| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Virus? PC Langsam Anti-Virus/GMER geht nicht!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
05.05.2015, 17:10
| #1 |
 |  Virus? PC Langsam Anti-Virus/GMER geht nicht! Ich habe hier: http://www.trojaner-board.de/166683-...-manchmal.html . Als ich den Scan mit GMER durchführen wollte um das log hier zu Posten habe ich vergessen Kaspersky zu Deaktivieren, was GMER auch erstmal als möglicherweise Gefährlich eingestuft hab. Da ich aber auf Zulassen geklickt habe, wurde GMER dann ausgeführ und ich habe schnell Kaspersky und dessen schutz Beendet. Dann kommt eine Fehlermeldung das GMER nicht mehr Funktioniert.Ich habe es wieder Probiert, und das gleiche. Dann habe ich versucht Kaspersky wieder zu starten, mir wurde angezeigt das ein Prozess oder ähnliches nicht gefunden werden konnte.Dieses war nur kurz da, und dann kam ein Bluescreen und zwar den gleichen den ich erst gestern schon hatte. Gestern ließ sich Windows nur im Abgesicherten Modus Starten, worüber ich festgestellt habe das ein treiber von Kaspersky der Auslöser war. Also habe ich Kaspersky deinstalliert8und nach dem Neustart wieder Installiert), und schon ging es wieder. Heute kam die gleiche Fehlermeldung(aber während dem betrieb) und der Pc ließ sich wieder normal staten, nur das (wie gester auch) der Bildschirm nach dem Login ca. 1-2 min schwarz war (abgesehen von einer CPU und RAM anzeige oben rechts). Bevor heute der Bluescreen aufgetreten ist war das nicht der Fall. Hier ein FRST log, das andere musste ich anhängen: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2015
Ran by Admin (administrator) on ADMIN-PC on 05-05-2015 17:36:37
Running from C:\Users\Admin\Desktop
Loaded Profiles: Admin (Available profiles: Admin)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\Monitor.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7302\Monitor.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(IObit) C:\MyStuff\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Dropbox, Inc.) C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Razer Inc.) C:\MyStuff\Razer Cortex\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetSvcHelp.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\AI Suite II.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avpui.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Network iControl\NetSvcHelp\NetiCtrlTray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(ASUSTeK Computer Inc.) C:\MyStuff\Asus\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\plugin-nm-server.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
(Google Inc.) C:\Users\Admin\AppData\Local\Google\Chrome SxS\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2685072 2015-05-01] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [PAC7302_Monitor] => C:\Windows\PixArt\PAC7302\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-01-27] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [DSL Soforthilfe] => C:\MyStuff\DSL Soforthilfe\DSL_Soforthilfe.exe [20585888 2013-11-21] ()
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2163496 2013-07-03] (Palit Microsystems Ltd.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31344744 2015-02-26] (Skype Technologies S.A.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Advanced SystemCare 8] => C:\mystuff\IObit\Advanced SystemCare 8\ASCTray.exe [2428704 2015-01-20] (IObit)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [OKAYFREEDOM_Agent] => "C:\Windows.old\Program Files (x86)\OkayFreedom\OkayFreedomClient.exe" -agent
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\Run: [Google Update] => C:\Users\Admin\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-04-28] (Google Inc.)
HKU\S-1-5-21-2897107241-917314487-1310154325-1000\...\MountPoints2: {1dcae78a-c26a-11e4-b854-08606eda161e} - E:\HTC_Sync_Manager_PC.exe
Startup: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-02-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Admin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Admin\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-09] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\S-1-5-21-2897107241-917314487-1310154325-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL =
SearchScopes: HKU\S-1-5-21-2897107241-917314487-1310154325-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\MyStuff\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-03-22] (IObit)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\MyStuff\Android\Appprogramierung\Java\bin\ssv.dll [2015-04-20] (Oracle Corporation)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\MyStuff\Android\Appprogramierung\Java\bin\jp2ssv.dll [2015-04-20] (Oracle Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\dtplugin\npDeployJava1.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\MyStuff\Android\Appprogramierung\Java\bin\plugin2\npjp2.dll [2015-04-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-2897107241-917314487-1310154325-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Admin\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-28] (Google Inc.)
FF Extension: DSL Soforthilfe - C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\16euy4ch.default\Extensions\{95E05177-EA09-4386-8B79-FEB1EAC063E6} [2015-04-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-04]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-04]
Chrome:
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-30]
CHR Extension: (Bookmark Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-30]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-30]
CHR Extension: (Google Wallet) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-30]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdvancedSystemCareService8; C:\mystuff\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2015-03-08] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2015-03-08] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2015-03-08] (ASUSTeK Computer Inc.)
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S4 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-02-26] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-01] (NVIDIA Corporation)
S3 GSService; C:\Windows\SysWOW64\GSService.exe [490208 2013-07-10] ()
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1884304 2015-05-01] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22997648 2015-05-01] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-03] ()
S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-03-10] ()
R2 RzKLService; C:\mystuff\Razer Cortex\RzKLService.exe [129168 2015-03-12] (Razer Inc.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27768 2015-03-22] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 MBAMScheduler; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamscheduler.exe" [X]
S2 MBAMService; "C:\adwcleaner\ Malwarebytes Anti-Malware \mbamservice.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2015-01-31] (AVM Berlin)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 DIRECTIO; C:\mystuff\PerformanceTest\DirectIo64.sys [31160 2014-04-24] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-04-18] (Disc Soft Ltd)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-03-22] (REALiX(tm))
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-04] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-04] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-29] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-01] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PAC7302; C:\Windows\System32\DRIVERS\PAC7302.SYS [527872 2007-11-08] (PixArt Imaging Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-03-10] (Razer, Inc.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-05 17:36 - 2015-05-05 17:37 - 00023864 _____ () C:\Users\Admin\Desktop\FRST.txt
2015-05-05 17:36 - 2015-05-05 17:36 - 00000000 ____D () C:\FRST
2015-05-05 17:35 - 2015-05-05 17:35 - 00380416 _____ () C:\Users\Admin\Downloads\Gmer-19357.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00380416 _____ () C:\Users\Admin\Desktop\Gmer-19357.exe
2015-05-05 17:35 - 2015-05-05 17:35 - 00000472 _____ () C:\Users\Admin\Desktop\defogger_disable.log
2015-05-05 17:35 - 2015-05-05 17:35 - 00000000 _____ () C:\Users\Admin\defogger_reenable
2015-05-05 17:35 - 2015-05-05 12:06 - 02101248 _____ (Farbar) C:\Users\Admin\Desktop\FRST64.exe
2015-05-05 17:35 - 2015-05-05 12:06 - 00050477 _____ () C:\Users\Admin\Desktop\Defogger.exe
2015-05-05 13:43 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-05 13:42 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-05 13:42 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00499344 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00402576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00390472 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00346256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-05 13:42 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-05 12:07 - 2015-05-05 12:19 - 00000000 ____D () C:\Users\Admin\Downloads\Grand Theft Auto 5 [Salat-Production]
2015-05-05 12:06 - 2015-05-05 12:06 - 02347384 _____ (ESET) C:\Users\Admin\Downloads\esetsmartinstaller_deu.exe
2015-05-05 12:06 - 2015-05-05 12:06 - 02101248 _____ (Farbar) C:\Users\Admin\Downloads\FRST64.exe
2015-05-05 12:06 - 2015-05-05 12:06 - 00050477 _____ () C:\Users\Admin\Downloads\Defogger.exe
2015-05-04 17:08 - 2015-05-04 17:08 - 00002330 _____ () C:\Users\Admin\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-04 17:06 - 2015-05-04 17:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-04 17:06 - 2015-05-04 17:05 - 00002140 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-04 17:04 - 2014-10-22 21:13 - 00245960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-04 16:48 - 2015-05-04 16:54 - 197295744 _____ (Kaspersky Lab) C:\Users\Admin\Downloads\kis15.0.2.361de-de.exe
2015-05-04 16:35 - 2015-05-04 16:43 - 03334025 _____ () C:\Users\Admin\Downloads\kavremvr 2015-05-04 16-35-18 (pid 2520).log
2015-05-04 16:35 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\Nicht bestätigt 198788.crdownload
2015-05-04 16:34 - 2015-05-04 16:35 - 07363264 _____ (Kaspersky Lab ZAO) C:\Users\Admin\Downloads\kavremover.exe
2015-05-04 16:28 - 2015-05-04 16:28 - 00011348 _____ () C:\Users\Admin\Downloads\safemsi.zip
2015-05-04 16:27 - 2015-05-04 16:27 - 00000133 _____ () C:\Users\Admin\Downloads\mis-safemode.reg
2015-05-04 15:46 - 2015-05-04 15:46 - 1018616418 _____ () C:\Windows\MEMORY.DMP
2015-05-04 15:46 - 2015-05-04 15:46 - 00262144 _____ () C:\Windows\Minidump\050415-20186-01.dmp
2015-05-02 18:38 - 2015-05-02 18:38 - 08911541 _____ () C:\Users\Admin\Downloads\AK.236.OPO.CM12.1.zip
2015-05-02 17:47 - 2015-05-02 17:57 - 254031717 _____ () C:\Users\Admin\Downloads\pac_bacon-lp-Official-20150425.zip
2015-05-02 17:47 - 2015-05-02 17:47 - 00000098 _____ () C:\Users\Admin\Downloads\pac_bacon-lp-Official-20150425.zip.md5sum
2015-05-02 17:41 - 2015-05-02 18:02 - 295983157 _____ () C:\Users\Admin\Downloads\CyanHacker-v3.0-NIGHTLY-20150330-bacon.zip
2015-05-02 16:34 - 2015-05-02 16:34 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2015-05-02 16:32 - 2014-07-04 10:49 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2015-05-02 16:32 - 2014-07-04 10:49 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2015-05-01 20:30 - 2015-05-01 20:30 - 05761011 _____ () C:\Users\Admin\Downloads\furnace-1.2.1-stock-kitkat_bacon.zip
2015-05-01 20:29 - 2015-05-01 20:29 - 06476267 _____ () C:\Users\Admin\Downloads\furnace-1.2.3-aosp-lollipop_bacon (1).zip
2015-05-01 20:09 - 2015-05-01 20:09 - 14118912 _____ () C:\Users\Admin\Downloads\TWRP_multirom_bacon_20150416-00.img
2015-05-01 20:09 - 2015-05-01 20:09 - 05572783 _____ () C:\Users\Admin\Downloads\multirom-20150425-v32h-UNOFFICIAL-bacon.zip
2015-05-01 20:08 - 2015-05-01 20:08 - 06476267 _____ () C:\Users\Admin\Downloads\furnace-1.2.3-aosp-lollipop_bacon.zip
2015-05-01 18:55 - 2015-05-01 18:55 - 10800295 _____ () C:\Users\Admin\Downloads\OnePlus One TWRP 2.8.6.0 Flasher.zip
2015-04-30 21:43 - 2015-04-30 21:43 - 00574591 _____ () C:\Users\Admin\Downloads\One-Click Un-Locker [OPO] (3).zip
2015-04-30 21:42 - 2015-04-30 21:42 - 00574591 _____ () C:\Users\Admin\Downloads\One-Click Un-Locker [OPO] (2).zip
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Mozilla
2015-04-29 14:25 - 2015-04-29 14:25 - 00000000 ____D () C:\Users\Admin\AppData\Local\Mozilla
2015-04-29 14:24 - 2015-04-29 14:24 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-29 14:24 - 2015-04-29 14:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-29 14:22 - 2015-04-29 14:23 - 00243592 _____ () C:\Users\Admin\Downloads\Firefox Setup Stub 37.0.2.exe
2015-04-28 19:23 - 2015-05-05 12:28 - 00002422 _____ () C:\Users\Admin\Desktop\Google Chrome Canary.lnk
2015-04-28 19:23 - 2015-05-05 01:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome Canary
2015-04-28 19:19 - 2015-04-28 19:19 - 00880208 _____ (Google Inc.) C:\Users\Admin\Downloads\ChromeSetup.exe
2015-04-28 17:56 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-04-28 17:56 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-04-28 12:48 - 2015-04-28 12:48 - 00000800 _____ () C:\DelFix.txt
2015-04-26 20:27 - 2015-04-26 20:27 - 00000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-04-26 20:27 - 2015-04-26 20:27 - 00000000 ____D () C:\Users\Admin\AppData\Local\gtk-2.0
2015-04-26 20:24 - 2015-04-26 20:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GML
2015-04-26 20:24 - 2005-07-26 14:49 - 01040436 _____ (Intel Corporation.) C:\Windows\SysWOW64\cxcore097.dll
2015-04-26 20:24 - 2003-03-19 08:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll
2015-04-26 20:24 - 2003-03-19 07:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-04-26 20:24 - 2003-02-21 15:42 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-04-26 20:23 - 2015-04-26 20:23 - 02127062 _____ (GML Computer Vision Group ) C:\Users\Admin\Downloads\GMLMatting0.3_setup.exe
2015-04-26 20:16 - 2015-04-26 20:16 - 00000000 ____D () C:\Users\Admin\.thumbnails
2015-04-26 20:11 - 2015-04-26 20:28 - 00000000 ____D () C:\Users\Admin\.gimp-2.8
2015-04-26 20:11 - 2015-04-26 20:11 - 00000000 ____D () C:\Users\Admin\AppData\Local\gegl-0.2
2015-04-26 20:09 - 2015-04-26 20:09 - 01697884 _____ () C:\Users\Admin\Downloads\gimp-plugins-13.zip
2015-04-26 20:07 - 2015-04-26 20:07 - 00000822 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2015-04-26 20:03 - 2015-04-26 20:05 - 91931728 _____ (The GIMP Team ) C:\Users\Admin\Downloads\gimp-2.8.14-setup-1.exe
2015-04-26 20:03 - 2015-04-26 20:03 - 01203488 _____ () C:\Users\Admin\Downloads\Top Collection GIMP Plug ins - CHIP-Installer.exe
2015-04-26 20:02 - 2015-04-26 20:02 - 00009127 _____ () C:\Users\Admin\Downloads\gimp-2.8.14-setup-1.exe.torrent
2015-04-26 15:37 - 2015-04-26 15:37 - 00004801 _____ () C:\Users\Admin\Downloads\GMER.rar
2015-04-26 15:11 - 2015-04-26 15:11 - 00179910 _____ () C:\Users\Admin\Downloads\GMER.log
2015-04-26 14:42 - 2015-04-26 14:43 - 00380416 _____ () C:\Users\Admin\Downloads\j3ygeo5i.exe
2015-04-26 14:32 - 2015-04-26 14:33 - 00004766 _____ () C:\Users\Admin\Documents\2.txt
2015-04-26 14:31 - 2015-04-26 14:31 - 00008329 _____ () C:\Users\Admin\Documents\1.txt
2015-04-26 13:23 - 2015-04-26 13:23 - 01604608 _____ () C:\Users\Admin\Downloads\WB_XII_1_BinaerdarstellungInformation.ppt
2015-04-25 21:28 - 2015-04-25 21:33 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos VPN
2015-04-25 21:26 - 2015-04-25 21:26 - 00003222 _____ () C:\Windows\System32\Tasks\{857C73D2-1CA9-42B6-8B95-D80EF5F91DC1}
2015-04-25 21:25 - 2015-04-25 21:28 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Steganos
2015-04-24 14:01 - 2015-04-24 14:01 - 00000000 ____D () C:\Users\Admin\AppData\Local\SvchostViewer
2015-04-24 13:56 - 2015-04-24 13:56 - 00040538 _____ () C:\Users\Admin\Downloads\Svchost Viewer Ver 0.5.0.1.zip
2015-04-24 13:47 - 2015-04-26 14:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-04-24 13:46 - 2015-04-24 13:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-24 13:46 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-24 13:46 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-04-24 13:46 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-04-24 13:45 - 2015-04-24 13:46 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-04-24 13:39 - 2015-04-24 13:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Admin\Downloads\mbam-setup-2.1.6.1022.exe
2015-04-24 13:39 - 2015-04-24 13:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-ADMIN-PC-Windows-7-Professional-(64-bit).dat
2015-04-24 13:39 - 2015-04-24 13:39 - 00000000 ____D () C:\RegBackup
2015-04-24 13:27 - 2015-04-24 13:27 - 01190415 _____ () C:\Users\Admin\Downloads\ProcessExplorer.zip
2015-04-23 21:22 - 2015-04-23 21:22 - 04156986 _____ () C:\Users\Admin\Downloads\youtube-tubemate.2.95.apk
2015-04-20 15:59 - 2015-04-20 15:59 - 00000000 ____D () C:\Users\Admin\.eclipse
2015-04-20 13:38 - 2015-04-20 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2015-04-20 13:27 - 2015-04-20 13:37 - 215762517 _____ () C:\Users\Admin\Downloads\eclipse-standard-luna-R-win32.zip
2015-04-20 13:26 - 2015-04-20 13:37 - 189180832 _____ (Oracle Corporation) C:\Users\Admin\Downloads\jdk-8u45-windows-x64.exe
2015-04-19 18:39 - 2015-04-19 18:40 - 41948672 _____ (The Chromium Authors) C:\Users\Admin\Downloads\mini_installer.exe
2015-04-19 18:32 - 2015-04-19 18:34 - 94109972 _____ () C:\Users\Admin\Downloads\chrome-win32.zip
2015-04-18 17:42 - 2015-04-18 17:42 - 00030352 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtlitescsibus.sys
2015-04-18 17:39 - 2015-04-18 17:40 - 13223208 _____ (Disc Soft Ltd) C:\Users\Admin\Downloads\DTLite501-0406 (1).exe
2015-04-18 17:36 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\VirtualBox VMs
2015-04-18 16:27 - 2015-04-18 17:55 - 00000000 ____D () C:\Users\Admin\.VirtualBox
2015-04-18 16:27 - 2015-04-18 16:56 - 00000000 ____D () C:\Users\Admin\AppData\Local\Genymobile
2015-04-18 16:13 - 2015-04-18 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-04-18 16:13 - 2014-05-16 14:04 - 00254240 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-04-18 16:12 - 2014-05-16 14:03 - 00128288 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-04-18 16:03 - 2015-04-18 16:04 - 09390250 _____ () C:\Users\Admin\Downloads\Genymotion Flash file.zip
2015-04-18 16:00 - 2015-04-18 16:07 - 133567504 _____ (Genymobile ) C:\Users\Admin\Downloads\genymotion-2.4.0-vbox.exe
2015-04-18 15:20 - 2015-04-18 15:20 - 20614780 _____ () C:\Users\Admin\Downloads\WhatsApp.apk
2015-04-18 14:59 - 2015-04-18 15:00 - 20624992 _____ () C:\Users\Admin\Downloads\WhatsApp42.apk
2015-04-17 17:22 - 2015-04-17 17:22 - 00258097 _____ () C:\Users\Admin\Downloads\nirsoft_package_german-17-06-14.zip
2015-04-17 17:15 - 2015-04-17 17:15 - 00384068 _____ () C:\Users\Admin\Downloads\nirsoft_sprachpaket_deutsch.zip
2015-04-17 17:15 - 2015-04-17 17:15 - 00384068 _____ () C:\Users\Admin\Downloads\nirsoft_sprachpaket_deutsch (1).zip
2015-04-17 06:05 - 2015-04-02 02:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-17 06:05 - 2015-04-02 01:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-17 06:05 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-17 06:05 - 2015-03-13 06:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 06:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-17 06:05 - 2015-03-13 06:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-17 06:05 - 2015-03-13 06:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-17 06:05 - 2015-03-13 06:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-17 06:05 - 2015-03-13 06:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 06:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-17 06:05 - 2015-03-13 05:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-17 06:05 - 2015-03-13 05:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-17 06:05 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-17 06:05 - 2015-03-13 05:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-17 06:05 - 2015-03-13 05:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-17 06:05 - 2015-03-13 05:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-17 06:05 - 2015-03-13 05:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-17 06:05 - 2015-03-13 05:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 05:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-17 06:05 - 2015-03-13 05:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-17 06:05 - 2015-03-13 05:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-17 06:05 - 2015-03-13 05:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-17 06:05 - 2015-03-13 05:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-17 06:05 - 2015-03-13 05:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-17 06:05 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-17 06:05 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 05:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-17 06:05 - 2015-03-13 05:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 05:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 05:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-17 06:05 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-17 06:05 - 2015-03-13 04:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-17 06:05 - 2015-03-13 04:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-17 06:05 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-17 06:05 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-17 06:05 - 2015-03-13 04:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-17 06:05 - 2015-03-13 04:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-17 06:05 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-17 06:05 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-17 06:05 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-17 06:05 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-17 06:05 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-17 06:03 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-17 06:03 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-17 06:03 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-17 06:03 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-17 06:02 - 2015-03-17 07:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 07:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-17 06:02 - 2015-03-17 07:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-17 06:02 - 2015-03-17 07:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-17 06:02 - 2015-03-17 07:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-17 06:02 - 2015-03-17 07:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-17 06:02 - 2015-03-17 07:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 07:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-17 06:02 - 2015-03-17 07:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-17 06:02 - 2015-03-17 07:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-17 06:02 - 2015-03-17 07:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 07:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-17 06:02 - 2015-03-17 07:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-17 06:02 - 2015-03-17 06:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-17 06:02 - 2015-03-17 06:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-17 06:02 - 2015-03-17 06:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-17 06:02 - 2015-03-17 06:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-17 06:02 - 2015-03-17 06:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 06:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-17 06:02 - 2015-03-17 05:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-17 06:02 - 2015-03-17 05:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-17 06:02 - 2015-03-17 05:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-17 06:02 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-17 06:02 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-17 06:02 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-17 06:02 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-17 06:02 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-17 06:02 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-17 05:57 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-17 05:57 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-17 05:57 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-16 14:43 - 2015-04-28 12:06 - 00003852 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1429188192
2015-04-16 14:43 - 2015-04-16 14:43 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Opera Software
2015-04-16 14:43 - 2015-04-16 14:43 - 00000000 ____D () C:\Users\Admin\AppData\Local\Opera Software
2015-04-16 14:41 - 2015-04-28 12:06 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-04-16 14:39 - 2015-04-16 14:39 - 03015656 _____ (Crystal Dew World ) C:\Users\Admin\Downloads\CrystalDiskInfo6_3_2-en.exe
2015-04-14 12:16 - 2015-04-14 12:17 - 52380855 _____ () C:\Users\Admin\Downloads\Clash of Clans_7.1.1.apk
2015-04-13 14:04 - 2015-04-25 21:32 - 00000000 ____D () C:\Users\Admin\AppData\Local\CrashDumps
2015-04-12 13:50 - 2015-04-12 13:50 - 00000000 ____D () C:\ProgramData\HP
2015-04-12 08:57 - 2015-04-12 08:57 - 00642360 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2015-04-12 08:56 - 2015-04-12 08:56 - 00977624 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-04-12 08:56 - 2015-04-12 08:56 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll
2015-04-12 08:54 - 2015-04-12 08:54 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll
2015-04-11 02:33 - 2014-12-11 19:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-11 02:33 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-11 02:33 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-10 15:07 - 2015-04-10 15:07 - 00330518 _____ () C:\Users\Admin\Documents\Documents.rar
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\Users\Admin\Documents\PassMark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\Users\Admin\AppData\Local\PassMark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\ProgramData\Passmark
2015-04-08 18:23 - 2015-04-08 18:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2015-04-08 16:21 - 2013-10-02 04:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-04-08 16:21 - 2013-10-02 04:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-08 16:21 - 2013-10-02 04:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-08 16:21 - 2013-10-02 03:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-04-08 16:21 - 2013-10-02 03:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-04-08 16:21 - 2013-10-02 03:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-08 16:21 - 2013-10-02 03:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-08 16:21 - 2013-10-02 02:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-08 16:21 - 2013-10-02 02:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-08 16:21 - 2013-10-02 02:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-04-08 16:21 - 2013-10-02 02:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-04-08 16:21 - 2013-10-02 01:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-08 16:21 - 2013-10-02 01:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-08 16:21 - 2013-10-02 01:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-08 16:21 - 2013-10-02 00:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-08 16:19 - 2015-04-08 16:21 - 00000000 ____D () C:\c8ba8a38767b4e9aaa
2015-04-08 16:18 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-08 16:18 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-08 16:18 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-08 16:18 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-08 15:01 - 2015-04-08 15:02 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\1
2015-04-08 14:40 - 2015-04-08 14:40 - 00000000 ____D () C:\Users\Admin\Documents\Visual Studio 2012
2015-04-08 14:39 - 2015-04-08 14:39 - 00000000 ____D () C:\Program Files (x86)\NuGet
2015-04-08 14:26 - 2015-04-08 14:26 - 00000000 ____D () C:\Windows\symbols
2015-04-06 17:16 - 2015-04-06 19:23 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\dvdcss
2015-04-05 21:18 - 2015-05-05 01:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-05 21:18 - 2015-04-05 21:18 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-05 17:36 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:36 - 2009-07-14 06:45 - 00025680 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-05 17:35 - 2015-01-25 12:32 - 00000000 ____D () C:\Users\Admin
2015-05-05 17:34 - 2015-02-03 13:23 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-05 17:31 - 2015-02-10 18:39 - 00000000 ___RD () C:\Users\Admin\Dropbox
2015-05-05 17:31 - 2015-02-10 18:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Dropbox
2015-05-05 17:28 - 2015-03-03 15:49 - 00000000 ____D () C:\Users\Admin\AppData\Local\HTC MediaHub
2015-05-05 17:28 - 2015-02-04 14:05 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-05 17:27 - 2015-02-04 10:59 - 00052379 _____ () C:\Windows\setupact.log
2015-05-05 17:27 - 2015-02-03 13:23 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-05 17:26 - 2015-01-25 12:46 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-05 17:26 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-05 15:26 - 2015-01-25 13:05 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA.job
2015-05-05 15:18 - 2015-01-25 13:59 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-05 14:43 - 2015-01-31 11:19 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\uTorrent
2015-05-05 13:44 - 2015-01-25 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-05 13:06 - 2015-01-25 12:10 - 01995221 _____ () C:\Windows\WindowsUpdate.log
2015-05-05 12:52 - 2015-01-25 12:52 - 00001377 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2015-05-05 01:33 - 2015-03-22 16:31 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\ProductData
2015-05-05 01:33 - 2010-11-21 09:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-04 17:23 - 2014-12-13 18:21 - 00842440 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-04 17:23 - 2014-08-19 12:31 - 00056008 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kldisk.sys
2015-05-04 17:07 - 2015-02-04 10:58 - 00084890 _____ () C:\Windows\PFRO.log
2015-05-04 17:06 - 2015-02-04 14:05 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-04 15:46 - 2015-02-01 10:56 - 00000000 ____D () C:\Windows\Minidump
2015-05-04 13:58 - 2015-03-22 16:29 - 00000000 ____D () C:\ProgramData\ProductData
2015-05-03 19:26 - 2015-01-25 13:05 - 00001068 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core.job
2015-05-03 13:40 - 2015-01-25 15:17 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Skype
2015-05-01 18:51 - 2015-01-25 14:31 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-01 18:51 - 2015-01-25 14:31 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-01 18:50 - 2015-01-25 14:31 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-01 17:35 - 2015-02-03 13:25 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-29 16:32 - 2015-02-05 13:09 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-04-28 19:21 - 2015-01-25 13:05 - 00004090 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000UA
2015-04-28 19:21 - 2015-01-25 13:05 - 00003694 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2897107241-917314487-1310154325-1000Core
2015-04-28 19:21 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Google
2015-04-28 12:45 - 2015-03-22 16:29 - 00002880 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Admin
2015-04-27 17:21 - 2015-01-31 10:56 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-04-27 17:09 - 2015-03-03 16:55 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-04-27 14:20 - 2015-01-25 20:49 - 00000000 ____D () C:\Windows.old
2015-04-26 20:06 - 2015-02-13 18:36 - 00000000 ____D () C:\MyStuff
2015-04-26 16:42 - 2015-01-25 14:03 - 00000000 ___HD () C:\ProgramData\Origin
2015-04-26 12:40 - 2015-02-10 18:39 - 00001017 _____ () C:\Users\Admin\Desktop\Dropbox.lnk
2015-04-26 12:40 - 2015-02-10 18:20 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-04-24 17:18 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Registration
2015-04-24 13:47 - 2014-02-19 16:09 - 00000000 ____D () C:\adwareentferner
2015-04-24 13:41 - 2015-03-16 18:07 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-22 23:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-04-22 16:27 - 2015-02-05 13:09 - 00000971 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-04-22 16:27 - 2015-02-05 13:09 - 00000959 _____ () C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-04-21 12:28 - 2015-01-25 21:04 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2015-04-21 12:28 - 2015-01-25 21:04 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2015-04-21 12:28 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-21 12:14 - 2015-01-28 15:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-21 12:10 - 2015-01-28 15:04 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-20 15:29 - 2015-03-03 15:38 - 00000000 ____D () C:\Users\Admin\.android
2015-04-20 13:40 - 2015-02-14 11:07 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-20 13:38 - 2015-02-14 11:07 - 00000000 ____D () C:\Program Files\Java
2015-04-20 13:26 - 2015-01-25 12:51 - 01593956 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-19 10:07 - 2015-03-22 16:31 - 00002144 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-04-15 21:18 - 2015-01-25 13:59 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 21:18 - 2015-01-25 13:59 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-15 21:18 - 2015-01-25 13:59 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-12 13:49 - 2015-01-25 13:05 - 00000000 ____D () C:\Users\Admin\AppData\Local\Deployment
2015-04-12 08:56 - 2015-01-25 12:59 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-04-12 08:55 - 2015-01-25 12:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-10 19:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-10 15:25 - 2015-01-25 14:02 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-09 16:15 - 2015-01-31 13:16 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2015-04-09 08:37 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-09 02:58 - 2015-01-25 14:53 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2015-01-25 12:45 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-09 02:58 - 2015-01-25 12:44 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2015-01-25 12:45 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2015-01-25 12:45 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 22:18 - 2015-01-27 07:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-08 22:18 - 2015-01-27 07:16 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-08 19:52 - 2015-01-25 12:45 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-08 16:24 - 2015-03-18 15:19 - 00000000 ____D () C:\ProgramData\IObit
2015-04-08 16:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-08 14:39 - 2015-01-25 15:27 - 00000000 ____D () C:\ProgramData\Package Cache
2015-04-08 14:38 - 2015-03-17 20:56 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2015-04-08 14:38 - 2015-03-17 20:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server
2015-04-08 14:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2015-04-08 14:30 - 2015-03-17 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
2015-04-08 14:19 - 2015-03-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012 Express
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\SysWOW64\1033
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\SysWOW64\1031
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\system32\1033
2015-04-08 14:12 - 2015-03-17 21:02 - 00000000 ____D () C:\Windows\system32\1031
2015-04-07 15:06 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-06 19:23 - 2015-01-25 14:04 - 00000000 ____D () C:\Users\Admin\AppData\Roaming\vlc
2015-04-06 08:55 - 2015-03-22 16:29 - 00001878 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-04-05 09:21 - 2015-01-25 13:59 - 00000000 ____D () C:\Users\Admin\AppData\Local\Adobe
2015-04-05 09:20 - 2015-03-18 15:30 - 00001625 _____ () C:\Users\Public\Desktop\Razer Cortex.lnk
==================== Files in the root of some directories =======
2015-03-14 15:04 - 2015-03-14 15:04 - 0000000 ___SH () C:\Users\Admin\AppData\Local\LumaEmu
2015-04-26 20:27 - 2015-04-26 20:27 - 0000856 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-02-04 17:23 - 2015-03-17 14:00 - 0007587 _____ () C:\Users\Admin\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpoaqun_.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-24 21:23
==================== End Of Log ============================
Gruß Lolle1 Geändert von lolle1 (05.05.2015 um 17:40 Uhr) |
| Themen zu Virus? PC Langsam Anti-Virus/GMER geht nicht! |
| bildschirm, bluescreen, bonjour, browser, chromium, computer, crystaldiskinfo, cyberghost, driver booster, dsl, flash player, gmer geht nicht, google, grand theft auto, hängen, kaspersky, kis, langsam, mozilla, prozess, realtek, registry, scan, security, server, software, starten, svchost.exe, usb, virtualbox, virus, virus?!, windows, windows.old |
Baum-Darstellung