exe

D:\Downloads\Better DS3 - CHIP-Installer.exe

D:\Downloads\DTLite4491-0356.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen

Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.04.2015, 19:01   #13
hannesbannes
 
Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-04-2015 01
Ran by zingaRo at 2015-04-27 19:59:01 Run:1
Running from C:\Users\zingaRo\Desktop
Loaded Profiles: zingaRo (Available profiles: zingaRo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\BiTool[1].dll

C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\setup[1].exe

C:\Users\zingaRo\Downloads\dffsetup-hidserv.exe

D:\Downloads\Better DS3 - CHIP-Installer.exe

D:\Downloads\DTLite4491-0356.exe
Emptytemp:
*****************

C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\BiTool[1].dll => Moved successfully.
C:\Users\zingaRo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ULIOM1E\setup[1].exe => Moved successfully.
C:\Users\zingaRo\Downloads\dffsetup-hidserv.exe => Moved successfully.
D:\Downloads\Better DS3 - CHIP-Installer.exe => Moved successfully.
D:\Downloads\DTLite4491-0356.exe => Moved successfully.
EmptyTemp: => Removed 1.1 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 19:59:18 ====
         
Meine Probleme haben sich mittlerweilse minimiert.
Hab nur noch gelegentlich einen hohen Ping.
Es scheint zu helfen, danke vielmals dafür

Geändert von hannesbannes (27.04.2015 um 19:52 Uhr)

Alt 28.04.2015, 13:55   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Massive Lagspikes, vermutlich verursacht durch Chrome - Standard

Massive Lagspikes, vermutlich verursacht durch Chrome




Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Massive Lagspikes, vermutlich verursacht durch Chrome
fehlercode 0x5, fehlercode 28, fehlercode windows, google chrome, nicht mehr, pup.optional.dealkeeper.a, pup.optional.faststart.a, pup.optional.installcore, pup.optional.installcore.a, pup.optional.qone8, pup.optional.regcleanpro, pup.optional.sanbreel.a, pup.optional.searchhijacker.a, pup.optional.searchprotect.a, pup.optional.skytech.a, pup.optional.somoto, pup.optional.sweetpage.a, pup.optional.systemspeedup, schließe, sweet-page, sweet-page entfernen, sweetpage, sweetpage entfernen, vermutlich, verursacht



Ähnliche Themen: Massive Lagspikes, vermutlich verursacht durch Chrome


  1. Win8: Laptop vermutlich durch Trojaner lahmgelegt
    Plagegeister aller Art und deren Bekämpfung - 29.05.2015 (12)
  2. Massive Bluescreens durch Windows/Treiber
    Alles rund um Windows - 23.10.2013 (2)
  3. LyriXeeker lässt sich nicht aus Chrome entfernen und verursacht Popups und Werbung
    Log-Analyse und Auswertung - 19.09.2013 (5)
  4. Bluescreen durch Virus/Trojaner verursacht?
    Plagegeister aller Art und deren Bekämpfung - 15.02.2013 (3)
  5. Zusätzliche Einträge in "Dienste" - vermutlich verursacht durch Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.01.2013 (9)
  6. Massive Performanceeinbrüche durch Trojan.ADH.2?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2012 (36)
  7. Vermutlich Keylogger durch Sch...tool eingefangen
    Plagegeister aller Art und deren Bekämpfung - 03.06.2012 (1)
  8. Problem verursacht durch Trojan.PWS.Legmir.AD / W32.Ahlem.A@mm ?
    Plagegeister aller Art und deren Bekämpfung - 30.04.2012 (1)
  9. bluescreen-fehlermeldung durch trojaner verursacht?
    Plagegeister aller Art und deren Bekämpfung - 02.02.2012 (3)
  10. Pop-Up´s auf dem PC verursacht durch Viren/ Trojaner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2010 (32)
  11. Chrome.exe verursacht Bluescreen - Virenscanner lassen sich nicht updaten
    Log-Analyse und Auswertung - 07.07.2010 (3)
  12. Vermutlich Trojaner durch behörden
    Log-Analyse und Auswertung - 29.07.2009 (7)
  13. CPU-Auslastung nach 2 Minuten auf 100%, verursacht durch: LULncr.exe
    Plagegeister aller Art und deren Bekämpfung - 03.02.2009 (2)
  14. Probleme mit Rechner, verursacht durch Viren (?)
    Log-Analyse und Auswertung - 09.05.2008 (3)
  15. Computer läuft vermutlich durch Viren langsam
    Plagegeister aller Art und deren Bekämpfung - 27.07.2007 (27)
  16. NT-AUTORITÄT/SYSTEM verursacht durch ad aware
    Plagegeister aller Art und deren Bekämpfung - 16.09.2005 (5)
  17. fehler verursacht durch unbekannte seite
    Alles rund um Windows - 01.07.2005 (0)

Zum Thema Massive Lagspikes, vermutlich verursacht durch Chrome - Hi, ich habe seit ca. 1 Woche das Problem, dass ich beim surfen und spielen ich zwischendrin massive Lagspikes habe und man mich somit nicht mehr im TS versteht und - Massive Lagspikes, vermutlich verursacht durch Chrome...
Archiv
Du betrachtest: Massive Lagspikes, vermutlich verursacht durch Chrome auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.