Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 31.05.2015, 04:14   #1
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Hey,
ich würde mich gerne freuen, wenn einer vom Team mir helfen kann, obwohl ich frisch neu gereggt bin.
Ich bin wie ein Idiot auf den Fake Steam Link drauf gegangen, dessen Link mit einer .png Datei endet, was ein Redirect auf einen automatischen Download einer .scr Datei führte.
Ich konnte den Download rechtzeitig auf Chrome abbrechen, obwohl Chrome (das passiert oft bei mir) die Datei als vollständig geladen angezeigt hat (1.048KB/1.048KB geladen). Bei mir ist es manchmal eben so, dass der das oft direkt als fertig geladen anzeigt, aber im BackUp noch lädt. Egal jetzt. Im Browser steht auch, dass es abgebrochen worden ist. Hab unter AppData/Local im Cache Ordner nachgeguckt, dort in keinem Ordner irgendeine unfertige Datei gefunden geschweige eine Datei über 20kb. hab auch sofort NOD32 + Malwarebytes Anti-Malware rüberlaufen lassen, kein Alarm geschlagen.

Da ich auf Nummer sicher gehen will, hab ich euer Farbar Recovery Scan Tool installiert und durchführen lassen.

Würde mich sehr über eine Antwort freuen, ob da was ist. Wenn ja würde ich mich auch über eine kleine Angabe freuen, vlt hab ich ja ne Erklärung für

habs in ne .rar Datei gepackt, weil es sonst zu groß ist.



Virustotal von meinem .rar Paket:
https://www.virustotal.com/de/file/a0a9487aa503ff74c43a98d10bd2fa7bb7e64a192672893864cc3ad0c644dbda/analysis/1433042493/

Der Text, den Sie eingegeben haben, besteht aus 136602 Zeichen und ist damit zu lang. Bitte die Logs auf mehrere Beiträge aufspalten mit maximaler Länge von 120000 Zeichen.
Logs bitte immer in CODE-Tags posten. Bebilderte Anleitung.

Geändert von schrauber (31.05.2015 um 14:36 Uhr)

Alt 31.05.2015, 05:10   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 31.05.2015, 05:14   #3
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



FRST PART 1

Code:
ATTFilter
==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(H.D.S. Hungary) C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(none) C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Spotify Ltd) C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Crystal Dew World) C:\Program Files (x86)\CrystalDiskInfo\DiskInfo.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-07-15] (Lenovo)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2011-12-06] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-15] (Lenovo)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
HKLM-x32\...\Run: [WheelMouse] => C:\Revoltec FightMouse Portable\wh_exec.exe [98304 2009-09-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-921053363-3756481614-3739615417-1002 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
HKU\S-1-5-21-921053363-3756481614-3739615417-1002 Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Power2GoExpress] => NA
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Facebook Update] => C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\Installer.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [WLAN Optimizer] => C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe [109056 2009-08-07] (none)
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [Spotify Web Helper] => C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-08-07] (Spotify Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - J:\LaunchU3.exe -a
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [Facebook Update] => C:\Users\Sebiha\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-31] (Facebook Inc.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-10] (Electronic Arts)
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Run: [WLAN Optimizer] => C:\Users\Sebiha\Desktop\wopt021\WLAN Optimizer.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\SETUP.EXE
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - G:\LaunchU3.exe -a
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {aeaaafa4-ce51-11e1-88e9-806e6f6e6963} - F:\CTRun\Start.EXE
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [Facebook Update] => C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Run: [WLAN Optimizer] => C:\Users\Der Chef\Desktop\wopt021\WLAN Optimizer.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [StartMSu] => C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe [81920 2009-04-29] (Creative Technology Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [InetReg] => "C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\RunOnce: [CTAutoUpdate] => C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [1571088 2011-09-22] (Creative Technology Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - G:\LaunchU3.exe -a
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {aeaaafa4-ce51-11e1-88e9-806e6f6e6963} - F:\CTRun\Start.EXE
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2888384 2015-05-15] (Valve Corporation)
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [Facebook Update] => C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-11-17] (Facebook Inc.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Run: [WLAN Optimizer] => C:\Users\Hayrunnisa\Desktop\wopt021\WLAN Optimizer.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\RunOnce: [Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {10b01096-0551-11e2-ba32-dc0ea1fe1eec} - E:\SETUP.EXE
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {460804d8-4329-11e4-a201-74e543345de1} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {7c5925b2-faae-11e1-81eb-dc0ea1fe1eec} - G:\LaunchU3.exe -a
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {aeaaafa4-ce51-11e1-88e9-806e6f6e6963} - F:\CTRun\Start.EXE
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\MountPoints2: {e147d1d2-5cdf-11e4-a471-74e543345de1} - H:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-15] ()
GroupPolicyUsers\S-1-5-21-921053363-3756481614-3739615417-1002\User: Group Policy Restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-921053363-3756481614-3739615417-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=LENN&bmod=LENN
URLSearchHook: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 - (No Name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No File
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1005 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1006 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1006 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-17] (Oracle Corporation)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} ->  No File
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKU\S-1-5-21-921053363-3756481614-3739615417-1002 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll [2015-05-13] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6425074E-F29D-46B6-B8FC-2A2891C4B2C7}: [NameServer] 77.109.138.45,77.109.139.29

FireFox:
========
FF ProfilePath: C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-20] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.5.0\\npsitesafety.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\UpdatusUser\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] ()
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] ()
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Sebiha\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1002: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] ()
FF Extension: ADB Helper - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\adbhelper@mozilla.org [2015-04-22]
FF Extension: Battlefield Play4Free - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\battlefieldplay4free@ea.com [2015-04-17]
FF Extension: Valence - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\fxdevtools-adapters@mozilla.org [2015-04-22]
FF Extension: NoScript - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-01]
FF Extension: Video DownloadHelper - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-22]
FF Extension: Adblock Plus - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-29]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-30]
CHR Extension: (Google Docs) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-08]
CHR Extension: (Google Drive) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-08]
CHR Extension: (YouTube) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-08]
CHR Extension: (Battlefield Heroes) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-11-08]
CHR Extension: (Adblock Plus) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-20]
CHR Extension: (Google Search) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-08]
CHR Extension: (FoxyProxy Standard) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-10-12]
CHR Extension: (Bookmark Manager) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (ProxMate) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (AVG Security Toolbar) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-11-08]
CHR Extension: (Google Wallet) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08]
CHR Extension: (Soundload) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\obeamklhbmaapccdahgeafnpfkdkbimo [2014-05-13]
CHR Extension: (Battlefield Play4Free) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-11-08]
CHR Extension: (Gmail) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-08]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx [2014-04-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-12-23] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-12-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-04-17] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-04-17] ()
R2 vToolbarUpdater18.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [1812416 2015-05-13] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-01-14] ()
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-23] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-01-14] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ALSysIO64.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; No ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
S3 vm332avs; System32\Drivers\vm332avs.sys [X]
S3 wolf; \??\C:\Program Files (x86)\Joygame\WolfTeamTS\avital\wolf64.sys [X]
         
[/CODE]
__________________

Alt 31.05.2015, 05:16   #4
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



FRST PART 2:

Code:
ATTFilter
========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AcpiVpc.sys 5E813B11629007309E4FC0F0FD2B7C30
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btath_flt.sys 78B183A794A08978EA0A8D017054352B
C:\Windows\System32\DRIVERS\athrx.sys 6C496450404ABDC887E56DF462B34255
C:\Windows\System32\DRIVERS\atksgt.sys FC0E8778C000291CAF60EB88C011E931
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\drivers\BPntDrv.sys AAA4F992F879977A000FE8B8C730CD2C
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\drivers\btath_a2dp.sys EDEBD26DF631A78483707C3F7429027F
C:\Windows\System32\drivers\btath_avdt.sys 2F22177BFEA75326DC0C535D71985A4E
C:\Windows\System32\DRIVERS\btath_bus.sys D438A33D568C76C24E8D7394981F42DC
C:\Windows\System32\DRIVERS\btath_hcrp.sys 6EFA8C93009E0BE0886C2422C7D20BC5
C:\Windows\System32\DRIVERS\btath_lwflt.sys 168506D0F0C8DF588F8A7E25C58A2DE6
C:\Windows\System32\DRIVERS\btath_rcp.sys 7C8FB1D73BD279DD914CCA6ED0F4F62B
C:\Windows\System32\DRIVERS\btfilter.sys 58D67C18894F96E89C076150BB76AD40
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys 9F6DE1995A188615CEEE908E750A34ED
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\DamageGuardX64.sys 56F4750B7F0CE969E43DE2A76DDA5A5F
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dgFltrX64.sys 5014042B07FE6CBE0E6C737AA3F1EBFC
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\eamonm.sys D00EAE9C735A7DEE8049E50D73D25434
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys E5EDDE3C8158DD0CBC5812F201DCDED0
C:\Windows\System32\Drivers\ElbyCDIO.sys BE2902E13CA69383F449B6BF927844FB
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfwwfpr.sys 3EBB7FD3C605262B942868A1D840F4F1
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 4B18C33EEDD15BD2AAF99807D36555B3
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\drivers\fbfmon.sys 0BDD7984DB7AAFF6DFEFD11D82D473DB
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys C224331A54571C8C9162F7714400BBBD
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 142CFBE6ED0E498CCA7ABE8DD932C1AF
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys 8E4044C6B71B2F837166F6EDB6BF9100
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys 846354992EBB373F452EB9182D501B08
C:\Windows\System32\DRIVERS\iusb3hub.sys 1D88A23853387D34D52CC8F9DDBFC56C
C:\Windows\System32\DRIVERS\iusb3xhc.sys FC5EFD7C797DF19DFB999F0605A7924E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys F7DFAE6040AC910B7C64EE208A34157D
C:\Windows\System32\Drivers\ksecpkg.sys 8FE94F2EF9BF444E93E35D87E210D02F
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys FC741259B7C22379EE83257D7CF91151
C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B
C:\Windows\System32\DRIVERS\lirsgt.sys 156AB2E56DC3CA0B582E3362E07CDED7
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 6B01B7414A105B9E51652089A03027CF
C:\Windows\System32\drivers\mobiolawave.sys 14F31D60A6C0D73DE9836EDC8F304E83
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 757ACE4D4C9FF0571F86AA5D586B45E8
C:\Windows\System32\DRIVERS\nvpciflt.sys 445422B928D2FE322BB6B956EA77DC7B
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 0C4A0D577A6EF1B9D353851668779944
C:\Windows\System32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 21AB491BBCC8C1B26FDC402A374AB196
C:\Windows\System32\DRIVERS\Sftplaylh.sys 3B8D43FEEFF7A187534DDDFD675FE123
C:\Windows\System32\DRIVERS\Sftredirlh.sys F1D1B1DC7A8765A09D7640FBF8D20970
C:\Windows\System32\DRIVERS\Sftvollh.sys B3B9ADE7F8C4AF0C20E712E040588543
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\SysWow64\speedfan.sys 0FFE35F0B0CD5A324BBE22F02569AE3B
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys 3C32FF010F869BC184DF71290477384E
C:\Windows\System32\DRIVERS\tap0901t.sys B08740047145B9BCE15BF75CA0F9718A
C:\Windows\System32\DRIVERS\taphss6.sys BCF5E78E87D258088346E399E406E501
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\DRIVERS\VClone.sys 3C8E2C591345F38149C69FE8E5DF8C90
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wsvd.sys 83575C43B2BFE9AB0661A7F957E843C0
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 04:54 - 2015-05-31 04:56 - 00061255 _____ () C:\Users\Yusa-Enes\Downloads\FRST.txt
2015-05-31 04:53 - 2015-05-31 04:54 - 00000000 ____D () C:\FRST
2015-05-31 04:52 - 2015-05-31 04:53 - 02108928 _____ (Farbar) C:\Users\Yusa-Enes\Downloads\FRST64.exe
2015-05-30 13:17 - 2015-05-30 13:17 - 00000580 _____ () C:\Windows\PFRO.log
2015-05-30 00:09 - 2015-05-30 00:17 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Ubisoft Game Launcher
2015-05-30 00:08 - 2015-05-30 00:08 - 00001212 _____ () C:\Users\Yusa-Enes\Desktop\Uplay.lnk
2015-05-30 00:08 - 2015-05-30 00:08 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-30 00:08 - 2015-05-30 00:08 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-29 23:46 - 2015-05-29 23:46 - 24088192 _____ () C:\Users\Yusa-Enes\Downloads\UbisoftGameLauncherInstaller.exe
2015-05-29 23:40 - 2015-05-29 23:40 - 00000000 ____D () C:\cache
2015-05-28 21:05 - 2015-05-28 21:05 - 00004863 _____ () C:\Users\Yusa-Enes\Downloads\php.ini
2015-05-28 15:16 - 2015-05-28 15:19 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\y22_db_2015_05_28_16_12.sql
2015-05-28 15:15 - 2015-05-28 15:15 - 01928410 _____ () C:\Users\Yusa-Enes\Downloads\y22_db_2015_05_28_16_12.sql.gz
2015-05-27 11:01 - 2015-05-27 11:08 - 00000027 _____ () C:\Users\Yusa-Enes\Desktop\osw.txt
2015-05-26 16:26 - 2015-05-26 16:27 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4 (1)
2015-05-26 16:25 - 2015-05-26 16:26 - 00659416 _____ () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4 (1).zip
2015-05-26 15:57 - 2015-05-26 15:57 - 00034024 _____ () C:\Users\Yusa-Enes\Downloads\AUD-20150520-WA0009.aac
2015-05-20 16:08 - 2015-05-20 16:08 - 00431880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-20 01:11 - 2015-05-20 01:11 - 00000154 _____ () C:\Windows\DirectX.log
2015-05-20 01:08 - 2015-05-20 01:08 - 00118496 _____ () C:\Users\Yusa-Enes\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-20 01:07 - 2015-05-20 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-20 01:07 - 2015-05-20 01:07 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-20 01:05 - 2015-05-20 01:05 - 01376768 _____ () C:\Users\Yusa-Enes\Downloads\7z920-x64.msi
2015-05-19 21:53 - 2015-05-19 21:53 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\3dduke13
2015-05-19 21:52 - 2015-05-19 21:53 - 05910927 _____ () C:\Users\Yusa-Enes\Downloads\3dduke13.zip
2015-05-19 14:44 - 2015-05-30 18:30 - 00006776 _____ () C:\Windows\setupact.log
2015-05-19 14:44 - 2015-05-19 14:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-19 04:57 - 2015-05-20 16:19 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432004247
2015-05-19 04:57 - 2015-05-20 16:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-19 04:57 - 2015-05-19 04:57 - 00001146 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-05-19 04:57 - 2015-05-19 04:57 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-05-19 04:57 - 2015-05-19 04:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Opera Software
2015-05-19 04:57 - 2015-05-19 04:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Opera Software
2015-05-19 04:56 - 2015-05-19 04:57 - 33411912 _____ (Opera Software) C:\Users\Yusa-Enes\Downloads\Opera_29.0.1795.47_Setup.exe
2015-05-18 16:05 - 2015-05-18 16:05 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Trey Songz - Intermission I & II
2015-05-18 16:01 - 2015-05-18 16:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Jamie Foxx - Hollywood A Story of a Dozen Roses (Deluxe Version) [SR]-ULGang
2015-05-18 16:00 - 2015-05-18 16:00 - 62105255 _____ () C:\Users\Yusa-Enes\Downloads\Jamie Foxx - Hollywood A Story of a Dozen Roses (Deluxe Version) [SR]-ULGang.zip
2015-05-18 15:46 - 2015-05-18 15:51 - 108619398 _____ () C:\Users\Yusa-Enes\Downloads\Trey Songz - Intermission I & II.zip
2015-05-18 15:42 - 2015-05-18 17:24 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Black 18.05.2015
2015-05-15 16:29 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 16:29 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:46 - 2015-05-13 23:47 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\sacred_gold_schote.biz.7z
2015-05-13 23:34 - 2015-05-13 23:39 - 209715200 _____ () C:\Users\Yusa-Enes\Downloads\sacred_gold_schote.biz.7z.001
2015-05-13 23:34 - 2015-05-13 23:38 - 185491944 _____ () C:\Users\Yusa-Enes\Downloads\sacred_gold_schote.biz.7z.002
2015-05-13 15:56 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:56 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:56 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:56 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:55 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:55 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:55 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:55 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:55 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:55 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:55 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:55 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:55 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:55 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:55 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:55 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:55 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:55 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:55 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:55 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:55 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:55 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:55 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:55 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:55 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:55 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:55 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:55 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:55 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:55 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:55 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:55 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:55 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:55 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:55 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:55 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:55 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:55 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:55 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:55 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:55 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:55 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:55 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:55 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:55 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:55 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:55 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:55 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:55 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:55 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:55 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:55 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:55 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:55 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:55 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:55 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:55 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:55 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:55 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:55 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:55 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:55 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:55 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:55 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:55 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:55 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:55 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:55 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:55 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:55 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:55 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:55 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:55 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:55 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:55 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:55 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:55 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:55 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:55 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:55 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:55 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:55 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:55 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:55 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:55 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:54 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:54 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:54 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:54 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:54 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:54 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:54 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:54 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:54 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:54 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:54 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:54 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:54 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:54 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:54 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:54 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:54 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:54 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 23:06 - 2015-05-12 23:06 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\Add-in Express
2015-05-12 23:05 - 2015-05-20 01:09 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-12 23:03 - 2015-05-12 23:04 - 68745216 _____ () C:\Users\Yusa-Enes\Downloads\wz195gev-32.msi
2015-05-11 20:56 - 2015-05-11 22:16 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Black 11.05.2015
2015-05-10 21:45 - 2015-05-10 21:46 - 00000000 ____D () C:\Program Files (x86)\Football Manager 2015 Editor
2015-05-10 21:43 - 2015-05-10 21:43 - 00001967 _____ () C:\Users\Yusa-Enes\Desktop\Football Manager 2015.lnk
2015-05-10 21:43 - 2015-05-10 21:43 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Football Manager 2015
2015-05-10 21:38 - 2015-05-18 23:33 - 00000000 ____D () C:\Program Files (x86)\Football Manager 2015
2015-05-10 14:47 - 2015-05-10 14:47 - 09132716 _____ () C:\Users\Yusa-Enes\Downloads\FM15_Deutsch_V13.rar
2015-05-10 14:47 - 2015-05-10 14:47 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\FM15_Deutsch_V13
2015-05-10 03:39 - 2015-05-10 03:39 - 10382349 _____ () C:\Users\Yusa-Enes\Downloads\FMRTE 15 build 16 llpplplp.rar
2015-05-10 03:39 - 2015-05-10 03:39 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\FMRTE 15 build 16 llpplplp
2015-05-10 02:52 - 2015-01-21 17:57 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\db
2015-05-10 02:52 - 2015-01-18 21:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\update_1520
2015-05-10 02:52 - 2015-01-18 21:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\languages
2015-05-10 02:52 - 2015-01-18 19:14 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\match_languages
2015-05-09 23:56 - 2015-05-09 23:56 - 00041561 _____ () C:\Users\Yusa-Enes\Downloads\all.zip
2015-05-09 21:55 - 2015-05-09 21:55 - 00368891 _____ () C:\.dbc.bak
2015-05-09 21:40 - 2015-05-10 22:59 - 00369159 _____ () C:\.dbc
2015-05-09 21:38 - 2015-05-09 21:38 - 00367075 _____ () C:\.dbc.dbc
2015-05-08 22:38 - 2015-05-08 22:38 - 01041010 _____ () C:\Users\Yusa-Enes\Downloads\LFCMarshalls FM Transfer Update .fmf.zip
2015-05-08 22:26 - 2015-05-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Sports Interactive
2015-05-07 16:20 - 2015-05-07 16:20 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\NoDJ-Certified_Clubtapes_Vol_12
2015-05-07 16:13 - 2015-05-07 16:16 - 172888633 _____ () C:\Users\Yusa-Enes\Downloads\NoDJ-Certified_Clubtapes_Vol_12.zip
2015-05-07 15:41 - 2015-05-05 22:45 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\OJ Da Juiceman - The Realest Nigga I Know 2
2015-05-05 22:18 - 2015-05-07 15:40 - 78153217 _____ () C:\Users\Yusa-Enes\Downloads\The Realest Nigga I Know 2.zip
2015-05-05 21:41 - 2015-05-31 01:18 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 21:41 - 2015-05-05 21:41 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-05 21:41 - 2015-05-05 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-05 21:41 - 2015-05-05 21:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-05 21:41 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-05 21:41 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-05 21:40 - 2015-05-05 21:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Yusa-Enes\Downloads\mbam-setup-majorgeeks-2.1.6.1022.exe
2015-04-29 18:47 - 2015-04-29 18:48 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Skyrim
2015-04-29 18:44 - 2015-04-29 18:44 - 00002433 _____ () C:\Users\Yusa-Enes\Desktop\The Elder Scrolls V Skyrim - Legendary Edition (Launcher).lnk
2015-04-29 18:44 - 2015-04-29 18:44 - 00002379 _____ () C:\Users\Yusa-Enes\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk
2015-04-29 18:20 - 2015-04-29 18:44 - 00000000 ____D () C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year)
2015-04-26 22:06 - 2015-04-26 22:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-04-22 22:01 - 2015-04-22 22:01 - 00000000 ____D () C:\Users\Yusa-Enes\.android
2015-04-20 21:20 - 2015-04-20 21:20 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Sex-Escapades-14-Good-Vibes-Edition
2015-04-20 21:18 - 2015-04-20 21:19 - 105165590 _____ () C:\Users\Yusa-Enes\Downloads\Sex-Escapades-14-Good-Vibes-Edition.zip
2015-04-19 22:10 - 2015-04-19 23:27 - 00000219 _____ () C:\Users\Yusa-Enes\Desktop\Counter-Strike Global Offensive.url
2015-04-18 03:16 - 2015-04-18 03:16 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\1 - 3213
2015-04-18 03:11 - 2015-04-18 03:11 - 14324698 _____ () C:\Users\Yusa-Enes\Downloads\1 - 3213.rar
2015-04-17 21:16 - 2015-04-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2015-04-16 15:49 - 2015-04-16 15:49 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 00:33 - 2015-04-16 02:14 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Niqle_Nut_-_Imperal-yunus.2kaysixx
2015-04-15 20:16 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 20:16 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 20:16 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 20:16 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 20:16 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 20:16 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 20:16 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 20:16 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 20:16 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 20:16 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 20:16 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 20:16 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 20:16 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 20:15 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 20:15 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 20:15 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 20:14 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 20:14 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 20:14 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 21:30 - 2015-04-14 21:30 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 21:02 - 2015-04-14 21:03 - 07578290 _____ () C:\Users\Yusa-Enes\Downloads\localhost (5).sql
2015-04-14 03:38 - 2015-04-14 03:38 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-04-11 22:56 - 2015-04-11 22:56 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2
2015-03-25 00:03 - 2015-03-25 00:03 - 00000000 ____D () C:\Windows\System32\Tasks\HardDiskSentinel
2015-03-25 00:02 - 2015-03-25 00:02 - 00001014 _____ () C:\Users\Yusa-Enes\Desktop\Hard Disk Sentinel.lnk
2015-03-25 00:02 - 2015-03-25 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2015-03-25 00:01 - 2015-03-25 00:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\HDiskSent460.7377
2015-03-23 22:39 - 2015-03-23 22:40 - 00000000 ____D () C:\ProgramData\Blumentals
2015-03-23 22:39 - 2015-03-23 22:39 - 00001060 _____ () C:\Users\Yusa-Enes\Desktop\Rapid PHP 2015.lnk
2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Blumentals
2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid PHP 2015
2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\Program Files (x86)\Rapid PHP 2015
2015-03-23 22:38 - 2015-03-23 22:39 - 28224080 _____ (Karlis Blumentals ) C:\Users\Yusa-Enes\Downloads\rapidphp2015.exe
2015-03-23 22:20 - 2015-03-23 22:20 - 00002495 _____ () C:\Users\Yusa-Enes\Downloads\Fix Umlaute in der XundY Megashoutbox V1_3 by kill0rz.txt
2015-03-23 21:56 - 2015-03-23 21:58 - 84776815 _____ () C:\Users\Yusa-Enes\Downloads\Gucci Mane - Breakfast.zip
2015-03-22 04:25 - 2015-03-22 04:25 - 00000000 _____ () C:\Users\Yusa-Enes\Desktop\keyz - dum da dam 27.52.txt
2015-03-20 23:21 - 2015-03-20 23:21 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\Dokumente
2015-03-20 01:04 - 2015-03-20 01:04 - 02780999 _____ () C:\Users\Yusa-Enes\Downloads\hgfh.rar
2015-03-15 23:15 - 2015-03-15 23:15 - 04071806 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (2).sql
2015-03-15 21:49 - 2015-03-15 21:49 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\FlashFXP
2015-03-15 21:48 - 2015-03-15 21:48 - 05580880 _____ (OpenSight Software LLC ) C:\Users\Yusa-Enes\Downloads\FlashFXP51_3817_Setup.exe
2015-03-15 21:48 - 2015-03-15 21:48 - 00001046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashFXP 5.lnk
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 __HDC () C:\ProgramData\{4E9C0E19-EB2A-4563-B74E-07D2536941E3}
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\ProgramData\regid.2000-02.com.flashfxp
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\ProgramData\FlashFXP
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\Program Files (x86)\FlashFXP 5
2015-03-15 20:14 - 2015-03-15 20:14 - 00000851 _____ () C:\Users\Yusa-Enes\Downloads\Ftp ssl@tpereloaded.tk.xml
2015-03-15 20:01 - 2015-03-15 20:02 - 00021094 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (1).sql
2015-03-15 19:57 - 2015-03-15 19:57 - 01738231 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db.sql
2015-03-15 15:44 - 2015-03-15 15:44 - 01972448 _____ () C:\Users\Yusa-Enes\Downloads\backup_wBB2_201503151444.sql
2015-03-15 12:09 - 2015-03-15 12:09 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\Steam
2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\Program Files (x86)\OpenVPN
2015-03-13 21:48 - 2015-03-13 21:48 - 01712392 _____ () C:\Users\Yusa-Enes\Downloads\openvpn-install-2.3.6-I001-i686.exe
2015-03-13 21:48 - 2015-03-13 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2015-03-12 21:05 - 2015-03-12 21:05 - 00018556 _____ () C:\Windows\unins000.dat
2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\MingGuan
2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2015-03-12 21:05 - 2015-03-12 21:04 - 01192533 _____ () C:\Windows\unins000.exe
2015-03-12 01:18 - 2015-03-12 01:19 - 20930799 _____ () C:\Users\Yusa-Enes\Downloads\HDiskSent460.7377.rar
2015-03-12 01:09 - 2015-03-12 01:09 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Hard Disk Sentinel
2015-03-12 01:08 - 2015-05-25 12:23 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel
2015-03-12 01:07 - 2015-03-12 01:08 - 20434858 _____ () C:\Users\Yusa-Enes\Downloads\hdsentinel_trial_setup.zip
2015-03-11 23:28 - 2015-03-20 16:36 - 00000000 ____D () C:\CDI
2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 ____D () C:\Program Files (x86)\Seagate
2015-03-11 23:11 - 2015-03-11 23:12 - 26771088 _____ () C:\Users\Yusa-Enes\Downloads\SeaToolsforWindowsSetup.exe
2015-03-11 15:18 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 15:18 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 15:18 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 15:18 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 15:18 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 15:18 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 15:18 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 15:18 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 15:18 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 15:18 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 15:18 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 15:18 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 15:18 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 15:18 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 15:18 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 15:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 15:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 15:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 15:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 15:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 15:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 15:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 15:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 15:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 15:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 15:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 15:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 15:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 15:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 15:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 15:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 15:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 15:17 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 15:17 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 15:16 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 15:16 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 15:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 15:16 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 15:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 15:16 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 15:16 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 15:16 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 15:16 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 15:14 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 15:14 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 04:41 - 2015-03-11 04:41 - 00544112 _____ () C:\Users\Yusa-Enes\Downloads\Setup_Shutdown4U.exe
2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shutdown4U
2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutdown4U
2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\Program Files\Shutdown4U
2015-03-03 22:37 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-03-03 22:37 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-03-03 22:37 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-03-03 22:37 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-03-03 20:35 - 2015-03-03 20:35 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Grimms Marchen - Vollstandige uberarbeitete
2015-03-03 20:30 - 2015-03-03 20:33 - 27311022 _____ () C:\Users\Yusa-Enes\Downloads\Grimms Marchen - Vollstandige uberarbeitete.rar
2015-03-02 23:43 - 2015-03-02 23:48 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4
2015-03-02 23:43 - 2015-03-02 23:43 - 00659416 _____ () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4.zip
2015-03-02 23:12 - 2015-03-02 23:12 - 00025607 _____ () C:\Users\Yusa-Enes\Downloads\index (1).php
2015-03-02 22:56 - 2015-03-02 22:56 - 00025607 _____ () C:\Users\Yusa-Enes\Downloads\index.php

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 04:46 - 2012-10-19 20:35 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\TS3Client
2015-05-31 04:46 - 2012-09-01 16:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-31 04:33 - 2013-11-08 18:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-31 04:30 - 2013-03-05 11:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-31 04:27 - 2013-11-09 22:27 - 00000302 _____ () C:\Windows\Tasks\FoxTab.job
2015-05-31 04:22 - 2013-03-31 14:52 - 01915790 _____ () C:\Windows\WindowsUpdate.log
2015-05-31 03:54 - 2013-05-28 17:26 - 00000000 ____D () C:\Program Files (x86)\AVG Secure Search
2015-05-31 03:42 - 2014-10-13 01:11 - 03294569 _____ () C:\FaceProv.log
2015-05-31 01:20 - 2012-08-29 17:40 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Skype
2015-05-30 18:39 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-30 18:39 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 18:30 - 2013-11-08 18:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 18:30 - 2012-07-15 10:26 - 00209020 _____ () C:\Windows\system32\fastboot.set
2015-05-30 18:30 - 2012-07-15 10:23 - 00000000 ____D () C:\ProgramData\VeriFace
2015-05-30 18:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-30 00:18 - 2013-09-29 22:04 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\My Games
2015-05-30 00:09 - 2012-09-01 21:05 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\CrashDumps
2015-05-30 00:05 - 2012-07-15 09:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-30 00:05 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-29 15:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-29 05:25 - 2012-07-15 19:23 - 20244820 _____ () C:\Windows\system32\perfh007.dat
2015-05-29 05:25 - 2012-07-15 19:23 - 06510958 _____ () C:\Windows\system32\perfc007.dat
2015-05-29 05:25 - 2009-07-14 07:13 - 00006592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-27 22:24 - 2015-01-27 17:07 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2015-05-27 19:30 - 2012-11-06 16:12 - 00000000 ____D () C:\ProgramData\Origin
2015-05-24 18:58 - 2014-09-27 03:06 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\JDownloader 2.0
2015-05-24 18:26 - 2013-11-09 22:29 - 00000000 ____D () C:\JD
2015-05-24 07:16 - 2014-01-06 16:32 - 00000000 ____D () C:\Users\Hayrunnisa\AppData\Roaming\Skype
2015-05-24 07:16 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-23 21:33 - 2015-01-07 23:36 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Game Dev Tycoon
2015-05-23 02:28 - 2014-03-08 19:24 - 00000336 _____ () C:\Users\Yusa-Enes\Desktop\2B166A.txt
2015-05-20 16:16 - 2012-08-28 20:30 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Adobe
2015-05-20 16:15 - 2013-03-05 11:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 16:15 - 2013-03-05 11:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-20 16:15 - 2013-03-05 11:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 01:14 - 2014-06-03 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-18 00:58 - 2014-04-01 23:37 - 00000000 ____D () C:\csgo
2015-05-15 18:13 - 2011-10-10 10:19 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-15 18:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-15 18:12 - 2014-12-22 16:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 18:12 - 2014-12-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-15 16:56 - 2012-09-16 13:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-15 16:56 - 2012-09-09 20:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-15 16:53 - 2013-08-18 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-15 16:34 - 2012-08-28 23:15 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-15 16:29 - 2014-12-22 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-15 15:28 - 2013-11-08 18:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 15:28 - 2013-11-08 18:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 17:43 - 2014-05-14 17:49 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\NVIDIA Corporation
2015-05-13 17:43 - 2014-05-14 17:49 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\NVIDIA
2015-05-13 17:38 - 2012-09-18 20:06 - 00000000 ____D () C:\Users\Sebiha\AppData\Roaming\Skype
2015-05-13 17:30 - 2014-07-14 20:54 - 00000000 ____D () C:\Users\Hayrunnisa\Desktop\PicsArt
2015-05-13 17:26 - 2015-01-10 17:45 - 00000000 ____D () C:\Users\Hayrunnisa\Desktop\Camera
2015-05-13 17:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-12 23:06 - 2012-08-28 20:23 - 00000000 ____D () C:\Users\Yusa-Enes
2015-05-12 21:33 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-11 22:09 - 2014-08-07 21:14 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Spotify
2015-05-11 21:16 - 2014-08-07 21:16 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Spotify
2015-05-10 21:57 - 2014-01-31 23:28 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\Sports Interactive
2015-05-10 21:52 - 2014-01-31 23:28 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Sports Interactive
2015-05-05 22:37 - 2013-11-09 22:27 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\FoxTab
2015-05-05 21:41 - 2013-01-20 03:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Malwarebytes
2015-05-05 21:41 - 2013-01-20 03:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-04 17:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-02 23:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2013-02-27 14:45 - 2013-02-27 15:02 - 0072060 _____ () C:\Users\Yusa-Enes\AppData\Roaming\ArtRom.LST
2013-03-23 14:15 - 2014-05-22 17:08 - 0009728 _____ () C:\Users\Yusa-Enes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-21 21:26 - 2012-12-21 21:26 - 0005240 _____ () C:\Users\Yusa-Enes\AppData\Local\recently-used.xbel
2014-08-30 21:37 - 2014-12-22 14:41 - 0002365 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Hayrunnisa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sebiha\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sebiha\AppData\Local\Temp\Stp8823_TMP.EXE
C:\Users\Yusa-Enes\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 0

Windows-Startladeprogramm
-------------------------
Bezeichner              {775b600f-f13d-11e1-85d4-74e543345de1}
device                  ramdisk=[C:]\Recovery\775b600f-f13d-11e1-85d4-74e543345de1\Winre.wim,{775b6010-f13d-11e1-85d4-74e543345de1}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\775b600f-f13d-11e1-85d4-74e543345de1\Winre.wim,{775b6010-f13d-11e1-85d4-74e543345de1}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {775b600f-f13d-11e1-85d4-74e543345de1}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec}
nx                      OptIn

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {775b6010-f13d-11e1-85d4-74e543345de1}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\775b600f-f13d-11e1-85d4-74e543345de1\boot.sdi

Optionen zum RAM-Datentr„gersetup
---------------------------------
Bezeichner              {ramdiskoptions}
description             Ramdisk options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi



LastRegBack: 2015-05-25 21:57

==================== End of log ============================
         
[/CODE]

Alt 31.05.2015, 05:20   #5
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Yusa-Enes at 2015-05-31 04:58:44
Running from C:\Users\Yusa-Enes\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-921053363-3756481614-3739615417-500 - Administrator - Disabled)
Der Chef (S-1-5-21-921053363-3756481614-3739615417-1005 - Administrator - Enabled) => C:\Users\Der Chef
Gast (S-1-5-21-921053363-3756481614-3739615417-501 - Limited - Disabled)
Hayrunnisa (S-1-5-21-921053363-3756481614-3739615417-1006 - Limited - Enabled) => C:\Users\Hayrunnisa
HomeGroupUser$ (S-1-5-21-921053363-3756481614-3739615417-1004 - Limited - Enabled)
Sebiha (S-1-5-21-921053363-3756481614-3739615417-1002 - Limited - Enabled) => C:\Users\Sebiha
Yusa-Enes (S-1-5-21-921053363-3756481614-3739615417-1001 - Administrator - Enabled) => C:\Users\Yusa-Enes

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
AIO_CDA_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Akamai) (Version:  - Akamai Technologies, Inc)
Akamai NetSession Interface (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Akamai) (Version:  - Akamai Technologies, Inc)
applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
applicationupdater (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\SOE-C:/Users/Yusa-Enes/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 - Michael Tippach)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.135 - Atheros)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
Atheros WLAN Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.5.0.909 - AVG Technologies)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Heroes (Yusa-Enes) (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlefield Play4Free (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlefield Play4Free (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Benutzerhandbuch (x32 Version: 1.0.0.6 - Lenovo) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) (x32 Version: 1.00.0000 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.22 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.32.50 - Conexant)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CoreAAC Audio Decoder (remove only) (HKLM-x32\...\CoreAAC Audio Decoder) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor 1.26 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Systeminformationen (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
CrystalDiskInfo 6.1.14 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.1.14 - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
DriverEasy 4.7.7 (HKLM\...\DriverEasy_is1) (Version: 4.7.7.0 - Easeware)
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 7.0.4.1 - Lenovo)
Energy Management (x32 Version: 7.0.4.1 - Lenovo) Hidden
ESET NOD32 Antivirus (HKLM\...\{E9641237-252F-467E-88FB-5CAB9E42583E}) (Version: 5.2.9.12 - ESET, spol. s r.o.)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
FlashFXP 5 (HKLM-x32\...\FlashFXP 5) (Version: 5.1.0.3817 - OpenSight Software LLC)
Football Manager 2015 - Update 2 Deinstallation (HKLM-x32\...\Football Manager 2015 - Update 2 Deinstallation) (Version: 1.3 - Shadow Eagle)
Football Manager 2015 Deinstallation (HKLM-x32\...\Football Manager 2015 Deinstallation) (Version: 1.10 - Shadow Eagle)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Game Dev Tycoon ULTRA MOD EDITION- BLACKTBK Version 1.4.5 (HKLM-x32\...\{360D3BC1-8A86-40CE-859E-4A67CA22FF76}_is1) (Version: 1.4.5 - GreenHeartGames)
gamelauncher-ps2-psg (x86)-Neuer Ordner (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\SOE-C:/Program Files (x86)/Neuer Ordner) (Version:  - Sony Online Entertainment)
gamelauncher-ps2-psg (x86)-Neuer Ordner (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\SOE-C:/Program Files (x86)/Neuer Ordner) (Version:  - Sony Online Entertainment)
GeoGebra 4.4 (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\GeoGebra 4.4) (Version: 4.3.78.0 - International GeoGebra Institute)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Half-Life Dedicated Server Update Tool (HKLM-x32\...\Half-Life Dedicated Server Update Tool) (Version:  - )
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version:  - HDS)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.007 - HTC Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
K-Lite Codec Pack 5.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 5.2.0 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lenovo EE Boot Optimizer (HKLM\...\Lenovo EE Boot Optimizer) (Version: 0.0.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 7.0.0.3712 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 7.0.0.3712 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 10.4.2.8 - ELAN Microelectronic Corp.)
Lenovo Registration (HKLM-x32\...\{6707C034-ED6B-4B6A-B21F-969B3606FBDE}) (Version: 1.0.4 - Lenovo Inc.)
Lenovo Solution Center (HKLM\...\{CA640F1C-BC62-47B4-BAE1-A6467324EB2F}) (Version: 1.1.006.00 - Lenovo Group Limited)
LockKey (HKLM-x32\...\InstallShield_{AF192694-4B15-4AC1-92F3-1B02E98C08BD}) (Version: 1.38.1.2 - Lenovo)
LockKey (x32 Version: 1.38.1.2 - Lenovo) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Microsoft .NET Compact Framework 3.5 (HKLM-x32\...\{72CCBEA1-8D57-4981-A337-81019F28C5BA}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
mkv2vob (HKLM-x32\...\{21AE04E8-EBF6-40DB-9AA9-B7A80C5D057D}) (Version: 2.4.9 - 3r1c)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NARUTO SHIPPUDEN: Ultimate Ninja STORM Revolution (HKLM-x32\...\Steam App 272510) (Version:  - CyberConnect2 Co., Ltd.)
Nero 12 (HKLM-x32\...\{80836C86-1305-40C9-B7C9-F3A75266070D}) (Version: 12.5.01900 - Nero AG)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
OpenVPN 2.3.6-I001  (HKLM-x32\...\OpenVPN) (Version: 2.3.6-I001 - )
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PlanetSide 2 (HKU\S-1-5-21-921053363-3756481614-3739615417-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.181 - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.181 - Sony Online Entertainment)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
RAM Clean Tool 1.0.1 (HKLM-x32\...\RAM Clean Tool_is1) (Version:  - Ray Siegl)
Rapid PHP 2015 v13.2 (HKLM-x32\...\Rapid PHP 2015_is1) (Version: 13.1 - Karlis Blumentals)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Revoltec FightMouse Portable 6.0.0.005 (HKLM-x32\...\WheelMouse) (Version:  - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Shutdown4U (HKLM-x32\...\Shutdown4U) (Version:  - )
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version:  - )
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SopCast 3.5.0 (HKLM-x32\...\SopCast) (Version: 3.5.0 - www.sopcast.com)
Sound Blaster Play! (HKLM-x32\...\{6C8D0421-2896-45E0-AFDA-960BC2E2E2EF}) (Version: 1.1 - Creative Technology Limited)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Spotify (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Star Wars(TM): Knights of the Old Republic (TM) (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version:  - )
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPER © +Recorder.2013.55 (Mar 7, 2013) Version +Recorder.2013. (HKLM-x32\...\{8F3A1F92-C29F-4DF9-8459-B739A4831C69}_is1) (Version: +Recorder.2013.55 - eRightSoft)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1002\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1005\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-921053363-3756481614-3739615417-1006\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year) Deutsche Version 1.9.32.0.8 (HKLM-x32\...\The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year) Deutsche Version 1.9.32.0.8) (Version: 1.9.32.0.8 - .x.X.RIDDICK.X.x.)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.6 - Lenovo)
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.19 - Veetle, Inc)
VeriFace (HKLM-x32\...\VeriFace) (Version: 4.0.1.1230 - Lenovo)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player 2.0.2 (HKLM\...\VLC media player) (Version: 2.0.2 - VideoLAN)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (12/15/2011 7.1.0.1) (HKLM\...\99841829BE839365AA67B2AD0E50D371F59F8A1E) (Version: 12/15/2011 7.1.0.1 - Lenovo)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xvid 1.2.2 final uninstall (HKLM-x32\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-921053363-3756481614-3739615417-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Restore Points =========================

20-05-2015 16:27:40 Windows Update
26-05-2015 13:17:40 Windows Update
30-05-2015 00:03:47 Entfernt ANNO 1404 Venedig Entwickler-Tools
30-05-2015 17:35:55 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {02F43705-8EEF-495C-BE16-1AA11ACEA5AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {0E8203EB-EA18-4813-BA96-6F3B110C594C} - System32\Tasks\FoxTab => C:\Users\YUSA-E~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {12B63A94-D8E8-414C-9173-ACF4D1272AED} - System32\Tasks\{6D856A6D-C30D-45B1-9BF0-F919690D6DE7} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] ()
Task: {1C3FFDFB-B256-45E7-8666-993C3677DEA5} - System32\Tasks\{21EBD7A0-9FF0-4CCA-87FC-52DEEFFAC4BF} => C:\Program Files (x86)\Guild Wars 2\Guild Wars 2\Gw2.exe
Task: {20584B39-4A6C-41CD-9AED-F160F0845A85} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-08-22] (Piriform Ltd)
Task: {22CB9228-0D5E-49D9-BFD4-CD2B3853E201} - System32\Tasks\{108B05DC-C7AB-4471-A412-EDE709B51D11} => C:\Program Files (x86)\Borderlands The Pre-Sequel\Binaries\Win32\BorderlandsPreSequel.exe
Task: {2FC704C8-5160-4659-B04B-2C7FD1A65296} - System32\Tasks\Lenovo\LSC\CreateHardwareScanTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2012-04-19] (Lenovo)
Task: {35ADAA34-7406-45C4-8ED1-5B60B403ADD2} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {3772B4E3-44B3-4FFA-B95F-B4AEF7BEF696} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {4B1D7B20-0A24-486D-8B2D-B95151CB3843} - System32\Tasks\Opera scheduled Autoupdate 1432004247 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {51E4BC7E-DA2B-454D-82B9-EE6AD2364AD7} - System32\Tasks\Core Temp Autostart Yusa-Enes => C:\Users\YUSA-E~1\AppData\Local\Temp\Rar$EXa0.712\Core Temp.exe <==== ATTENTION
Task: {520B99AB-7970-4DC9-A587-6F5EB3073F63} - System32\Tasks\{55D4422A-79CC-47D4-A8B3-E83149021B87} => pcalua.exe -a E:\Installer.exe -d E:\
Task: {57C5E1DC-425E-4E24-BEF3-3715246D0F7F} - System32\Tasks\{DA6C0AB4-2AE0-4C6F-89A3-03E81D472287} => C:\Program Files (x86)\Football Manager 2013\fm.exe
Task: {642132CB-1195-40F8-ADDB-122F24A5F35D} - System32\Tasks\DriverEasy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [2014-09-04] (Easeware)
Task: {6A01C67E-3774-4B59-8A01-B2D313C56ACF} - System32\Tasks\{BC8A6B3B-8F67-457E-96F8-4A57B24ED02D} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] ()
Task: {79373FAD-C841-4CDC-AECA-B31F2BB42C2C} - System32\Tasks\{C73826EE-9B7B-433F-B4E5-6B16A9BF39E2} => D:\DeSmuMe\DeSmuME_0.9.9_x86.exe [2013-04-28] ()
Task: {8ACC16F0-E9D0-4A48-9219-2682DA335FAE} - System32\Tasks\{A8458133-5429-4D55-BCB6-C36D2EF5DE4B} => C:\Program Files\LucasArts\SWKotOR\uniws\uniws.exe [2006-01-28] ()
Task: {8C4CB118-C0CC-4F6F-83BE-EFBD297B7B13} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08] (Google Inc.)
Task: {8C66F650-AD3B-4A0F-AB57-0912F982FB2C} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_Yusa_2DEnes => C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe [2015-03-25] (H.D.S. Hungary)
Task: {8F8991E6-A6BE-40C8-B67B-D65BCE34256F} - System32\Tasks\{284F5EDC-6DC2-4488-A289-C8BC5EE4A380} => C:\Program Files (x86)\Guild Wars 2\Guild Wars 2\Gw2.exe
Task: {97F54372-6BD7-4959-89D1-3276B073E156} - System32\Tasks\{76427C8B-1BFB-4DAD-A460-A334378991E0} => C:\Program Files (x86)\Borderlands The Pre-Sequel\Binaries\Win32\BorderlandsPreSequel.exe
Task: {9A513D64-5EAF-4423-8970-1927C71B676D} - System32\Tasks\{EFB091A2-940E-4566-8A2B-D094D01497C0} => pcalua.exe -a C:\Users\Yusa-Enes\Downloads\UT2004MegaPack.exe -d C:\Users\Yusa-Enes\Downloads
Task: {9E32CE6D-7CCD-4EA8-90F0-C7B8E4DB07DA} - System32\Tasks\{F21F3C7C-FDB1-4EE8-B91D-D8AAFAFA745E} => C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe [2012-11-14] ()
Task: {A1ABAF6A-467A-4683-99A4-FB8064E18874} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-20] (Adobe Systems Incorporated)
Task: {A433BB73-49DA-4507-AD53-19EA80FFC37F} - System32\Tasks\{7D33723A-3AF5-4C8B-BA22-27DBFD827D2D} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{E48469CC-635E-4FD5-A122-1497C286D217}\setup.exe" -c -runfromtemp -l0x0407
Task: {A4ECC441-260E-4C27-A003-80FFF7D8CBB5} - System32\Tasks\OFFICE2010ACT => C:\Windows\system32\OFFICEICON.vbs [2012-02-23] ()
Task: {A69A647E-6047-4C91-BA7E-A5C74C448188} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {AE202F55-7429-41DD-85FE-DF50DFFCEB9C} - System32\Tasks\{8979DACD-2EDC-44C5-B584-B1A90DA8B46C} => C:\JDownloader\Fahrenheit-OLDiGAMES\setup_fahrenheit.exe
Task: {CA55E9E8-DF97-44DE-AB35-2D37362FC6A1} - System32\Tasks\{4B7568A1-E11C-4DDF-A6AD-6AE63056B574} => pcalua.exe -a "C:\JD\relink.us Container9e318e07f2de6587f614ea3d844429\SW_-_KOR1\Patch 1.03\SWKotOR1_03.exe" -d "C:\JD\relink.us Container9e318e07f2de6587f614ea3d844429\SW_-_KOR1\Patch 1.03"
Task: {CFB1501D-E17B-4A1F-B823-CD94FB2E16CD} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\lsc.exe [2012-04-19] ()
Task: {D72CD9C8-BB4B-4906-9B9E-2315AFD3373A} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-28] (Microsoft Corporation)
Task: {DE543DED-4180-465A-BAFC-84794D9F9A9E} - System32\Tasks\{5EFA4A5A-2EFE-41CA-BF7F-09E50498794B} => pcalua.exe -a C:\Users\Yusa-Enes\Downloads\ps902.exe -d C:\Users\Yusa-Enes\Downloads
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\YUSA-E~1\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-05-04 01:51 - 2014-03-04 16:35 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-05-04 02:00 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-03-31 17:08 - 2011-03-31 17:08 - 00080896 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-06-21 18:58 - 2015-04-17 21:16 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-21 18:58 - 2015-04-17 21:16 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-13 21:43 - 2015-05-13 21:43 - 00166848 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\loggingserver.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-07-15 10:23 - 2012-07-15 10:23 - 01508192 _____ () C:\Windows\system32\IcnOvrly.dll
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2008-12-20 03:20 - 2012-07-15 10:26 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\HookLib.dll
2012-04-19 16:22 - 2012-07-15 10:26 - 01516592 _____ () C:\Program Files (x86)\Lenovo\Energy Management\EMWpfUI.dll
2012-03-10 16:31 - 2012-07-15 10:26 - 00012336 _____ () C:\Program Files (x86)\Lenovo\Energy Management\de-DE\EMWpfUI.resources.dll
2008-12-20 03:20 - 2012-07-15 10:26 - 00054088 _____ () C:\Program Files (x86)\Lenovo\Energy Management\kbdhook.dll
2015-03-12 21:05 - 2013-10-29 15:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-05-13 21:43 - 2015-05-13 21:43 - 00526784 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\log4cplusU.dll
2014-05-04 01:51 - 2014-03-04 16:35 - 00014280 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-12 21:05 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2014-10-16 23:36 - 2014-10-16 23:36 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\92a1650dbe9fad5f46633b835420e1a8\IsdiInterop.ni.dll
2012-07-15 09:44 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-07-15 09:44 - 2012-02-21 06:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2012-11-29 23:59 - 2012-11-29 23:59 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-05-26 11:35 - 2015-05-22 22:22 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 11:34 - 2015-05-22 22:22 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.81\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-921053363-3756481614-3739615417-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-921053363-3756481614-3739615417-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebiha\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-921053363-3756481614-3739615417-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Der Chef\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-921053363-3756481614-3739615417-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Hayrunnisa\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Yusa-Enes\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\athbttray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\btvstack.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: ETDCtrl => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Uninstall C: => 
MSCONFIG\startupreg: UpdatePRCShortCut => "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{2EA0981E-CC22-4FA2-B544-ABA9A79E692B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{8D798D5E-FDE0-458F-80FE-93C59BB24FD5}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{159AA7A2-E70E-4639-A97C-C154F1A362A2}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{89ABB8D3-CE55-40ED-AB1B-ADF1FB21AC9D}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe
FirewallRules: [UDP Query User{81C1A83F-F988-40AD-AD1B-1B3BBD7CD221}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe
FirewallRules: [{4632BB79-53DF-4294-839C-7337215F8488}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1DFC37BA-BE23-4066-915B-5015C7EB89F9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{ED902B20-A2B6-4859-87BA-53A15B70D2EC}C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe] => (Allow) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe
FirewallRules: [UDP Query User{221DFA4E-A50B-4A7E-9A6D-6832836BEF4C}C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe] => (Allow) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe
FirewallRules: [{59EAFEBC-1D7B-47BC-9292-20EC7C2038CF}] => (Block) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe
FirewallRules: [{A1030789-CD49-41A9-9789-E1B2689601F8}] => (Block) C:\users\sebiha\appdata\local\facebook\video\skype\facebookvideocalling.exe
FirewallRules: [{34C10B0E-46A4-4BF3-A5B5-B2A1AFFF19A8}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{469FC9B8-F5EA-41E0-B6F4-A8686B71D082}] => (Allow) LPort=2869
FirewallRules: [{F1F4EB49-A43E-4A94-8BFC-AA67A50B8A3A}] => (Allow) LPort=1900
FirewallRules: [{3332493E-50AF-4B27-B1CB-2ED9C35E8701}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{2E19C0C0-B328-4A1B-8A6B-52B0E2DA85DC}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe
FirewallRules: [UDP Query User{B50F8762-9813-4A9F-AB77-E80F763AE303}C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe] => (Allow) C:\program files (x86)\common files\i4j_jres\1.6.0_27\bin\javaw.exe
FirewallRules: [TCP Query User{571ADAA7-8DEE-49DD-9EBA-4E85687978EA}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{E24C90DD-D8D2-403C-B9FA-9E1B97E4E665}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{F6CBF58B-0068-436B-9311-7534292EF164}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{FF00D81D-A2CC-49FB-9D3D-CA74F991165B}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{9FA6E545-3A1F-4C3A-ACD2-936420DF8F87}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A09E9724-D646-4FF8-B07A-40DB669290BD}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe
FirewallRules: [{A5DD8102-1904-4CF2-BA56-230449610BFC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{1D9D4FFD-F0E2-4024-8248-B99AB4E183EA}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{477BA16F-F4AE-464B-9586-241FAC5B8311}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{44DA3DAA-8779-4A6C-8BDA-2CAF24BDFCE8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{8362658A-0B24-4E8E-A422-F9786204E8D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E97E1751-4DE5-4FE3-8209-04CE9B02755D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EA499155-2DAF-4358-B2D2-EC070290A088}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{E5D8DA30-57BF-4139-A4D4-AAA2D6D832B4}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [TCP Query User{456C3C1A-BB5A-408F-9B8A-662A394D5BDC}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3632BA82-13C7-4E1A-B0FD-E292E772C686}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{E93CCB60-6254-4BB0-8E62-0ECE4FEAE940}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{BCE165E5-F49C-4C83-A68F-E994BEF064DD}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{E5B6425D-1798-40A6-9212-2803CAA6D924}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B1A8FAB0-1BCC-4FE8-AE98-6249FDB6337A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1F21BDD6-7E93-47A8-82F9-7FB61542A373}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{60CAFE12-3419-4379-826E-6E3CC25B0660}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8E823B40-FA72-4EA6-8097-0F03EB8F9DB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{76C15274-FDEC-41BF-867E-1BDD335452FD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{7DB98289-AD73-4161-A6B4-4BFDBEBC442D}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{C13F4411-7092-4A8E-A06C-2ABEE1A40CA1}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{8735D0A8-182E-4AD1-97EA-6E94B3C767F8}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{63EA9513-C2FD-4AEA-B67A-58022B3BFF09}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{0D5C38AF-4EC8-4370-9BA4-EDA50D9F3B74}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{1ACA08AB-2CAF-4E61-B264-3C827D702379}C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\yusa-enes\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{16F4C3CD-360F-4D81-8994-352B5D26E8CF}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{0664CFF3-CF69-43C1-909F-08A66C39C5AF}C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\yusa-enes\appdata\roaming\spotify\spotify.exe
FirewallRules: [{1F980290-FE44-4FE7-8D00-15EC52C511AE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC4A4B69-2A33-470C-BE15-26228C522550}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{95C32861-E938-4D2D-996F-F85B5EEAF35E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{640744A2-EBC6-4755-AA37-628ECFFB0516}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{86740E38-A439-45AF-9DE1-14C096843F2E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{E623987A-92E8-4964-BB01-BA95265CE89A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{08B20E7E-8515-47FC-A773-FCFF55CBC03E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{CD243C6C-C822-4DA4-88E5-C46F1F6CD60F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{F624D647-BDD4-41A0-BB64-469127332685}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{8BFB56EC-F700-40A2-831A-EE5D7AC861DB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{B2B41918-E533-4FBA-A238-A9380BBE1608}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{C7E6C696-5B68-4049-844B-7BA53C5742BA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{2873CE12-93E5-43C6-9C22-3D0C26496225}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{23C78950-466E-4FAE-BE18-6B7BBCD70139}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F551B704-55A6-4D3A-B446-36F3168B9DFD}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{D04967AD-1A72-4D0B-80A7-9E356FF13617}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{5EE00FFB-EFF9-4377-A1E5-DDE533B48894}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{A5715CDC-75A7-4BEC-92B1-BE7975C605B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{FE3D4D39-F8FB-4CD0-BCE5-1B546402CB3A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{1063056F-3961-4223-952D-F58EB2E636A0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{844D64AC-DCBC-4163-8A8F-881AC387F3F6}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{347659E6-0C93-436B-94D2-9458EAF87073}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{96C1B4B0-037B-4E0E-8E07-C488531380C8}C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [UDP Query User{103A7A58-5775-436F-AE62-97D487D5B1A3}C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\naruto shippuden ultimate ninja storm revolution\nsunsr.exe
FirewallRules: [{BB63DD64-6DEC-43BB-9304-D6624FC5B9FA}] => (Allow) LPort=21
FirewallRules: [TCP Query User{622060AD-2C59-4787-A961-4757D761877B}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{A7A5A3A1-9259-4306-AF5E-78C58371D11D}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{08F3447C-97CC-451F-AB14-EBC8BD243C0E}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{FE144AB8-760C-4A59-B6BF-6A1BECD5D9C2}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{0FFE729E-9D51-4204-AAC3-9516E4E96984}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{896FBA22-6AE5-444C-B05D-2A0A3B8C6531}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8BF6EAB4-F4F7-408D-9D84-E905AEF2DEFF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{166542FA-41E2-4780-9E80-AA1C29FEE3A8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B6CEB43-0847-4F6C-BA49-CC0EA646B2F3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FB2B6151-80D2-43BD-8A2B-9C3BFBF83DD6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A7E3DDA0-7FBE-438A-8408-9E27158D31D9}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7B03A8A2-D082-4BBC-9C23-76465567A2B5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{26DCF0FB-99A1-4484-9D92-8AC555C71FC9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8299FA58-4C17-4906-9451-895E496621D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{7174CB66-8DAE-416E-A715-B51DF1226209}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\killingfloor2\Binaries\Win64\KFGame.exe
FirewallRules: [{DB876BEE-5AC6-4353-8FFE-D4DAAD9FEFB7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{E7DA37F0-5529-4E04-9738-D0EAFB6F34B8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{81F14CF6-13E9-47F4-A9E6-539BCB0C807B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F85E768F-F4AA-46D5-BE7E-B6074AE0CB8E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{BDA4193E-9A52-41C4-89FC-13519A48F814}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{0A95B0AC-B9B1-4B7A-B108-0163DD2F129F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{D72E1027-668C-487B-BA9E-AB8DA27377B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe

==================== Faulty Device Manager Devices =============

Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid: 
Manufacturer: 
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2015 06:42:28 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/30/2015 06:31:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2015 01:29:24 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/30/2015 01:18:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2015 00:09:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Name des fehlerhaften Moduls: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0068bb0b
ID des fehlerhaften Prozesses: 0x177c
Startzeit der fehlerhaften Anwendung: 0xUplay.exe0
Pfad der fehlerhaften Anwendung: Uplay.exe1
Pfad des fehlerhaften Moduls: Uplay.exe2
Berichtskennung: Uplay.exe3

Error: (05/29/2015 11:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Name des fehlerhaften Moduls: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0068bb0b
ID des fehlerhaften Prozesses: 0x1700
Startzeit der fehlerhaften Anwendung: 0xUplay.exe0
Pfad der fehlerhaften Anwendung: Uplay.exe1
Pfad des fehlerhaften Moduls: Uplay.exe2
Berichtskennung: Uplay.exe3

Error: (05/29/2015 11:52:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Name des fehlerhaften Moduls: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0068bb0b
ID des fehlerhaften Prozesses: 0xafc
Startzeit der fehlerhaften Anwendung: 0xUplay.exe0
Pfad der fehlerhaften Anwendung: Uplay.exe1
Pfad des fehlerhaften Moduls: Uplay.exe2
Berichtskennung: Uplay.exe3

Error: (05/29/2015 11:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Name des fehlerhaften Moduls: Uplay.exe, Version: 0.0.0.0, Zeitstempel: 0x4ffecafb
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0068bb0b
ID des fehlerhaften Prozesses: 0x1974
Startzeit der fehlerhaften Anwendung: 0xUplay.exe0
Pfad der fehlerhaften Anwendung: Uplay.exe1
Pfad des fehlerhaften Moduls: Uplay.exe2
Berichtskennung: Uplay.exe3

Error: (05/29/2015 09:01:26 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageName", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList".

Error: (05/29/2015 08:48:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (05/30/2015 10:17:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/30/2015 10:17:55 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/30/2015 10:17:55 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Peer Name Resolution-Protokoll" wurde mit folgendem Fehler beendet: 
%%-2140993535

Error: (05/30/2015 10:17:52 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%-2140993535


Microsoft Office:
=========================
Error: (05/30/2015 06:42:28 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (05/30/2015 06:31:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2015 01:29:24 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (05/30/2015 01:18:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (05/30/2015 00:09:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uplay.exe0.0.0.04ffecafbUplay.exe0.0.0.04ffecafbc00004170068bb0b177c01d09a5bf7ebe4beC:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exeC:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe51c19e86-064f-11e5-b6fc-74e543345de1

Error: (05/29/2015 11:53:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uplay.exe0.0.0.04ffecafbUplay.exe0.0.0.04ffecafbc00004170068bb0b170001d09a59d1bfa7f3C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exeC:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe2b75f266-064d-11e5-b6fc-74e543345de1

Error: (05/29/2015 11:52:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uplay.exe0.0.0.04ffecafbUplay.exe0.0.0.04ffecafbc00004170068bb0bafc01d09a599c70a2a0C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exeC:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exef4f2120d-064c-11e5-b6fc-74e543345de1

Error: (05/29/2015 11:50:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Uplay.exe0.0.0.04ffecafbUplay.exe0.0.0.04ffecafbc00004170068bb0b197401d09a596df01d81C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exeC:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exec83e8b7d-064c-11e5-b6fc-74e543345de1

Error: (05/29/2015 09:01:26 PM) (Source: MsiInstaller) (EventID: 1002) (User: Yusa-Enes-PC)
Description: PackageNameHKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList(NULL)(NULL)(NULL)

Error: (05/29/2015 08:48:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-09-10 20:30:14.385
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-10 20:30:14.306
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-10 20:30:14.093
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-09-10 20:30:14.019
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-15 23:28:26.186
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-15 23:28:26.174
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\YUSA-E~1\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-15 23:28:26.100
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-10-15 23:28:26.087
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 45%
Total physical RAM: 6046.36 MB
Available physical RAM: 3273.91 MB
Total Pagefile: 12090.92 MB
Available Pagefile: 8773.52 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Windows7_OS) (Fixed) (Total:420.56 GB) (Free:121.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25.47 GB) (Free:5.62 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F110E6E9)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=420.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=25.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=19.5 GB) - (Type=12)

==================== End of log ============================
         
Ich würde mich freuen, wenn du schrauber oder ein anderer Moderator die Links entfernen könne.

Liebe Grüße


Alt 31.05.2015, 14:36   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



hi,


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
--> Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)

Alt 31.05.2015, 17:49   #7
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Malwarebytes Rootkit Log:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17801

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 6340063232, free: 2999115776

Downloaded database version: v2015.05.31.01
Downloaded database version: v2015.05.24.01
Downloaded database version: v2015.05.13.01
=======================================
Initializing...
------------ Kernel report ------------
     05/31/2015 16:16:44
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\DRIVERS\LhdX64.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\fbfmon.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
C:\Program Files\ESET\ESET NOD32 Antivirus\em006_64.dat
C:\Program Files\ESET\ESET NOD32 Antivirus\em018_64.dat
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\BPntDrv.sys
\SystemRoot\system32\drivers\BOOTVID.dll
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\AcpiVpc.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\drivers\mobiolawave.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901t.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\CHDRT64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\epfwwfpr.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\nsi.dll
\Windows\System32\kernel32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\clbcatq.dll
\Windows\System32\usp10.dll
\Windows\System32\ws2_32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\advapi32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\setupapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\difxapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\psapi.dll
\Windows\System32\imm32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\comdlg32.dll
\Windows\System32\lpk.dll
\Windows\System32\shell32.dll
\Windows\System32\normaliz.dll
\Windows\System32\msctf.dll
\Windows\System32\iertutil.dll
\Windows\System32\user32.dll
\Windows\System32\sechost.dll
\Windows\System32\gdi32.dll
\Windows\System32\ole32.dll
\Windows\System32\wininet.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.05.31.01
  rootkit: v2015.05.24.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8008863060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008863a60, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008864040, DeviceName: Unknown, DriverName: \Driver\LHDmgr\
DevicePointer: 0xfffffa8008863060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005fee050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\LHDmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F110E6E9

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 409600
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 411648  Numsec = 881987584

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 882399232  Numsec = 53411840

    Partition 3 type is Other (0x12)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 935811072  Numsec = 40962096

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-64B569A9918A19D7DE15C909D8D085DC91FE9B0B.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-64B569A9918A19D7DE15C909D8D085DC91FE9B0B.bin.VF" is compressed (flags = 1)
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17801

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, Q:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 6340063232, free: 3586379776

=======================================
Initializing...
------------ Kernel report ------------
     05/31/2015 17:33:57
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\system32\DRIVERS\nvpciflt.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\DRIVERS\LhdX64.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\fbfmon.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\eamonm.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ehdrv.sys
C:\Program Files\ESET\ESET NOD32 Antivirus\em006_64.dat
C:\Program Files\ESET\ESET NOD32 Antivirus\em018_64.dat
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\BPntDrv.sys
\SystemRoot\system32\drivers\BOOTVID.dll
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\L1C62x64.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\ETD.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\AcpiVpc.sys
\SystemRoot\system32\DRIVERS\CmBatt.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\drivers\mobiolawave.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\tap0901t.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\system32\DRIVERS\VClone.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\CHDRT64.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\Sftvollh.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\epfwwfpr.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\system32\DRIVERS\Sftfslh.sys
\SystemRoot\system32\DRIVERS\Sftplaylh.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\Sftredirlh.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\rpcrt4.dll
\Windows\System32\ole32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\difxapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\psapi.dll
\Windows\System32\lpk.dll
\Windows\System32\nsi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\advapi32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\usp10.dll
\Windows\System32\imm32.dll
\Windows\System32\kernel32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\Wldap32.dll
\Windows\System32\msctf.dll
\Windows\System32\normaliz.dll
\Windows\System32\sechost.dll
\Windows\System32\setupapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\iertutil.dll
\Windows\System32\user32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\shell32.dll
\Windows\System32\wininet.dll
\Windows\System32\msvcrt.dll
\Windows\System32\userenv.dll
\Windows\System32\wintrust.dll
\Windows\System32\KernelBase.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\comctl32.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\profapi.dll
\Windows\System32\msasn1.dll
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.05.31.01
  rootkit: v2015.05.24.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8008864060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008864910, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008865040, DeviceName: Unknown, DriverName: \Driver\LHDmgr\
DevicePointer: 0xfffffa8008864060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005ff6050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\LHDmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: F110E6E9

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 409600
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 411648  Numsec = 881987584

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 882399232  Numsec = 53411840

    Partition 3 type is Other (0x12)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 935811072  Numsec = 40962096

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-64B569A9918A19D7DE15C909D8D085DC91FE9B0B.bin.VE1" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-64B569A9918A19D7DE15C909D8D085DC91FE9B0B.bin.VF" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
         
TDSSKiller:
Code:
ATTFilter
18:41:26.0822 0x0fc0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:41:35.0833 0x0fc0  ============================================================
18:41:35.0833 0x0fc0  Current date / time: 2015/05/31 18:41:35.0833
18:41:35.0833 0x0fc0  SystemInfo:
18:41:35.0833 0x0fc0  
18:41:35.0833 0x0fc0  OS Version: 6.1.7601 ServicePack: 1.0
18:41:35.0833 0x0fc0  Product type: Workstation
18:41:35.0833 0x0fc0  ComputerName: YUSA-ENES-PC
18:41:35.0833 0x0fc0  UserName: Yusa-Enes
18:41:35.0833 0x0fc0  Windows directory: C:\Windows
18:41:35.0833 0x0fc0  System windows directory: C:\Windows
18:41:35.0833 0x0fc0  Running under WOW64
18:41:35.0833 0x0fc0  Processor architecture: Intel x64
18:41:35.0833 0x0fc0  Number of processors: 4
18:41:35.0833 0x0fc0  Page size: 0x1000
18:41:35.0833 0x0fc0  Boot type: Normal boot
18:41:35.0833 0x0fc0  ============================================================
18:41:36.0629 0x0fc0  KLMD registered as C:\Windows\system32\drivers\46767564.sys
18:41:37.0611 0x0fc0  System UUID: {1442BBD8-B757-B566-CDEE-AC0683A478AF}
18:41:38.0516 0x0fc0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:41:38.0516 0x0fc0  ============================================================
18:41:38.0516 0x0fc0  \Device\Harddisk0\DR0:
18:41:38.0516 0x0fc0  MBR partitions:
18:41:38.0516 0x0fc0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x64000
18:41:38.0516 0x0fc0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64800, BlocksNum 0x34921000
18:41:38.0516 0x0fc0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x34985800, BlocksNum 0x32F0000
18:41:38.0516 0x0fc0  ============================================================
18:41:38.0547 0x0fc0  C: <-> \Device\Harddisk0\DR0\Partition2
18:41:38.0594 0x0fc0  D: <-> \Device\Harddisk0\DR0\Partition3
18:41:38.0594 0x0fc0  ============================================================
18:41:38.0594 0x0fc0  Initialize success
18:41:38.0594 0x0fc0  ============================================================
18:42:10.0188 0x11fc  ============================================================
18:42:10.0188 0x11fc  Scan started
18:42:10.0188 0x11fc  Mode: Manual; SigCheck; TDLFS; 
18:42:10.0188 0x11fc  ============================================================
18:42:10.0188 0x11fc  KSN ping started
18:42:33.0524 0x11fc  KSN ping finished: true
18:42:35.0293 0x11fc  ================ Scan system memory ========================
18:42:35.0293 0x11fc  System memory - ok
18:42:35.0293 0x11fc  ================ Scan services =============================
18:42:35.0485 0x11fc  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:42:35.0567 0x11fc  1394ohci - ok
18:42:35.0616 0x11fc  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:42:35.0647 0x11fc  ACPI - ok
18:42:35.0678 0x11fc  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:42:35.0741 0x11fc  AcpiPmi - ok
18:42:35.0803 0x11fc  [ 5E813B11629007309E4FC0F0FD2B7C30, A8FDC3994D236248B7FAEA572E987C8D5903AF5305E06D624909DE786FA811BA ] ACPIVPC         C:\Windows\system32\DRIVERS\AcpiVpc.sys
18:42:35.0834 0x11fc  ACPIVPC - ok
18:42:35.0912 0x11fc  [ 11A52CF7B265631DEEB24C6149309EFF, CBA25D358185FD4BE261C6C1B518AD60F5D27D5FB418098AB262B10F5A11C178 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:42:35.0928 0x11fc  AdobeARMservice - ok
18:42:36.0084 0x11fc  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:42:36.0115 0x11fc  AdobeFlashPlayerUpdateSvc - ok
18:42:36.0193 0x11fc  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:42:36.0240 0x11fc  adp94xx - ok
18:42:36.0287 0x11fc  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:42:36.0302 0x11fc  adpahci - ok
18:42:36.0318 0x11fc  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:42:36.0349 0x11fc  adpu320 - ok
18:42:36.0396 0x11fc  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:42:36.0458 0x11fc  AeLookupSvc - ok
18:42:36.0536 0x11fc  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
18:42:36.0630 0x11fc  AFD - ok
18:42:36.0646 0x11fc  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:42:36.0661 0x11fc  agp440 - ok
18:42:36.0692 0x11fc  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:42:36.0755 0x11fc  ALG - ok
18:42:36.0817 0x11fc  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:42:36.0833 0x11fc  aliide - ok
18:42:36.0989 0x11fc  ALSysIO - ok
18:42:37.0036 0x11fc  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:42:37.0051 0x11fc  amdide - ok
18:42:37.0082 0x11fc  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:42:37.0114 0x11fc  AmdK8 - ok
18:42:37.0129 0x11fc  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:42:37.0192 0x11fc  AmdPPM - ok
18:42:37.0238 0x11fc  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:42:37.0254 0x11fc  amdsata - ok
18:42:37.0270 0x11fc  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:42:37.0285 0x11fc  amdsbs - ok
18:42:37.0316 0x11fc  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:42:37.0332 0x11fc  amdxata - ok
18:42:37.0394 0x11fc  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:42:37.0441 0x11fc  AppID - ok
18:42:37.0472 0x11fc  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:42:37.0550 0x11fc  AppIDSvc - ok
18:42:37.0597 0x11fc  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
18:42:37.0628 0x11fc  Appinfo - ok
18:42:37.0660 0x11fc  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:42:37.0675 0x11fc  arc - ok
18:42:37.0691 0x11fc  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:42:37.0706 0x11fc  arcsas - ok
18:42:37.0816 0x11fc  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:42:37.0847 0x11fc  aspnet_state - ok
18:42:37.0878 0x11fc  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:42:38.0050 0x11fc  AsyncMac - ok
18:42:38.0112 0x11fc  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:42:38.0128 0x11fc  atapi - ok
18:42:38.0190 0x11fc  [ 78B183A794A08978EA0A8D017054352B, 5C9BEF59619F235BB1F81A9BD88A39D7C7D594443F198B68B5373F20001937C3 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
18:42:38.0268 0x11fc  AthBTPort - ok
18:42:38.0346 0x11fc  [ 42EF52D591A53CBE43D82C6C96F50A59, DABABDD7AA6C8D31FA5432EBEC41D4BC79D51A4EB93F7B2CB5D130915B367B3F ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
18:42:38.0377 0x11fc  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:42:42.0574 0x11fc  Detect skipped due to KSN trusted
18:42:42.0574 0x11fc  AtherosSvc - ok
18:42:42.0745 0x11fc  [ 6C496450404ABDC887E56DF462B34255, AF0FF6E8F331DC09F7C3CB85B8E89395A16359483F4485871EDE29C6A7FA1ACD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
18:42:42.0932 0x11fc  athr - ok
18:42:43.0026 0x11fc  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
18:42:43.0057 0x11fc  atksgt - ok
18:42:43.0151 0x11fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:42:43.0229 0x11fc  AudioEndpointBuilder - ok
18:42:43.0260 0x11fc  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:42:43.0276 0x11fc  AudioSrv - ok
18:42:43.0322 0x11fc  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:42:43.0432 0x11fc  AxInstSV - ok
18:42:43.0494 0x11fc  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:42:43.0572 0x11fc  b06bdrv - ok
18:42:43.0603 0x11fc  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:42:43.0634 0x11fc  b57nd60a - ok
18:42:43.0697 0x11fc  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:42:43.0806 0x11fc  BDESVC - ok
18:42:43.0837 0x11fc  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:42:43.0900 0x11fc  Beep - ok
18:42:43.0978 0x11fc  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:42:44.0071 0x11fc  BFE - ok
18:42:44.0134 0x11fc  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:42:44.0368 0x11fc  BITS - ok
18:42:44.0383 0x11fc  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:42:44.0414 0x11fc  blbdrive - ok
18:42:44.0477 0x11fc  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:42:44.0524 0x11fc  bowser - ok
18:42:44.0570 0x11fc  [ AAA4F992F879977A000FE8B8C730CD2C, A109D3F7CA9D49B98FDA5CA34C60055690F72400CCC96D48076FA86086E4C74D ] BPntDrv         C:\Windows\system32\drivers\BPntDrv.sys
18:42:44.0586 0x11fc  BPntDrv - ok
18:42:44.0617 0x11fc  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:42:44.0664 0x11fc  BrFiltLo - ok
18:42:44.0680 0x11fc  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:42:44.0711 0x11fc  BrFiltUp - ok
18:42:44.0758 0x11fc  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:42:44.0820 0x11fc  Browser - ok
18:42:44.0867 0x11fc  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:42:44.0945 0x11fc  Brserid - ok
18:42:44.0960 0x11fc  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:42:44.0976 0x11fc  BrSerWdm - ok
18:42:44.0976 0x11fc  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:42:45.0007 0x11fc  BrUsbMdm - ok
18:42:45.0007 0x11fc  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:42:45.0038 0x11fc  BrUsbSer - ok
18:42:45.0085 0x11fc  [ EDEBD26DF631A78483707C3F7429027F, C0D78A3C7CF93A58B68978D919B496DEEAEA307534845393ACEB8BAEAC07398A ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
18:42:45.0116 0x11fc  BTATH_A2DP - ok
18:42:45.0148 0x11fc  [ 2F22177BFEA75326DC0C535D71985A4E, B376062624EFE2DA677412FEA699178ED77CB0F395F5A97929A30A0CE84699C0 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
18:42:45.0163 0x11fc  btath_avdt - ok
18:42:45.0194 0x11fc  [ D438A33D568C76C24E8D7394981F42DC, E5884C20E55B8EDC8E19C55DDFBE4A8FDFBE2327ACE94BFC2BFD3BCEE6EBC2AD ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
18:42:45.0241 0x11fc  BTATH_BUS - ok
18:42:45.0257 0x11fc  [ 6EFA8C93009E0BE0886C2422C7D20BC5, 55717C459893B533C9F21FAA997004001646F43629F4DA9D8464408E20575F02 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
18:42:45.0335 0x11fc  BTATH_HCRP - ok
18:42:45.0350 0x11fc  [ 168506D0F0C8DF588F8A7E25C58A2DE6, EF744D95797F66D8D7F79B3256AEB3255D161A61BCA9D39CDB3F3699079AC61B ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:42:45.0382 0x11fc  BTATH_LWFLT - ok
18:42:45.0413 0x11fc  [ 7C8FB1D73BD279DD914CCA6ED0F4F62B, 936492E05E760A65DF507651E18A7BB331FDEE9FBEF7ABC556389308F53726F0 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
18:42:45.0491 0x11fc  BTATH_RCP - ok
18:42:45.0584 0x11fc  [ 58D67C18894F96E89C076150BB76AD40, 8F7281092B8487F53683A14AADD4340BE825F6ADD1C4A63F269EF92538FC41FE ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
18:42:45.0678 0x11fc  BtFilter - ok
18:42:45.0725 0x11fc  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
18:42:45.0756 0x11fc  BthEnum - ok
18:42:45.0787 0x11fc  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:42:45.0818 0x11fc  BTHMODEM - ok
18:42:45.0865 0x11fc  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
18:42:45.0896 0x11fc  BthPan - ok
18:42:45.0974 0x11fc  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
18:42:46.0037 0x11fc  BTHPORT - ok
18:42:46.0084 0x11fc  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:42:46.0146 0x11fc  bthserv - ok
18:42:46.0162 0x11fc  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:42:46.0193 0x11fc  BTHUSB - ok
18:42:46.0224 0x11fc  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:42:46.0255 0x11fc  cdfs - ok
18:42:46.0286 0x11fc  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:42:46.0318 0x11fc  cdrom - ok
18:42:46.0351 0x11fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:42:46.0429 0x11fc  CertPropSvc - ok
18:42:46.0476 0x11fc  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
18:42:46.0507 0x11fc  circlass - ok
18:42:46.0554 0x11fc  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
18:42:46.0600 0x11fc  CLFS - ok
18:42:46.0678 0x11fc  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:46.0710 0x11fc  clr_optimization_v2.0.50727_32 - ok
18:42:46.0772 0x11fc  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:42:46.0788 0x11fc  clr_optimization_v2.0.50727_64 - ok
18:42:46.0912 0x11fc  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:46.0944 0x11fc  clr_optimization_v4.0.30319_32 - ok
18:42:46.0990 0x11fc  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:42:47.0037 0x11fc  clr_optimization_v4.0.30319_64 - ok
18:42:47.0053 0x11fc  clwvd - ok
18:42:47.0084 0x11fc  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:42:47.0115 0x11fc  CmBatt - ok
18:42:47.0146 0x11fc  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:42:47.0162 0x11fc  cmdide - ok
18:42:47.0240 0x11fc  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
18:42:47.0287 0x11fc  CNG - ok
18:42:47.0427 0x11fc  [ 9F6DE1995A188615CEEE908E750A34ED, 66ADA2F7C21661FA059BB1B931B4191BC180EAF55C50CEDB24D9F34CEE1E78E3 ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
18:42:47.0505 0x11fc  CnxtHdAudService - ok
18:42:47.0536 0x11fc  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:42:47.0552 0x11fc  Compbatt - ok
18:42:47.0568 0x11fc  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:42:47.0599 0x11fc  CompositeBus - ok
18:42:47.0614 0x11fc  COMSysApp - ok
18:42:47.0739 0x11fc  [ 6CB6EBB6B85594D5E4E8941363A6C9C2, FFE10DBE42FD507D677AF1A2FF0EADE1C1F21E13F5F2F39B0C5DB7FF3C5431DB ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:42:47.0770 0x11fc  cphs - ok
18:42:47.0802 0x11fc  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:42:47.0833 0x11fc  crcdisk - ok
18:42:47.0926 0x11fc  [ C8BD651E13895B93ED9EC5B4F1DF42BC, D86D6BF0BA3C09B49B3A52C86A7F3B3856A27F79EDD86A8FFA469D9A5F196E8D ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
18:42:47.0958 0x11fc  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
18:42:52.0154 0x11fc  Detect skipped due to KSN trusted
18:42:52.0154 0x11fc  Creative ALchemy AL6 Licensing Service - ok
18:42:52.0248 0x11fc  [ C0EAD9F8AB83D41FF07303C75589C2B8, C89CAC39BCD2FA2DCC56D7EE84FF66127BCECCAE400E119FE41BF4C4D769504B ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
18:42:52.0294 0x11fc  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
18:42:56.0491 0x11fc  Detect skipped due to KSN trusted
18:42:56.0491 0x11fc  Creative Audio Engine Licensing Service - ok
18:42:56.0616 0x11fc  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:42:56.0694 0x11fc  CryptSvc - ok
18:42:56.0834 0x11fc  [ 5CE3D0E1D1B3832EE052CFC442EEE0FA, 6B9DB2C350140ED547C7A96DB0EAD812E8987176B312C79AF52FC9B23EEEB8C4 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
18:42:56.0865 0x11fc  CTAudSvcService - detected UnsignedFile.Multi.Generic ( 1 )
18:43:01.0037 0x11fc  Detect skipped due to KSN trusted
18:43:01.0037 0x11fc  CTAudSvcService - ok
18:43:01.0224 0x11fc  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:43:01.0240 0x11fc  cvhsvc - ok
18:43:01.0302 0x11fc  [ F160B26B26BA4AFE8CECC12ED5AC231E, 8DA8921A40B67ACFC7E47A54870181CDA1866901A3E8B3A2393D7C006C6B3A42 ] CxAudMsg        C:\Windows\system32\CxAudMsg64.exe
18:43:01.0318 0x11fc  CxAudMsg - ok
18:43:01.0382 0x11fc  [ 56F4750B7F0CE969E43DE2A76DDA5A5F, FD6F600F52F13E9FDF27A98E959C8AB154E95C1959C8C779D8DA74F1609517A5 ] DamageGuard     C:\Windows\system32\DRIVERS\DamageGuardX64.sys
18:43:01.0413 0x11fc  DamageGuard - ok
18:43:01.0522 0x11fc  [ 75974DA59BA3D2E3DCE9386493A31F54, 6A1E17AD95B93F15C89C1716CC443F239222EBAF29E985D4E32C2AC4F60E3731 ] DamageGuardSvc  C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe
18:43:01.0569 0x11fc  DamageGuardSvc - ok
18:43:01.0632 0x11fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:43:01.0694 0x11fc  DcomLaunch - ok
18:43:01.0725 0x11fc  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:43:01.0788 0x11fc  defragsvc - ok
18:43:01.0834 0x11fc  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:43:01.0881 0x11fc  DfsC - ok
18:43:01.0897 0x11fc  [ 5014042B07FE6CBE0E6C737AA3F1EBFC, 35BE28BB681A677AB9E26276B8457081CF715BE3CB29D635FDCB100EC36EC35A ] dgFltr          C:\Windows\system32\drivers\dgFltrX64.sys
18:43:01.0897 0x11fc  dgFltr - ok
18:43:01.0944 0x11fc  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:43:01.0975 0x11fc  Dhcp - ok
18:43:02.0131 0x11fc  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:43:02.0302 0x11fc  DiagTrack - ok
18:43:02.0349 0x11fc  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:43:02.0412 0x11fc  discache - ok
18:43:02.0474 0x11fc  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
18:43:02.0490 0x11fc  Disk - ok
18:43:02.0536 0x11fc  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:43:02.0583 0x11fc  Dnscache - ok
18:43:02.0599 0x11fc  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:43:02.0677 0x11fc  dot3svc - ok
18:43:02.0724 0x11fc  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:43:02.0770 0x11fc  DPS - ok
18:43:02.0833 0x11fc  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:43:02.0895 0x11fc  drmkaud - ok
18:43:02.0942 0x11fc  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:43:02.0973 0x11fc  dtsoftbus01 - ok
18:43:03.0051 0x11fc  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:43:03.0145 0x11fc  DXGKrnl - ok
18:43:03.0160 0x11fc  EagleX64 - ok
18:43:03.0192 0x11fc  [ D00EAE9C735A7DEE8049E50D73D25434, 26F17401C8255F590885442424171CA906DFEF9DBC34B6D9AC5F53B6F16C52BF ] eamonm          C:\Windows\system32\DRIVERS\eamonm.sys
18:43:03.0223 0x11fc  eamonm - ok
18:43:03.0238 0x11fc  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:43:03.0301 0x11fc  EapHost - ok
18:43:03.0457 0x11fc  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:43:03.0644 0x11fc  ebdrv - ok
18:43:03.0691 0x11fc  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
18:43:03.0784 0x11fc  EFS - ok
18:43:03.0816 0x11fc  [ E5EDDE3C8158DD0CBC5812F201DCDED0, F9F429EAE7C20BD7E12F2DD414127502358F5D751DCEFCE74C2695E4157C2AA6 ] ehdrv           C:\Windows\system32\DRIVERS\ehdrv.sys
18:43:03.0847 0x11fc  ehdrv - ok
18:43:03.0940 0x11fc  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:43:04.0050 0x11fc  ehRecvr - ok
18:43:04.0065 0x11fc  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:43:04.0096 0x11fc  ehSched - ok
18:43:04.0190 0x11fc  [ AD4FAADE819E0DA9933BEA7C01D2C763, C29A9FEF45AA7B9D80C545715006C0EDA4729D4E50BB400136619459601449EA ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
18:43:04.0221 0x11fc  ekrn - ok
18:43:04.0315 0x11fc  [ BE2902E13CA69383F449B6BF927844FB, F092785E305D8E1FE795AF98A7A7B7B4548A0D6687060568C9E078FFA8D65C1C ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
18:43:04.0330 0x11fc  ElbyCDIO - ok
18:43:04.0393 0x11fc  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:43:04.0440 0x11fc  elxstor - ok
18:43:04.0471 0x11fc  [ 3EBB7FD3C605262B942868A1D840F4F1, 80C365C1E04C95E0EF15FC97ADFBF78B055E222172A7FC103774010640F50582 ] epfwwfpr        C:\Windows\system32\DRIVERS\epfwwfpr.sys
18:43:04.0486 0x11fc  epfwwfpr - ok
18:43:04.0486 0x11fc  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:43:04.0549 0x11fc  ErrDev - ok
18:43:04.0627 0x11fc  [ 4B18C33EEDD15BD2AAF99807D36555B3, 281A1D4E97751A1D22AEC36A1BF910133161B47BF38EE11B2BDF05513E4B6057 ] ETD             C:\Windows\system32\DRIVERS\ETD.sys
18:43:04.0658 0x11fc  ETD - ok
18:43:04.0705 0x11fc  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:43:04.0783 0x11fc  EventSystem - ok
18:43:04.0892 0x11fc  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:43:04.0986 0x11fc  exfat - ok
18:43:05.0017 0x11fc  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:43:05.0048 0x11fc  fastfat - ok
18:43:05.0110 0x11fc  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:43:05.0188 0x11fc  Fax - ok
18:43:05.0220 0x11fc  [ 0BDD7984DB7AAFF6DFEFD11D82D473DB, 616B20DD438DA1F18949DD99513889D47A5773E7FD98776B61A2A654733C855E ] fbfmon          C:\Windows\system32\drivers\fbfmon.sys
18:43:05.0235 0x11fc  fbfmon - ok
18:43:05.0266 0x11fc  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:43:05.0282 0x11fc  fdc - ok
18:43:05.0313 0x11fc  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:43:05.0376 0x11fc  fdPHost - ok
18:43:05.0391 0x11fc  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:43:05.0438 0x11fc  FDResPub - ok
18:43:05.0469 0x11fc  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:43:05.0469 0x11fc  FileInfo - ok
18:43:05.0485 0x11fc  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:43:05.0516 0x11fc  Filetrace - ok
18:43:05.0547 0x11fc  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:43:05.0578 0x11fc  flpydisk - ok
18:43:05.0610 0x11fc  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:43:05.0641 0x11fc  FltMgr - ok
18:43:05.0734 0x11fc  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
18:43:05.0844 0x11fc  FontCache - ok
18:43:05.0906 0x11fc  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:05.0922 0x11fc  FontCache3.0.0.0 - ok
18:43:05.0953 0x11fc  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:43:05.0968 0x11fc  FsDepends - ok
18:43:06.0015 0x11fc  [ B16B626996C74B564005BA855C5DEE90, B432C669EB610C262B18F3F8308EEE1B910DE7F7BC2A8EB5483419DC52A07AE1 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
18:43:06.0046 0x11fc  fssfltr - ok
18:43:06.0140 0x11fc  [ 812E1BA5C52A78F13EA6AA10DF708B1D, CF1C4D8E072CF0D66C977DFA4C852E5CE757843BEAF5D29454D26A9AC5766E61 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:43:06.0202 0x11fc  fsssvc - ok
18:43:06.0234 0x11fc  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:43:06.0249 0x11fc  Fs_Rec - ok
18:43:06.0312 0x11fc  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:43:06.0343 0x11fc  fvevol - ok
18:43:06.0374 0x11fc  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:43:06.0390 0x11fc  gagp30kx - ok
18:43:06.0546 0x11fc  [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:43:06.0577 0x11fc  GfExperienceService - ok
18:43:06.0624 0x11fc  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:43:06.0702 0x11fc  gpsvc - ok
18:43:06.0780 0x11fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:06.0795 0x11fc  gupdate - ok
18:43:06.0811 0x11fc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:06.0826 0x11fc  gupdatem - ok
18:43:06.0858 0x11fc  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
18:43:06.0873 0x11fc  hamachi - ok
18:43:06.0889 0x11fc  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:43:06.0982 0x11fc  hcw85cir - ok
18:43:07.0029 0x11fc  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:43:07.0092 0x11fc  HdAudAddService - ok
18:43:07.0123 0x11fc  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:43:07.0170 0x11fc  HDAudBus - ok
18:43:07.0232 0x11fc  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:43:07.0263 0x11fc  HidBatt - ok
18:43:07.0263 0x11fc  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:43:07.0326 0x11fc  HidBth - ok
18:43:07.0357 0x11fc  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:43:07.0388 0x11fc  HidIr - ok
18:43:07.0450 0x11fc  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:43:07.0513 0x11fc  hidserv - ok
18:43:07.0575 0x11fc  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:43:07.0622 0x11fc  HidUsb - ok
18:43:07.0638 0x11fc  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:43:07.0700 0x11fc  hkmsvc - ok
18:43:07.0716 0x11fc  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:43:07.0794 0x11fc  HomeGroupListener - ok
18:43:07.0825 0x11fc  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:43:07.0856 0x11fc  HomeGroupProvider - ok
18:43:07.0996 0x11fc  [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:43:08.0028 0x11fc  hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
18:43:12.0255 0x11fc  Detect skipped due to KSN trusted
18:43:12.0255 0x11fc  hpqcxs08 - ok
18:43:12.0271 0x11fc  [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:43:12.0302 0x11fc  hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
18:43:16.0506 0x11fc  Detect skipped due to KSN trusted
18:43:16.0506 0x11fc  hpqddsvc - ok
18:43:16.0615 0x11fc  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:43:16.0644 0x11fc  HpSAMD - ok
18:43:16.0724 0x11fc  [ 7F57926169C1B8ABA9274EA7D4B70F18, A2BB01054737C6B0461381221D1C344951AC2BE9E5AE01E15A6871B31B62BE78 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:43:16.0834 0x11fc  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
18:43:21.0002 0x11fc  Detect skipped due to KSN trusted
18:43:21.0002 0x11fc  HPSLPSVC - ok
18:43:21.0047 0x11fc  [ F47CEC45FB85791D4AB237563AD0FA8F, 1035066D48BD179855BCA7F62EFA1B951E6E839D2E29E15A31844E18A126DD41 ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
18:43:21.0070 0x11fc  HTCAND64 - ok
18:43:21.0117 0x11fc  [ B8B1B284362E1D8135112573395D5DA5, 97BC6A7B2DCD7CC854B912A85BB2FCF199592E8E16A7C405EAF89B02D5DE4AEE ] htcnprot        C:\Windows\system32\DRIVERS\htcnprot.sys
18:43:21.0148 0x11fc  htcnprot - ok
18:43:21.0229 0x11fc  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:43:21.0299 0x11fc  HTTP - ok
18:43:21.0318 0x11fc  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:43:21.0326 0x11fc  hwpolicy - ok
18:43:21.0352 0x11fc  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:43:21.0364 0x11fc  i8042prt - ok
18:43:21.0421 0x11fc  [ C224331A54571C8C9162F7714400BBBD, C2CA4881ACD46071E67435BE5E3DB133D0743B026FD20D6D6E26B2FE7A03FCAA ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:43:21.0437 0x11fc  iaStor - ok
18:43:21.0506 0x11fc  [ 7D4B9A48430ED57ACA6373B71D5904CA, 6ED72DAA7A4951142F036364E8F237E74246EF3E9EA089448DEF15380DAB0DB3 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:43:21.0522 0x11fc  IAStorDataMgrSvc - ok
18:43:21.0572 0x11fc  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:43:21.0615 0x11fc  iaStorV - ok
18:43:21.0720 0x11fc  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:43:21.0736 0x11fc  ICCS - ok
18:43:21.0876 0x11fc  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:43:21.0907 0x11fc  idsvc - ok
18:43:21.0963 0x11fc  IEEtwCollectorService - ok
18:43:22.0141 0x11fc  [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:43:22.0411 0x11fc  igfx - ok
18:43:22.0491 0x11fc  [ B54E51AF05F883B2282693B4214ED228, 1083DA63D8DF1149644A3BDA0BD8B69C35D98C745E23F5FD9FDD2D9FF5682ABA ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:43:22.0511 0x11fc  igfxCUIService1.0.0.0 - ok
18:43:22.0556 0x11fc  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:43:22.0565 0x11fc  iirsp - ok
18:43:22.0627 0x11fc  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:43:22.0697 0x11fc  IKEEXT - ok
18:43:22.0769 0x11fc  [ 8E4044C6B71B2F837166F6EDB6BF9100, 441A4EA0C3EF686B8B7884EC96FD8EE1017EB3F462FB4376638F461E41D97C72 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:43:22.0801 0x11fc  IntcDAud - ok
18:43:22.0884 0x11fc  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:43:22.0900 0x11fc  Intel(R) Capability Licensing Service Interface - ok
18:43:22.0946 0x11fc  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:43:22.0962 0x11fc  intelide - ok
18:43:23.0000 0x11fc  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:43:23.0042 0x11fc  intelppm - ok
18:43:23.0087 0x11fc  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:43:23.0118 0x11fc  IPBusEnum - ok
18:43:23.0165 0x11fc  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:23.0211 0x11fc  IpFilterDriver - ok
18:43:23.0289 0x11fc  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:43:23.0352 0x11fc  iphlpsvc - ok
18:43:23.0383 0x11fc  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:43:23.0421 0x11fc  IPMIDRV - ok
18:43:23.0440 0x11fc  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:43:23.0489 0x11fc  IPNAT - ok
18:43:23.0532 0x11fc  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:43:23.0552 0x11fc  IRENUM - ok
18:43:23.0568 0x11fc  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:43:23.0583 0x11fc  isapnp - ok
18:43:23.0724 0x11fc  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:43:23.0755 0x11fc  iScsiPrt - ok
18:43:23.0802 0x11fc  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:43:23.0817 0x11fc  iusb3hcs - ok
18:43:23.0849 0x11fc  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:43:23.0880 0x11fc  iusb3hub - ok
18:43:23.0911 0x11fc  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:43:23.0973 0x11fc  iusb3xhc - ok
18:43:24.0020 0x11fc  [ 09CA717536671E0896E07D239EE6740F, 5E1A4A1490D38DBDF21DD655D2139FC2856F5CAED6A72C4C6E65BF6C01C896CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:43:24.0036 0x11fc  jhi_service - ok
18:43:24.0100 0x11fc  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:43:24.0120 0x11fc  kbdclass - ok
18:43:24.0146 0x11fc  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:43:24.0160 0x11fc  kbdhid - ok
18:43:24.0195 0x11fc  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
18:43:24.0207 0x11fc  KeyIso - ok
18:43:24.0256 0x11fc  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:43:24.0278 0x11fc  KSecDD - ok
18:43:24.0305 0x11fc  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:43:24.0328 0x11fc  KSecPkg - ok
18:43:24.0358 0x11fc  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:43:24.0401 0x11fc  ksthunk - ok
18:43:24.0448 0x11fc  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:43:24.0495 0x11fc  KtmRm - ok
18:43:24.0526 0x11fc  [ FC741259B7C22379EE83257D7CF91151, 37FAA2E03DFE8C04762178EC7C0AD7AB383155772EFF857D7D27225F8DF29C5B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
18:43:24.0542 0x11fc  L1C - ok
18:43:24.0588 0x11fc  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:43:24.0620 0x11fc  LanmanServer - ok
18:43:24.0651 0x11fc  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:43:24.0713 0x11fc  LanmanWorkstation - ok
18:43:24.0760 0x11fc  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\Windows\system32\DRIVERS\LhdX64.sys
18:43:24.0776 0x11fc  LHDmgr - ok
18:43:24.0838 0x11fc  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
18:43:24.0869 0x11fc  lirsgt - ok
18:43:24.0900 0x11fc  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:43:24.0947 0x11fc  lltdio - ok
18:43:24.0994 0x11fc  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:43:25.0041 0x11fc  lltdsvc - ok
18:43:25.0056 0x11fc  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:43:25.0088 0x11fc  lmhosts - ok
18:43:25.0134 0x11fc  [ A60D56228FF3EE7EC1A56A908924680E, A50D75BB87CF4858681720380E9E1EF7FDFE1411E10D856F3E7BBAF3FB1EDDFC ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:43:25.0134 0x11fc  LMS - ok
18:43:25.0181 0x11fc  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:43:25.0197 0x11fc  LSI_FC - ok
18:43:25.0212 0x11fc  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:43:25.0212 0x11fc  LSI_SAS - ok
18:43:25.0228 0x11fc  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:43:25.0228 0x11fc  LSI_SAS2 - ok
18:43:25.0259 0x11fc  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:43:25.0275 0x11fc  LSI_SCSI - ok
18:43:25.0290 0x11fc  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:43:25.0337 0x11fc  luafv - ok
18:43:25.0400 0x11fc  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:43:25.0415 0x11fc  MBAMProtector - ok
18:43:25.0509 0x11fc  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
18:43:25.0602 0x11fc  MBAMService - ok
18:43:25.0649 0x11fc  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:43:25.0665 0x11fc  MBAMWebAccessControl - ok
18:43:25.0680 0x11fc  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:43:25.0696 0x11fc  Mcx2Svc - ok
18:43:25.0696 0x11fc  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:43:25.0712 0x11fc  megasas - ok
18:43:25.0758 0x11fc  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:43:25.0805 0x11fc  MegaSR - ok
18:43:25.0836 0x11fc  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:43:25.0852 0x11fc  MEIx64 - ok
18:43:25.0946 0x11fc  Microsoft SharePoint Workspace Audit Service - ok
18:43:25.0977 0x11fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:43:26.0055 0x11fc  MMCSS - ok
18:43:26.0117 0x11fc  [ 14F31D60A6C0D73DE9836EDC8F304E83, 58A769B53E65CBD5666F518FE8626BF0DBEBA2D310FAFB9A104FE52AEBB5B34D ] MOBIOLA_Wave    C:\Windows\system32\drivers\mobiolawave.sys
18:43:26.0133 0x11fc  MOBIOLA_Wave - ok
18:43:26.0148 0x11fc  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:43:26.0211 0x11fc  Modem - ok
18:43:26.0242 0x11fc  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:43:26.0273 0x11fc  monitor - ok
18:43:26.0320 0x11fc  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:43:26.0336 0x11fc  mouclass - ok
18:43:26.0367 0x11fc  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:43:26.0382 0x11fc  mouhid - ok
18:43:26.0429 0x11fc  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:43:26.0460 0x11fc  mountmgr - ok
18:43:26.0476 0x11fc  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:43:26.0492 0x11fc  mpio - ok
18:43:26.0507 0x11fc  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:43:26.0538 0x11fc  mpsdrv - ok
18:43:26.0585 0x11fc  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:43:26.0663 0x11fc  MpsSvc - ok
18:43:26.0710 0x11fc  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:43:26.0757 0x11fc  MRxDAV - ok
18:43:26.0804 0x11fc  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:26.0866 0x11fc  mrxsmb - ok
18:43:26.0897 0x11fc  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:26.0944 0x11fc  mrxsmb10 - ok
18:43:26.0975 0x11fc  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:27.0006 0x11fc  mrxsmb20 - ok
18:43:27.0053 0x11fc  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:43:27.0069 0x11fc  msahci - ok
18:43:27.0100 0x11fc  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:43:27.0131 0x11fc  msdsm - ok
18:43:27.0162 0x11fc  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:43:27.0194 0x11fc  MSDTC - ok
18:43:27.0240 0x11fc  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:43:27.0303 0x11fc  Msfs - ok
18:43:27.0350 0x11fc  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:43:27.0396 0x11fc  mshidkmdf - ok
18:43:27.0412 0x11fc  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:43:27.0428 0x11fc  msisadrv - ok
18:43:27.0459 0x11fc  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:43:27.0521 0x11fc  MSiSCSI - ok
18:43:27.0537 0x11fc  msiserver - ok
18:43:27.0552 0x11fc  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:43:27.0615 0x11fc  MSKSSRV - ok
18:43:27.0662 0x11fc  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:43:27.0740 0x11fc  MSPCLOCK - ok
18:43:27.0755 0x11fc  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:43:27.0786 0x11fc  MSPQM - ok
18:43:27.0802 0x11fc  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:43:27.0818 0x11fc  MsRPC - ok
18:43:27.0833 0x11fc  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:43:27.0833 0x11fc  mssmbios - ok
18:43:27.0849 0x11fc  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:43:27.0927 0x11fc  MSTEE - ok
18:43:27.0927 0x11fc  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:43:27.0942 0x11fc  MTConfig - ok
18:43:27.0958 0x11fc  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:43:27.0974 0x11fc  Mup - ok
18:43:28.0020 0x11fc  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:43:28.0098 0x11fc  napagent - ok
18:43:28.0161 0x11fc  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:43:28.0208 0x11fc  NativeWifiP - ok
18:43:28.0348 0x11fc  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
18:43:28.0364 0x11fc  NAUpdate - ok
18:43:28.0426 0x11fc  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:43:28.0457 0x11fc  NDIS - ok
18:43:28.0488 0x11fc  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:43:28.0520 0x11fc  NdisCap - ok
18:43:28.0566 0x11fc  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:43:28.0629 0x11fc  NdisTapi - ok
18:43:28.0676 0x11fc  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:43:28.0707 0x11fc  Ndisuio - ok
18:43:28.0738 0x11fc  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:28.0785 0x11fc  NdisWan - ok
18:43:28.0816 0x11fc  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:43:28.0878 0x11fc  NDProxy - ok
18:43:28.0956 0x11fc  [ D5AC41AE382738483FAFFBD7E373D49A, 68793D15566F387650E9C5010E1CA73BDE3EB4BA431EA0A1673004CAE08413B0 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:43:28.0988 0x11fc  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:43:33.0149 0x11fc  Detect skipped due to KSN trusted
18:43:33.0149 0x11fc  Net Driver HPZ12 - ok
18:43:33.0243 0x11fc  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:43:33.0310 0x11fc  NetBIOS - ok
18:43:33.0333 0x11fc  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:43:33.0380 0x11fc  NetBT - ok
18:43:33.0418 0x11fc  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
18:43:33.0427 0x11fc  Netlogon - ok
18:43:33.0481 0x11fc  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:43:33.0537 0x11fc  Netman - ok
18:43:33.0620 0x11fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:33.0644 0x11fc  NetMsmqActivator - ok
18:43:33.0654 0x11fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:33.0669 0x11fc  NetPipeActivator - ok
18:43:33.0721 0x11fc  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:43:33.0769 0x11fc  netprofm - ok
18:43:33.0775 0x11fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:33.0786 0x11fc  NetTcpActivator - ok
18:43:33.0791 0x11fc  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:33.0801 0x11fc  NetTcpPortSharing - ok
18:43:33.0832 0x11fc  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:43:33.0832 0x11fc  nfrd960 - ok
18:43:33.0879 0x11fc  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:43:33.0957 0x11fc  NlaSvc - ok
18:43:33.0972 0x11fc  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:43:34.0010 0x11fc  Npfs - ok
18:43:34.0042 0x11fc  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
18:43:34.0085 0x11fc  nsi - ok
18:43:34.0104 0x11fc  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:43:34.0145 0x11fc  nsiproxy - ok
18:43:34.0219 0x11fc  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:43:34.0288 0x11fc  Ntfs - ok
18:43:34.0312 0x11fc  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:43:34.0356 0x11fc  Null - ok
18:43:34.0767 0x11fc  [ 757ACE4D4C9FF0571F86AA5D586B45E8, E7F23CC1DE26E2DAA690B78B05FC001EE0051F0ED9B9BCE9E7FA4E9684D4F3D4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:43:35.0190 0x11fc  nvlddmkm - ok
18:43:35.0346 0x11fc  [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:43:35.0377 0x11fc  NvNetworkService - ok
18:43:35.0415 0x11fc  [ 445422B928D2FE322BB6B956EA77DC7B, 101D940D323BE6086FE0743B34C8717C573B07566334843E571CE6365BEE16D4 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
18:43:35.0431 0x11fc  nvpciflt - ok
18:43:35.0462 0x11fc  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:43:35.0478 0x11fc  nvraid - ok
18:43:35.0493 0x11fc  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:43:35.0509 0x11fc  nvstor - ok
18:43:35.0627 0x11fc  [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:43:35.0636 0x11fc  NvStreamKms - ok
18:43:36.0202 0x11fc  [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:43:36.0777 0x11fc  NvStreamSvc - ok
18:43:36.0866 0x11fc  [ 1C7CC708AC4A02A3BE8915539780534A, 0EBDE100880963BF1EC05002BA244CA7700693E958D1974CDD2AC3927D93224F ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:43:36.0881 0x11fc  nvsvc - ok
18:43:36.0928 0x11fc  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:43:36.0944 0x11fc  nvvad_WaveExtensible - ok
18:43:36.0975 0x11fc  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:43:37.0006 0x11fc  nv_agp - ok
18:43:37.0022 0x11fc  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:43:37.0037 0x11fc  ohci1394 - ok
18:43:37.0162 0x11fc  [ 2184024728C007F57C22A5CFB967F75F, 2AF3596C61C16283520A3B964F242E7515C5D334F4B6405A1875DCE6AAB6671C ] OpenVPNService  C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
18:43:37.0178 0x11fc  OpenVPNService - ok
18:43:37.0406 0x11fc  [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:43:37.0562 0x11fc  Origin Client Service - ok
18:43:37.0624 0x11fc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:37.0656 0x11fc  ose - ok
18:43:37.0843 0x11fc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:43:38.0077 0x11fc  osppsvc - ok
18:43:38.0108 0x11fc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:43:38.0202 0x11fc  p2pimsvc - ok
18:43:38.0248 0x11fc  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:43:38.0332 0x11fc  p2psvc - ok
18:43:38.0357 0x11fc  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:43:38.0380 0x11fc  Parport - ok
18:43:38.0396 0x11fc  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:43:38.0411 0x11fc  partmgr - ok
18:43:38.0444 0x11fc  [ A1E779A0CF7A21B42E8FD3E8856D8481, 40DE8155861E6126D6E39FF05E5E92E32C929874500671AB61592A659F09B88C ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
18:43:38.0460 0x11fc  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
18:43:42.0641 0x11fc  Detect skipped due to KSN trusted
18:43:42.0641 0x11fc  PassThru Service - ok
18:43:42.0703 0x11fc  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:43:42.0734 0x11fc  PcaSvc - ok
18:43:42.0797 0x11fc  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:43:42.0808 0x11fc  pci - ok
18:43:42.0846 0x11fc  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:43:42.0863 0x11fc  pciide - ok
18:43:42.0885 0x11fc  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:43:42.0901 0x11fc  pcmcia - ok
18:43:42.0917 0x11fc  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:43:42.0917 0x11fc  pcw - ok
18:43:42.0948 0x11fc  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:43:43.0022 0x11fc  PEAUTH - ok
18:43:43.0127 0x11fc  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:43:43.0158 0x11fc  PerfHost - ok
18:43:43.0267 0x11fc  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
18:43:43.0345 0x11fc  pla - ok
18:43:43.0423 0x11fc  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:43:43.0532 0x11fc  PlugPlay - ok
18:43:43.0595 0x11fc  [ 37F6046CDC630442D7DC087501FF6FC6, EFC0F3DA49839CA263CD95AE5015F4FC554D9D845A58A699C542C8C96E70ED3C ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:43:43.0610 0x11fc  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:43:47.0793 0x11fc  Detect skipped due to KSN trusted
18:43:47.0793 0x11fc  Pml Driver HPZ12 - ok
18:43:47.0824 0x11fc  PnkBstrA - ok
18:43:47.0839 0x11fc  PnkBstrB - ok
18:43:47.0867 0x11fc  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:43:47.0893 0x11fc  PNRPAutoReg - ok
18:43:47.0924 0x11fc  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:43:47.0955 0x11fc  PNRPsvc - ok
18:43:48.0004 0x11fc  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:43:48.0066 0x11fc  PolicyAgent - ok
18:43:48.0082 0x11fc  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:43:48.0113 0x11fc  Power - ok
18:43:48.0160 0x11fc  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:43:48.0222 0x11fc  PptpMiniport - ok
18:43:48.0238 0x11fc  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:43:48.0253 0x11fc  Processor - ok
18:43:48.0300 0x11fc  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:43:48.0342 0x11fc  ProfSvc - ok
18:43:48.0376 0x11fc  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:43:48.0391 0x11fc  ProtectedStorage - ok
18:43:48.0434 0x11fc  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:43:48.0476 0x11fc  Psched - ok
18:43:48.0559 0x11fc  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:43:48.0658 0x11fc  ql2300 - ok
18:43:48.0673 0x11fc  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:43:48.0673 0x11fc  ql40xx - ok
18:43:48.0704 0x11fc  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:43:48.0736 0x11fc  QWAVE - ok
18:43:48.0751 0x11fc  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:43:48.0780 0x11fc  QWAVEdrv - ok
18:43:48.0793 0x11fc  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:43:48.0810 0x11fc  RasAcd - ok
18:43:48.0857 0x11fc  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:43:48.0904 0x11fc  RasAgileVpn - ok
18:43:48.0942 0x11fc  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:43:49.0005 0x11fc  RasAuto - ok
18:43:49.0039 0x11fc  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:43:49.0074 0x11fc  Rasl2tp - ok
18:43:49.0094 0x11fc  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:43:49.0125 0x11fc  RasMan - ok
18:43:49.0149 0x11fc  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:43:49.0176 0x11fc  RasPppoe - ok
18:43:49.0226 0x11fc  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:43:49.0305 0x11fc  RasSstp - ok
18:43:49.0337 0x11fc  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:43:49.0393 0x11fc  rdbss - ok
18:43:49.0394 0x11fc  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:43:49.0425 0x11fc  rdpbus - ok
18:43:49.0540 0x11fc  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:43:49.0610 0x11fc  RDPCDD - ok
18:43:49.0642 0x11fc  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:43:49.0673 0x11fc  RDPENCDD - ok
18:43:49.0704 0x11fc  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:43:49.0742 0x11fc  RDPREFMP - ok
18:43:49.0775 0x11fc  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:43:49.0822 0x11fc  RDPWD - ok
18:43:49.0853 0x11fc  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:43:49.0868 0x11fc  rdyboost - ok
18:43:49.0900 0x11fc  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:43:49.0946 0x11fc  RemoteAccess - ok
18:43:49.0993 0x11fc  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:43:50.0065 0x11fc  RemoteRegistry - ok
18:43:50.0108 0x11fc  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
18:43:50.0142 0x11fc  RFCOMM - ok
18:43:50.0174 0x11fc  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:43:50.0208 0x11fc  RpcEptMapper - ok
18:43:50.0227 0x11fc  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:43:50.0227 0x11fc  RpcLocator - ok
18:43:50.0258 0x11fc  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
18:43:50.0289 0x11fc  RpcSs - ok
18:43:50.0332 0x11fc  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:43:50.0375 0x11fc  rspndr - ok
18:43:50.0406 0x11fc  RSUSBVSTOR - ok
18:43:50.0453 0x11fc  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
18:43:50.0468 0x11fc  SamSs - ok
18:43:50.0499 0x11fc  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:43:50.0515 0x11fc  sbp2port - ok
18:43:50.0562 0x11fc  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:43:50.0624 0x11fc  SCardSvr - ok
18:43:50.0655 0x11fc  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:43:50.0702 0x11fc  scfilter - ok
18:43:50.0749 0x11fc  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
18:43:50.0811 0x11fc  Schedule - ok
18:43:50.0843 0x11fc  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:43:50.0879 0x11fc  SCPolicySvc - ok
18:43:50.0895 0x11fc  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:43:50.0960 0x11fc  SDRSVC - ok
18:43:50.0991 0x11fc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:43:51.0038 0x11fc  secdrv - ok
18:43:51.0053 0x11fc  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
18:43:51.0084 0x11fc  seclogon - ok
18:43:51.0131 0x11fc  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:43:51.0174 0x11fc  SENS - ok
18:43:51.0190 0x11fc  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:43:51.0284 0x11fc  SensrSvc - ok
18:43:51.0299 0x11fc  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:43:51.0330 0x11fc  Serenum - ok
18:43:51.0364 0x11fc  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
18:43:51.0410 0x11fc  Serial - ok
18:43:51.0426 0x11fc  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:43:51.0442 0x11fc  sermouse - ok
18:43:51.0473 0x11fc  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:43:51.0504 0x11fc  SessionEnv - ok
18:43:51.0504 0x11fc  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:43:51.0535 0x11fc  sffdisk - ok
18:43:51.0535 0x11fc  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:43:51.0566 0x11fc  sffp_mmc - ok
18:43:51.0566 0x11fc  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:43:51.0582 0x11fc  sffp_sd - ok
18:43:51.0582 0x11fc  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:43:51.0598 0x11fc  sfloppy - ok
18:43:51.0663 0x11fc  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
18:43:51.0710 0x11fc  Sftfs - ok
18:43:51.0838 0x11fc  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:43:51.0859 0x11fc  sftlist - ok
18:43:51.0890 0x11fc  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:43:51.0906 0x11fc  Sftplay - ok
18:43:51.0922 0x11fc  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:43:51.0922 0x11fc  Sftredir - ok
18:43:51.0968 0x11fc  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
18:43:51.0984 0x11fc  Sftvol - ok
18:43:52.0015 0x11fc  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:43:52.0046 0x11fc  sftvsa - ok
18:43:52.0115 0x11fc  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:43:52.0178 0x11fc  SharedAccess - ok
18:43:52.0224 0x11fc  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:43:52.0256 0x11fc  ShellHWDetection - ok
18:43:52.0287 0x11fc  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:43:52.0303 0x11fc  SiSRaid2 - ok
18:43:52.0320 0x11fc  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:43:52.0331 0x11fc  SiSRaid4 - ok
18:43:52.0420 0x11fc  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:43:52.0467 0x11fc  SkypeUpdate - ok
18:43:52.0498 0x11fc  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:43:52.0530 0x11fc  Smb - ok
18:43:52.0561 0x11fc  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:43:52.0592 0x11fc  SNMPTRAP - ok
18:43:52.0673 0x11fc  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
18:43:52.0689 0x11fc  speedfan - ok
18:43:52.0705 0x11fc  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:43:52.0720 0x11fc  spldr - ok
18:43:52.0767 0x11fc  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:43:52.0845 0x11fc  Spooler - ok
18:43:52.0985 0x11fc  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:43:53.0192 0x11fc  sppsvc - ok
18:43:53.0207 0x11fc  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:43:53.0239 0x11fc  sppuinotify - ok
18:43:53.0254 0x11fc  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:43:53.0301 0x11fc  srv - ok
18:43:53.0332 0x11fc  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:43:53.0379 0x11fc  srv2 - ok
18:43:53.0410 0x11fc  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:43:53.0441 0x11fc  srvnet - ok
18:43:53.0473 0x11fc  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:43:53.0538 0x11fc  SSDPSRV - ok
18:43:53.0558 0x11fc  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:43:53.0590 0x11fc  SstpSvc - ok
18:43:53.0669 0x11fc  [ 0398BF35F898BA77033E678609AAB64F, E48D2E1E1C8FD314340BA1AA69E8942F630139B1E7019C8828BA5525444320D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:43:53.0700 0x11fc  Steam Client Service - ok
18:43:53.0715 0x11fc  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:43:53.0715 0x11fc  stexstor - ok
18:43:53.0747 0x11fc  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:43:53.0780 0x11fc  stisvc - ok
18:43:53.0811 0x11fc  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:43:53.0811 0x11fc  swenum - ok
18:43:53.0842 0x11fc  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:43:53.0892 0x11fc  swprv - ok
18:43:53.0960 0x11fc  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
18:43:54.0038 0x11fc  SysMain - ok
18:43:54.0053 0x11fc  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:43:54.0069 0x11fc  TabletInputService - ok
18:43:54.0147 0x11fc  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:43:54.0162 0x11fc  tap0901 - ok
18:43:54.0209 0x11fc  [ B08740047145B9BCE15BF75CA0F9718A, 3E2A8A5A2A4DC4D0F05E22EA2C0EBD85AA5C7C6854E873D53538D1F54B8F7C63 ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
18:43:54.0240 0x11fc  tap0901t - detected UnsignedFile.Multi.Generic ( 1 )
18:43:58.0458 0x11fc  Detect skipped due to KSN trusted
18:43:58.0458 0x11fc  tap0901t - ok
18:43:58.0567 0x11fc  [ BCF5E78E87D258088346E399E406E501, FD75AC5A7085E08AB00A2D0CE01970873598E381B6542DC5EBAC240D727AF6D7 ] taphss6         C:\Windows\system32\DRIVERS\taphss6.sys
18:43:58.0583 0x11fc  taphss6 - ok
18:43:58.0629 0x11fc  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:43:58.0725 0x11fc  TapiSrv - ok
18:43:58.0741 0x11fc  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
18:43:58.0772 0x11fc  TBS - ok
18:43:58.0897 0x11fc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:43:59.0021 0x11fc  Tcpip - ok
18:43:59.0084 0x11fc  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:43:59.0115 0x11fc  TCPIP6 - ok
18:43:59.0177 0x11fc  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:43:59.0193 0x11fc  tcpipreg - ok
18:43:59.0259 0x11fc  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:43:59.0291 0x11fc  TDPIPE - ok
18:43:59.0306 0x11fc  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:43:59.0337 0x11fc  TDTCP - ok
18:43:59.0400 0x11fc  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:43:59.0447 0x11fc  tdx - ok
18:43:59.0478 0x11fc  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:43:59.0493 0x11fc  TermDD - ok
18:43:59.0571 0x11fc  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:43:59.0603 0x11fc  TermService - ok
18:43:59.0618 0x11fc  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:43:59.0634 0x11fc  Themes - ok
18:43:59.0665 0x11fc  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:43:59.0681 0x11fc  THREADORDER - ok
18:43:59.0712 0x11fc  [ DBCC20C02E8A3E43B03C304A4E40A84F, BF5F3ACCB0342304A6870E94D2576644B08DBF307C853C7DBA4B82B0C7309DA4 ] TPM             C:\Windows\system32\drivers\tpm.sys
18:43:59.0712 0x11fc  TPM - ok
18:43:59.0743 0x11fc  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:43:59.0791 0x11fc  TrkWks - ok
18:43:59.0838 0x11fc  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:43:59.0900 0x11fc  TrustedInstaller - ok
18:43:59.0932 0x11fc  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:43:59.0963 0x11fc  tssecsrv - ok
         

Alt 31.05.2015, 17:52   #8
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



TDSSKiller Teil 2:

Code:
ATTFilter
18:43:59.0994 0x11fc  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:44:00.0041 0x11fc  TsUsbFlt - ok
18:44:00.0056 0x11fc  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:44:00.0088 0x11fc  TsUsbGD - ok
18:44:00.0119 0x11fc  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:44:00.0150 0x11fc  tunnel - ok
18:44:00.0166 0x11fc  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:44:00.0181 0x11fc  uagp35 - ok
18:44:00.0197 0x11fc  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:44:00.0244 0x11fc  udfs - ok
18:44:00.0275 0x11fc  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:44:00.0303 0x11fc  UI0Detect - ok
18:44:00.0322 0x11fc  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:44:00.0322 0x11fc  uliagpkx - ok
18:44:00.0338 0x11fc  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:44:00.0369 0x11fc  umbus - ok
18:44:00.0369 0x11fc  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:44:00.0385 0x11fc  UmPass - ok
18:44:00.0478 0x11fc  [ A0153CC9D28568A10BDAEE5EC612CFC8, C980FBB978545A1DDCA9FAB88CD9468FE1EF39D93272F0BEE13B7625B9787547 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:44:00.0494 0x11fc  UNS - ok
18:44:00.0525 0x11fc  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:44:00.0572 0x11fc  upnphost - ok
18:44:00.0634 0x11fc  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:44:00.0650 0x11fc  usbaudio - ok
18:44:00.0681 0x11fc  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:44:00.0697 0x11fc  usbccgp - ok
18:44:00.0759 0x11fc  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:44:00.0837 0x11fc  usbcir - ok
18:44:00.0870 0x11fc  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:44:00.0902 0x11fc  usbehci - ok
18:44:00.0933 0x11fc  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:44:00.0964 0x11fc  usbhub - ok
18:44:00.0995 0x11fc  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:44:01.0011 0x11fc  usbohci - ok
18:44:01.0026 0x11fc  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:44:01.0049 0x11fc  usbprint - ok
18:44:01.0065 0x11fc  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:44:01.0104 0x11fc  USBSTOR - ok
18:44:01.0120 0x11fc  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:44:01.0151 0x11fc  usbuhci - ok
18:44:01.0198 0x11fc  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:44:01.0245 0x11fc  usbvideo - ok
18:44:01.0307 0x11fc  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
18:44:01.0338 0x11fc  usb_rndisx - ok
18:44:01.0369 0x11fc  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:44:01.0463 0x11fc  UxSms - ok
18:44:01.0494 0x11fc  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
18:44:01.0525 0x11fc  VaultSvc - ok
18:44:01.0606 0x11fc  [ 3C8E2C591345F38149C69FE8E5DF8C90, 9F4BB9BDA09CB2E99A6A888B288F322AE5C460B5D124CD714C6F00FF5029144B ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:44:01.0637 0x11fc  VClone - ok
18:44:01.0669 0x11fc  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:44:01.0684 0x11fc  vdrvroot - ok
18:44:01.0731 0x11fc  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:44:01.0809 0x11fc  vds - ok
18:44:01.0825 0x11fc  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:44:01.0840 0x11fc  vga - ok
18:44:01.0871 0x11fc  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:44:01.0934 0x11fc  VgaSave - ok
18:44:01.0965 0x11fc  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:44:01.0981 0x11fc  vhdmp - ok
18:44:02.0012 0x11fc  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:44:02.0012 0x11fc  viaide - ok
18:44:02.0027 0x11fc  vm332avs - ok
18:44:02.0059 0x11fc  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:44:02.0059 0x11fc  volmgr - ok
18:44:02.0090 0x11fc  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:44:02.0127 0x11fc  volmgrx - ok
18:44:02.0140 0x11fc  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:44:02.0156 0x11fc  volsnap - ok
18:44:02.0187 0x11fc  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:44:02.0202 0x11fc  vsmraid - ok
18:44:02.0271 0x11fc  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:44:02.0351 0x11fc  VSS - ok
18:44:02.0582 0x11fc  [ FA99DFCC12731500CE052C69A81737B8, 7470AC5704BF4AF4AF8A74DA5CFBD23DCF50C88072EAAA90493251A14C91E383 ] vToolbarUpdater18.5.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe
18:44:02.0613 0x11fc  vToolbarUpdater18.5.0 - ok
18:44:02.0629 0x11fc  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
18:44:02.0644 0x11fc  vwifibus - ok
18:44:02.0675 0x11fc  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:44:02.0691 0x11fc  vwififlt - ok
18:44:02.0722 0x11fc  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
18:44:02.0722 0x11fc  vwifimp - ok
18:44:02.0769 0x11fc  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:44:02.0803 0x11fc  W32Time - ok
18:44:02.0830 0x11fc  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:44:02.0840 0x11fc  WacomPen - ok
18:44:02.0855 0x11fc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:44:02.0902 0x11fc  WANARP - ok
18:44:02.0902 0x11fc  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:44:02.0933 0x11fc  Wanarpv6 - ok
18:44:03.0042 0x11fc  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:44:03.0105 0x11fc  WatAdminSvc - ok
18:44:03.0198 0x11fc  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:44:03.0308 0x11fc  wbengine - ok
18:44:03.0323 0x11fc  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:44:03.0339 0x11fc  WbioSrvc - ok
18:44:03.0370 0x11fc  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:44:03.0408 0x11fc  wcncsvc - ok
18:44:03.0423 0x11fc  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:44:03.0486 0x11fc  WcsPlugInService - ok
18:44:03.0517 0x11fc  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:44:03.0532 0x11fc  Wd - ok
18:44:03.0606 0x11fc  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:44:03.0636 0x11fc  Wdf01000 - ok
18:44:03.0683 0x11fc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:44:03.0714 0x11fc  WdiServiceHost - ok
18:44:03.0714 0x11fc  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:44:03.0730 0x11fc  WdiSystemHost - ok
18:44:03.0761 0x11fc  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
18:44:03.0855 0x11fc  WebClient - ok
18:44:03.0886 0x11fc  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:44:03.0964 0x11fc  Wecsvc - ok
18:44:03.0995 0x11fc  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:44:04.0070 0x11fc  wercplsupport - ok
18:44:04.0085 0x11fc  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:44:04.0136 0x11fc  WerSvc - ok
18:44:04.0170 0x11fc  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:44:04.0186 0x11fc  WfpLwf - ok
18:44:04.0217 0x11fc  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:44:04.0217 0x11fc  WIMMount - ok
18:44:04.0248 0x11fc  WinDefend - ok
18:44:04.0264 0x11fc  WinHttpAutoProxySvc - ok
18:44:04.0326 0x11fc  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:44:04.0421 0x11fc  Winmgmt - ok
18:44:04.0503 0x11fc  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
18:44:04.0612 0x11fc  WinRM - ok
18:44:04.0659 0x11fc  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
18:44:04.0676 0x11fc  WinUsb - ok
18:44:04.0723 0x11fc  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:44:04.0770 0x11fc  Wlansvc - ok
18:44:04.0957 0x11fc  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:44:05.0020 0x11fc  wlidsvc - ok
18:44:05.0054 0x11fc  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
18:44:05.0054 0x11fc  WmiAcpi - ok
18:44:05.0085 0x11fc  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:44:05.0132 0x11fc  wmiApSrv - ok
18:44:05.0163 0x11fc  WMPNetworkSvc - ok
18:44:05.0179 0x11fc  wolf - ok
18:44:05.0210 0x11fc  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:44:05.0241 0x11fc  WPCSvc - ok
18:44:05.0257 0x11fc  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:44:05.0303 0x11fc  WPDBusEnum - ok
18:44:05.0319 0x11fc  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:44:05.0350 0x11fc  ws2ifsl - ok
18:44:05.0381 0x11fc  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:44:05.0397 0x11fc  wscsvc - ok
18:44:05.0397 0x11fc  WSearch - ok
18:44:05.0428 0x11fc  [ 83575C43B2BFE9AB0661A7F957E843C0, 6FCE62721902A4F35F1A4CED8AF60A0346CFAB657ED92DE4CEFF19BDB830D32D ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
18:44:05.0459 0x11fc  wsvd - ok
18:44:05.0577 0x11fc  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:44:05.0700 0x11fc  wuauserv - ok
18:44:05.0735 0x11fc  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:44:05.0788 0x11fc  WudfPf - ok
18:44:05.0822 0x11fc  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
18:44:05.0836 0x11fc  WUDFRd - ok
18:44:05.0872 0x11fc  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:44:05.0883 0x11fc  wudfsvc - ok
18:44:05.0928 0x11fc  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:44:05.0966 0x11fc  WwanSvc - ok
18:44:06.0037 0x11fc  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
18:44:06.0053 0x11fc  xusb21 - ok
18:44:06.0100 0x11fc  [ D65B42FBF19C676AA01AE95EC62F7764, 20536DEE96A2F00456AF14A8893AABA6801132EBDA8E4F600FEE85DC0903F77F ] ZAtheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
18:44:06.0131 0x11fc  ZAtheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
18:44:10.0279 0x11fc  Detect skipped due to KSN trusted
18:44:10.0279 0x11fc  ZAtheros Bt&Wlan Coex Agent - ok
18:44:10.0376 0x11fc  ================ Scan global ===============================
18:44:10.0394 0x11fc  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:44:10.0434 0x11fc  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
18:44:10.0448 0x11fc  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
18:44:10.0481 0x11fc  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:44:10.0535 0x11fc  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:44:10.0544 0x11fc  [ Global ] - ok
18:44:10.0544 0x11fc  ================ Scan MBR ==================================
18:44:10.0573 0x11fc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:44:10.0944 0x11fc  \Device\Harddisk0\DR0 - ok
18:44:10.0944 0x11fc  ================ Scan VBR ==================================
18:44:10.0944 0x11fc  [ 49290B856A6655606FCF4840F1AED28D ] \Device\Harddisk0\DR0\Partition1
18:44:10.0962 0x11fc  \Device\Harddisk0\DR0\Partition1 - ok
18:44:10.0965 0x11fc  [ F05285AD115AB0F13F11638B7C820530 ] \Device\Harddisk0\DR0\Partition2
18:44:10.0968 0x11fc  \Device\Harddisk0\DR0\Partition2 - ok
18:44:10.0970 0x11fc  [ B7B1113F55AF3D93CB382F4B2A9BD2E3 ] \Device\Harddisk0\DR0\Partition3
18:44:10.0970 0x11fc  \Device\Harddisk0\DR0\Partition3 - ok
18:44:10.0970 0x11fc  ================ Scan generic autorun ======================
18:44:11.0297 0x11fc  [ FC1CEFA4039AEA767C1B7B07ED7C99D7, 326828F901A8F49BAB95222219653769AD7528EAE154811D2778F299FF9932F3 ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
18:44:11.0438 0x11fc  Energy Management - ok
18:44:11.0655 0x11fc  [ E55169229CD9E0BA6AD5D6DC7C7CDF22, B63053D9E2FEC11024EA65D7678605F61830C50B88B20D03A7BE40FAD835E74D ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
18:44:11.0749 0x11fc  EnergyUtility - ok
18:44:11.0811 0x11fc  [ 3F35AC7163E403C1FA8D34EB2FF36302, 47AE59E315A2BAE7003A18BFDC3859EFBED511822F4BA5F2E02C6D2464A019C1 ] C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe
18:44:11.0827 0x11fc  Lenovo EE Boot Optimizer - ok
18:44:12.0014 0x11fc  [ 93FD4CF3A08F7C4EACB4E11C8AB617BD, 91B9E09CC64C2E7C8C8319C4914ED5BFBAF13A106B7474BF9C336910E65A94BD ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
18:44:12.0092 0x11fc  egui - ok
18:44:12.0234 0x11fc  [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:44:12.0280 0x11fc  NvBackend - ok
18:44:12.0296 0x11fc  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:44:12.0312 0x11fc  ShadowPlay - ok
18:44:12.0421 0x11fc  [ AAFCA7631F21F9D2D9B7BFA9355A9E97, F8B7884A6AD3AB4A9C5431CBDEB4569AD15CF2DD69437CD24160DC7AF04ED337 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
18:44:12.0436 0x11fc  cAudioFilterAgent - ok
18:44:12.0561 0x11fc  [ 2CCBF56FE425E5784B7209040094E33F, F90C3DF229D97AD3857C3F22CD9A70CF1190219D53DDB4EF632F9287D8D2557E ] C:\Program Files\CONEXANT\SAII\SACpl.exe
18:44:12.0624 0x11fc  SmartAudio - ok
18:44:12.0686 0x11fc  [ 766AE515B1749F2141E418CC6C08515B, 02DDB5A7DB8278AA47A951604818E73DB69155DBF1ECD06B6E11926204EADAE7 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
18:44:12.0702 0x11fc  IAStorIcon - ok
18:44:12.0892 0x11fc  [ 4E1CA3ADD7338B84DA96E5A5CF99673F, C2D9816868A067DA93A83979C05BE5818A4AFAD8A449D7AF3330242C2CE6F674 ] C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe
18:44:13.0032 0x11fc  Lenovo Registration - ok
18:44:13.0104 0x11fc  [ 7A0380A50F4D11D996BDA159437D2968, E7A52ADBEFB8BCA0F7503677A0986FA0FD5FC0F6EA9E556F342D5A7C858B72F2 ] C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
18:44:13.0116 0x11fc  VeriFaceManager - ok
18:44:13.0135 0x11fc  [ 7D6C13D5D2A120BFD0776CB3AB2C6B8F, 2787EB6EA4DDD627DCCE967A5CEBF37E112ED86B3C62F1A8F2DC214FF7A97DD1 ] C:\Program Files (x86)\LockKey\LockKey.exe
18:44:13.0151 0x11fc  LockKey - ok
18:44:13.0182 0x11fc  vProt - ok
18:44:13.0244 0x11fc  [ 61042F27FF3E8D233812B6C4A62A1D36, F6B6F724E310F84577367CCF7D60BA0B81931EC0E018F15B34F8D402FF3CDA08 ] C:\REVOLT~1\wh_exec.exe
18:44:13.0260 0x11fc  WheelMouse - detected UnsignedFile.Multi.Generic ( 1 )
18:44:17.0603 0x11fc  WheelMouse ( UnsignedFile.Multi.Generic ) - warning
18:44:30.0967 0x11fc  [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:44:30.0982 0x11fc  SunJavaUpdateSched - ok
18:44:31.0081 0x11fc  [ EFC77110B674E4F0945E7E85E2EAAB7C, F6CC7D74C45A9EDAC81E97EB225DD1465A640A6DF79605A468C1C381FB12D5F4 ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
18:44:31.0103 0x11fc  Dolby Advanced Audio v2 - ok
18:44:31.0197 0x11fc  [ CA0C365133D27649D3EFAD5E611AF271, 5B1E2E7C2DCC0B45163B8BC8E8607D03328530A89EA929645437CBA154C74DE4 ] C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe
18:44:31.0217 0x11fc  VolPanel - detected UnsignedFile.Multi.Generic ( 1 )
18:44:35.0407 0x11fc  Detect skipped due to KSN trusted
18:44:35.0407 0x11fc  VolPanel - ok
18:44:35.0563 0x11fc  [ 5E7601CCBC2A98A4457E50612E0AEE73, 3F5FDCF1BEC5B134433F62ADD5C2931F700F2B7CBEDB0A98EF1362BF6E9FAC03 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
18:44:35.0595 0x11fc  GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
18:44:39.0795 0x11fc  GamingMouse ( UnsignedFile.Multi.Generic ) - warning
18:44:53.0079 0x11fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:53.0213 0x11fc  Sidebar - ok
18:44:53.0228 0x11fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:53.0260 0x11fc  mctadmin - ok
18:44:53.0306 0x11fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:53.0338 0x11fc  Sidebar - ok
18:44:53.0338 0x11fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:53.0353 0x11fc  mctadmin - ok
18:44:53.0400 0x11fc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:44:53.0431 0x11fc  Sidebar - ok
18:44:53.0431 0x11fc  Power2GoExpress - ok
18:44:53.0618 0x11fc  [ 38FFE94BC02E5E7525AEB654CF7A4F55, 426D35DC84B59ECECCFC21ACA74A3A11682BC95232939A5EFFECFCC8FE492A70 ] C:\Program Files (x86)\Steam\steam.exe
18:44:53.0665 0x11fc  Steam - ok
18:44:53.0837 0x11fc  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:44:53.0977 0x11fc  DAEMON Tools Lite - ok
18:44:54.0149 0x11fc  [ 05EF48203CC819B57F8665217FB6DDF5, D34DA867FA4F6B8BF5BCF5C9DE5E5CC315632CFA8A4056567DEF431CEE524A8E ] C:\Program Files (x86)\Origin\Origin.exe
18:44:54.0290 0x11fc  EADM - ok
18:44:54.0402 0x11fc  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:44:54.0433 0x11fc  Facebook Update - ok
18:44:54.0483 0x11fc  Skype - ok
18:44:54.0499 0x11fc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:44:54.0530 0x11fc  mctadmin - ok
18:44:54.0561 0x11fc  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:44:54.0608 0x11fc  Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
18:44:54.0733 0x11fc  [ 38FFE94BC02E5E7525AEB654CF7A4F55, 426D35DC84B59ECECCFC21ACA74A3A11682BC95232939A5EFFECFCC8FE492A70 ] C:\Program Files (x86)\Steam\steam.exe
18:44:54.0873 0x11fc  Steam - ok
18:44:54.0969 0x11fc  [ E998F77C0943056319A6A46C330606A4, C154EC2D62ECBDAB62FD4FDF97157FF93EFBC1640871A68BCA38E43DAD55D2B4 ] C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe
18:44:54.0984 0x11fc  WLAN Optimizer - detected UnsignedFile.Multi.Generic ( 1 )
18:44:59.0156 0x11fc  Detect skipped due to KSN trusted
18:44:59.0156 0x11fc  WLAN Optimizer - ok
18:44:59.0327 0x11fc  [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
18:44:59.0365 0x11fc  Spotify Web Helper - ok
18:44:59.0367 0x11fc  Skype - ok
18:44:59.0484 0x11fc  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Sebiha\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:44:59.0494 0x11fc  Facebook Update - ok
18:44:59.0623 0x11fc  [ 38FFE94BC02E5E7525AEB654CF7A4F55, 426D35DC84B59ECECCFC21ACA74A3A11682BC95232939A5EFFECFCC8FE492A70 ] C:\Program Files (x86)\Steam\steam.exe
18:44:59.0673 0x11fc  Steam - ok
18:44:59.0803 0x11fc  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:44:59.0879 0x11fc  DAEMON Tools Lite - ok
18:45:00.0018 0x11fc  [ 05EF48203CC819B57F8665217FB6DDF5, D34DA867FA4F6B8BF5BCF5C9DE5E5CC315632CFA8A4056567DEF431CEE524A8E ] C:\Program Files (x86)\Origin\Origin.exe
18:45:00.0080 0x11fc  EADM - ok
18:45:00.0111 0x11fc  WLAN Optimizer - ok
18:45:00.0143 0x11fc  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:45:00.0174 0x11fc  Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
18:45:00.0299 0x11fc  [ 38FFE94BC02E5E7525AEB654CF7A4F55, 426D35DC84B59ECECCFC21ACA74A3A11682BC95232939A5EFFECFCC8FE492A70 ] C:\Program Files (x86)\Steam\steam.exe
18:45:00.0361 0x11fc  Steam - ok
18:45:00.0501 0x11fc  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:45:00.0567 0x11fc  DAEMON Tools Lite - ok
18:45:00.0583 0x11fc  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:45:00.0583 0x11fc  Facebook Update - ok
18:45:00.0583 0x11fc  Skype - ok
18:45:00.0645 0x11fc  WLAN Optimizer - ok
18:45:00.0692 0x11fc  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:45:00.0739 0x11fc  Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
18:45:00.0801 0x11fc  [ CF384C3A268A8BEA014ADA0A5346BCD7, A6614CC576A168A8F6239518AF81521CEB086027DACB8CD5AE80C157EA8084C9 ] C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe
18:45:00.0817 0x11fc  StartMSu - detected UnsignedFile.Multi.Generic ( 1 )
18:45:05.0004 0x11fc  Detect skipped due to KSN trusted
18:45:05.0004 0x11fc  StartMSu - ok
18:45:05.0113 0x11fc  [ 15BA44432E0BAC44233D1203DD33457B, 73874E1AD8D8E94EBAAAE4CEDED963A74AD0EE03D0AA660E34043DDAAFD06DCC ] C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe
18:45:05.0382 0x11fc  InetReg - ok
18:45:05.0569 0x11fc  [ 88C89106CC688730E1AC7C69808A5F05, 2DCCBB7A962433E0707F81220406BED4C4BDDCA0B6152752E62D17B1BA1AA091 ] C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe
18:45:05.0663 0x11fc  CTAutoUpdate - ok
18:45:05.0795 0x11fc  [ 38FFE94BC02E5E7525AEB654CF7A4F55, 426D35DC84B59ECECCFC21ACA74A3A11682BC95232939A5EFFECFCC8FE492A70 ] C:\Program Files (x86)\Steam\steam.exe
18:45:05.0842 0x11fc  Steam - ok
18:45:05.0982 0x11fc  [ DC34596BFCF0BD472AA1D48449D8A7DF, B1A1AD8A72D585525CC4FEA4984EAD0AC0077640D2A4CF478BAA10BA3F08711A ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:45:06.0044 0x11fc  DAEMON Tools Lite - ok
18:45:06.0076 0x11fc  [ 2A3FB4C98F139038E23330D2439DB8A4, DE9253AD362B03FA5D3D4912662398E5C4AC76F7274B83E51C251A6921A5B838 ] C:\Users\Yusa-Enes\AppData\Local\Facebook\Update\FacebookUpdate.exe
18:45:06.0076 0x11fc  Facebook Update - ok
18:45:06.0076 0x11fc  Skype - ok
18:45:06.0154 0x11fc  WLAN Optimizer - ok
18:45:06.0185 0x11fc  [ 5746BD7E255DD6A8AFA06F7C42C1BA41, DB06C3534964E3FC79D2763144BA53742D7FA250CA336F4A0FE724B75AAFF386 ] C:\Windows\system32\cmd.exe
18:45:06.0216 0x11fc  Uninstall C:\Users\Yusa-Enes\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64 - ok
18:45:06.0216 0x11fc  Waiting for KSN requests completion. In queue: 3
18:45:07.0221 0x11fc  Waiting for KSN requests completion. In queue: 3
18:45:08.0224 0x11fc  Waiting for KSN requests completion. In queue: 2
18:45:09.0229 0x11fc  Waiting for KSN requests completion. In queue: 2
18:45:10.0233 0x11fc  Waiting for KSN requests completion. In queue: 2
18:45:11.0314 0x11fc  AV detected via SS2: ESET NOD32 Antivirus 5.2, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 5.2.7.0 ), 0x41000 ( enabled : updated )
18:45:11.0330 0x11fc  Win FW state via NFP2: enabled
18:45:24.0542 0x11fc  ============================================================
18:45:24.0542 0x11fc  Scan finished
18:45:24.0542 0x11fc  ============================================================
18:45:24.0542 0x1464  Detected object count: 2
18:45:24.0542 0x1464  Actual detected object count: 2
18:46:03.0111 0x1464  WheelMouse ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:03.0111 0x1464  WheelMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:46:03.0126 0x1464  GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
18:46:03.0126 0x1464  GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:47:53.0392 0x1158  Deinitialize success
         

Die wh_exec.exe war der Konfigurator meiner ersten Gaming-Mouse.
Die hid.exe ist der Treiber bzw Konifgurator meiner aktuellen Maus (Sharkoon Drakonia).

Kannst du mir denn sagen, was ich denn hab? Und ob ich rechtzeitig abgebrochen hab bei der .scr Datei da ?

Dank dir für den schnellen Support!

Alt 01.06.2015, 11:46   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Nee da ist schon Arbeit

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.06.2015, 14:14   #10
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Erstmal dank dir für den schnellen Support. Ihr kriegt definitiv eine kleine Spende von mir.
Sieht es denn nach einem Keylogger aus? Hab mich zwar seit ungefähr ner Woche nirgendswo außer Steam eingeloggt und da kommt er sowieso ohne E-Mail Bestätigung rein.
Oder sind es böse Jungs, die schon seit längerem hier drum schlummern

Combofix:

Code:
ATTFilter
ComboFix 15-05-31.01 - Yusa-Enes 01.06.2015  14:57:15.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.6046.3873 [GMT 2:00]
ausgeführt von:: c:\users\Yusa-Enes\Downloads\ComboFix.exe
AV: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\tmpFF64.tmp
c:\windows\SysWow64\tmpFF85.tmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-01 bis 2015-06-01  ))))))))))))))))))))))))))))))
.
.
2015-06-01 13:06 . 2015-06-01 13:06	--------	d-----w-	c:\users\TEMP\AppData\Local\temp
2015-06-01 13:06 . 2015-06-01 13:06	--------	d-----w-	c:\users\TEMP.Yusa-Enes-PC\AppData\Local\temp
2015-06-01 13:06 . 2015-06-01 13:06	--------	d-----w-	c:\users\hedev\AppData\Local\temp
2015-05-31 05:12 . 2015-05-31 19:53	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-31 02:53 . 2015-05-31 03:02	--------	d-----w-	C:\FRST
2015-05-30 15:36 . 2015-05-03 03:16	12214312	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{B213FD34-9D0D-47A9-9B60-E783E2CDDD52}\mpengine.dll
2015-05-29 22:09 . 2015-05-29 22:17	--------	d-----w-	c:\users\Yusa-Enes\AppData\Local\Ubisoft Game Launcher
2015-05-29 22:08 . 2015-05-29 22:08	--------	d-----w-	c:\program files (x86)\Ubisoft
2015-05-29 21:40 . 2015-05-29 21:40	--------	d-----w-	C:\cache
2015-05-19 23:07 . 2015-05-19 23:07	--------	d-----w-	c:\program files\7-Zip
2015-05-19 02:57 . 2015-05-19 02:57	--------	d-----w-	c:\users\Yusa-Enes\AppData\Local\Opera Software
2015-05-19 02:57 . 2015-05-19 02:57	--------	d-----w-	c:\users\Yusa-Enes\AppData\Roaming\Opera Software
2015-05-19 02:57 . 2015-05-20 14:19	--------	d-----w-	c:\program files (x86)\Opera
2015-05-15 14:29 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 14:29 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:56 . 2015-05-05 01:29	342016	----a-w-	c:\windows\system32\schannel.dll
2015-05-13 13:56 . 2015-05-05 01:12	248832	----a-w-	c:\windows\SysWow64\schannel.dll
2015-05-13 13:56 . 2015-04-18 03:10	460800	----a-w-	c:\windows\system32\certcli.dll
2015-05-13 13:56 . 2015-04-18 02:56	342016	----a-w-	c:\windows\SysWow64\certcli.dll
2015-05-13 13:54 . 2015-04-20 03:17	1179136	----a-w-	c:\windows\system32\FntCache.dll
2015-05-12 21:05 . 2015-05-19 23:09	--------	d-----w-	c:\programdata\WinZip
2015-05-10 19:45 . 2015-05-10 19:46	--------	d-----w-	c:\program files (x86)\Football Manager 2015 Editor
2015-05-10 19:38 . 2015-05-18 21:33	--------	d-----w-	c:\program files (x86)\Football Manager 2015
2015-05-08 20:26 . 2015-05-10 19:36	--------	d-----w-	c:\program files (x86)\Sports Interactive
2015-05-05 19:41 . 2015-05-31 15:33	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-05 19:41 . 2015-05-31 15:33	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-05-05 19:41 . 2015-05-05 19:41	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-05-05 19:41 . 2015-04-14 07:37	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-20 14:15 . 2013-03-05 09:03	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-20 14:15 . 2013-03-05 09:03	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-15 14:34 . 2012-08-28 21:15	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-04-27 19:04 . 2015-05-13 13:55	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-17 19:16 . 2014-06-21 16:58	189248	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-04-17 19:16 . 2014-06-21 16:58	75136	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-04-14 19:30 . 2015-04-14 19:30	18178736	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-04-14 07:37 . 2013-01-20 01:57	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-04-14 01:38 . 2015-04-14 01:38	1217192	----a-w-	c:\windows\SysWow64\FM20.DLL
2015-03-25 03:24 . 2015-04-15 18:16	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 18:16	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 18:16	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 18:16	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 18:16	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 18:16	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 18:16	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 18:16	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 18:16	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 18:16	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 18:16	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 18:16	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 18:16	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 18:16	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 18:16	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 18:16	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 18:16	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 18:16	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 18:16	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 18:16	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 18:16	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 18:16	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:24 . 2015-04-15 18:16	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:17 . 2015-04-15 18:16	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-12 19:04 . 2015-03-12 19:05	1192533	----a-w-	c:\windows\unins000.exe
2015-03-10 03:25 . 2015-04-15 18:16	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 18:15	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 18:16	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 18:15	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 18:16	404480	----a-w-	c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 18:16	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-03-04 04:55 . 2015-04-15 18:14	367552	----a-w-	c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 18:14	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-13 13:54	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-13 13:54	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-15 18:14	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-13 13:54	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-13 13:54	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-13 13:54	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2005-07-14 11:31	32256	--sh--w-	c:\windows\SysWOW64\AVSredirect.dll
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2004-01-24 23:00	70656	--sh--w-	c:\windows\SysWOW64\i420vfw.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
2012-10-05 18:54	188416	--sha-r-	c:\windows\SysWOW64\winDCE32.dll
2004-01-24 22:00	70656	--sh--w-	c:\windows\SysWOW64\yv12vfw.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-05-15 2888384]
"WLAN Optimizer"="c:\users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe" [2009-08-07 109056]
"Spotify Web Helper"="c:\users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-08-07 1178168]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-11-29 284440]
"Lenovo Registration"="c:\program files (x86)\Lenovo Registration\LenovoReg.exe" [2012-01-26 4351712]
"VeriFaceManager"="c:\program files (x86)\Lenovo\VeriFace\PManage.exe" [2012-07-15 329056]
"LockKey"="c:\program files (x86)\LockKey\LockKey.exe" [2011-08-25 337776]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"Dolby Advanced Audio v2"="c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe" [2011-12-20 507744]
"VolPanel"="c:\program files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe" [2010-12-08 241757]
"GamingMouse"="c:\program files (x86)\Drakonia Configurator\hid.exe" [2013-10-29 248832]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO;c:\users\YUSA-E~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\YUSA-E~1\AppData\Local\Temp\ALSysIO64.sys [x]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys;c:\windows\SYSNATIVE\Drivers\ANDROIDUSB.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 vm332avs;Lenovo Camera2;c:\windows\system32\Drivers\vm332avs.sys;c:\windows\SYSNATIVE\Drivers\vm332avs.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wolf;wolf;c:\program files (x86)\Joygame\WolfTeamTS\avital\wolf64.sys;c:\program files (x86)\Joygame\WolfTeamTS\avital\wolf64.sys [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 DamageGuard;DamageGuard;c:\windows\system32\DRIVERS\DamageGuardX64.sys;c:\windows\SYSNATIVE\DRIVERS\DamageGuardX64.sys [x]
R4 DamageGuardSvc;Lenovo Instant Reset Service;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe;c:\program files\Lenovo\Instant Reset\DamageGuardSvc.exe [x]
R4 dgFltr;dgFltr;c:\windows\system32\drivers\dgFltrX64.sys;c:\windows\SYSNATIVE\drivers\dgFltrX64.sys [x]
S0 fbfmon;fbfmon;c:\windows\system32\drivers\fbfmon.sys;c:\windows\SYSNATIVE\drivers\fbfmon.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 LHDmgr;LHDmgr;c:\windows\System32\DRIVERS\LhdX64.sys;c:\windows\SYSNATIVE\DRIVERS\LhdX64.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 BPntDrv;BPntDrv;c:\windows\system32\drivers\BPntDrv.sys;c:\windows\SYSNATIVE\drivers\BPntDrv.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vToolbarUpdater18.5.0;vToolbarUpdater18.5.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.5.0\ToolbarUpdater.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 ACPIVPC;Lenovo Virtual Power Controller Driver;c:\windows\system32\DRIVERS\AcpiVpc.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiVpc.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MOBIOLA_Wave;Mobiola Wave Audio Device (WDM);c:\windows\system32\drivers\mobiolawave.sys;c:\windows\SYSNATIVE\drivers\mobiolawave.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-05-26 09:33	986440	----a-w-	c:\program files (x86)\Google\Chrome\Application\43.0.2357.81\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-05 14:15]
.
2015-02-16 c:\windows\Tasks\DriverEasy Scheduled Scan.job
- c:\program files\Easeware\DriverEasy\DriverEasy.exe [2014-09-16 01:55]
.
2015-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08 16:51]
.
2015-06-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08 16:51]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\VeriFace Enc]
@="{771C7324-DA80-49D3-8017-753B0AF60951}"
[HKEY_CLASSES_ROOT\CLSID\{771C7324-DA80-49D3-8017-753B0AF60951}]
2012-07-15 08:23	1508192	----a-w-	c:\windows\System32\IcnOvrly.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Energy Management"="c:\program files (x86)\Lenovo\Energy Management\Energy Management.exe" [2012-07-15 8079408]
"EnergyUtility"="c:\program files (x86)\Lenovo\Energy Management\Utility.exe" [2012-07-15 6202416]
"Lenovo EE Boot Optimizer"="c:\program files (x86)\Lenovo\Boot Optimizer\PopWnd.exe" [2012-07-15 206176]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-03-07 4081008]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-12-13 2531472]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-12-13 2824504]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-12-15 564352]
"SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2011-12-06 1654400]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = www.google.com
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = www.google.com
IE: An OneNote s&enden - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{4BDC41D4-B1EB-4C94-9D14-78A73EDE6536}: DhcpNameServer = 192.168.2.1
TCP: Interfaces\{6425074E-F29D-46B6-B8FC-2A2891C4B2C7}: NameServer = 77.109.138.45,77.109.139.29
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.5.0\ViProtocol.dll
FF - ProfilePath - c:\users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
Toolbar-Locked - (no file)
Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} - (no file)
ShellIconOverlayIdentifiers-{62CCD8E3-9C21-41E1-B55E-1E26DFC68511} - (no file)
ShellIconOverlayIdentifiers-{A759AFF6-5851-457D-A540-F4ECED148351} - (no file)
ShellIconOverlayIdentifiers-{1574C9EF-7D58-488F-B358-8B78C1538F51} - (no file)
AddRemove-CoreAAC Audio Decoder - c:\windows\system32\CoreAAC-uninstall.exe
AddRemove-{1AA94747-3BF6-4237-9E1A-7B3067738FE1} - c:\program files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\setup.exe
AddRemove-ApplicationUpdater - c:\users\Yusa-Enes\AppData\Local\Sony Online Entertainment\ApplicationUpdater\Uninstaller.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*`*ì*<%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*ó*×*%\OpenWithList]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**%’%T%]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1005\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**%’%T%]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-921053363-3756481614-3739615417-1006\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.**%’%T%]
@Allowed: (Read) (RestrictedCode)
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-06-01  15:09:32
ComboFix-quarantined-files.txt  2015-06-01 13:09
.
Vor Suchlauf: 32 Verzeichnis(se), 134.312.304.640 Bytes frei
Nach Suchlauf: 43 Verzeichnis(se), 134.172.401.664 Bytes frei
.
- - End Of File - - 36806ED1189313F2CEEB5E6A7C559129
         

Alt 02.06.2015, 06:09   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.06.2015, 00:45   #12
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.06.2015
Suchlauf-Zeit: 22:47:51
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.02.05
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Yusa-Enes

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 636495
Verstrichene Zeit: 52 Min, 42 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Adwcleaner:
Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 03/06/2015 um 00:14:04
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Yusa-Enes - YUSA-ENES-PC
# Gestarted von : C:\Users\Yusa-Enes\Downloads\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : vToolbarUpdater18.5.0

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Avg_Update_0814tb
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\AVG Security Toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Windows\Util
Ordner Gelöscht : C:\Users\Der Chef\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Der Chef\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Hayrunnisa\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Hayrunnisa\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Sebiha\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Sebiha\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Yusa-Enes\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\Yusa-Enes\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\Yusa-Enes\AppData\Roaming\FoxTab
Ordner Gelöscht : C:\Users\Hayrunnisa\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Ordner Gelöscht : C:\Users\Sebiha\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Ordner Gelöscht : C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Ordner Gelöscht : C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Datei Gelöscht : C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dchmpbaclbiioedakpcldenooikekokm
Datei Gelöscht : C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ieadcoanfjloocmfafkebdnfefmohngj_0.localstorage-journal
Datei Gelöscht : C:\Users\Yusa-Enes\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_st.chatango.com_0.localstorage
Datei Gelöscht : C:\Users\Yusa-Enes\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Geplante Tasks ] *****

Task Gelöscht : DriverEasy Scheduled Scan

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Avg Secure Update
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\AVG Security Toolbar
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Avg Secure Update
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v37.0.2 (x86 de)


-\\ Google Chrome v43.0.2357.81


-\\ Chromium v


-\\ Opera v29.0.1795.60


*************************

AdwCleaner[R0].txt - [8049 Bytes] - [02/06/2015 23:53:22]
AdwCleaner[S0].txt - [7779 Bytes] - [03/06/2015 00:14:04]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7838  Bytes] ##########
         
Junktool Removal-Tool:

und zwar will ich noch eine Notiz hier hinzufügen:
Nachdem ich die beliebige Taste gedrückt habe, habe ich ausversehen Chrome gestartet. Der hat es aber sofort wieder geclosed. Ist das schlimm bzw soll ich nochmal einen Scan durchführen lassen? Das war am Anfang..da hat er im cmd noch nicht Chrome abgecheckt.

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.7 (06.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Yusa-Enes on 03.06.2015 at  1:33:38,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\syswow64\shoE210.tmp



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\microsoft\windows\start menu\programs\drivereasy
Successfully deleted: [Folder] C:\Users\Yusa-Enes\appdata\local\crashrpt
Successfully deleted: [Folder] C:\Users\Yusa-Enes\AppData\Roaming\getrighttogo



~~~ FireFox

Successfully deleted: [File] C:\Users\Yusa-Enes\AppData\Roaming\mozilla\firefox\profiles\vnqy7hge.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
Successfully deleted: [Folder] C:\Users\Yusa-Enes\AppData\Roaming\mozilla\firefox\profiles\vnqy7hge.default\extensions\staged
Emptied folder: C:\Users\Yusa-Enes\AppData\Roaming\mozilla\firefox\profiles\vnqy7hge.default\minidumps [44 files]



~~~ Chrome


[C:\Users\Yusa-Enes\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Yusa-Enes\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Yusa-Enes\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Yusa-Enes\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  dchmpbaclbiioedakpcldenooikekokm
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.06.2015 at  1:37:24,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 03.06.2015, 00:46   #13
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Yusa-Enes (administrator) on YUSA-ENES-PC on 03-06-2015 00:22:38
Running from C:\Users\Yusa-Enes\Downloads
Loaded Profiles: Yusa-Enes (Available Profiles: Yusa-Enes & Sebiha & Der Chef & Hayrunnisa)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(none) C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe
(Spotify Ltd) C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe
(NVIDIA Corporation) C:\Users\Yusa-Enes\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
( ) C:\Program Files (x86)\LockKey\LockKey.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Opera Software) C:\Program Files (x86)\Opera\launcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_autoupdate.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [8079408 2012-07-15] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [6202416 2012-07-15] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo EE Boot Optimizer] => C:\Program Files (x86)\Lenovo\Boot Optimizer\PopWnd.exe [206176 2012-07-15] (Lenovo)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [564352 2011-12-15] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1654400 2011-12-06] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [Lenovo Registration] => C:\Program Files (x86)\Lenovo Registration\LenovoReg.exe [4351712 2012-01-26] (Lenovo, Inc.)
HKLM-x32\...\Run: [VeriFaceManager] => C:\Program Files (x86)\Lenovo\VeriFace\PManage.exe [329056 2012-07-15] (Lenovo)
HKLM-x32\...\Run: [LockKey] => C:\Program Files (x86)\LockKey\LockKey.exe [337776 2011-08-25] ( )
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-20] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\Sound Blaster Play\Volume Panel\VolPanlu.exe [241757 2010-12-08] (Creative Technology Ltd)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-02] (Valve Corporation)
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [WLAN Optimizer] => C:\Users\Yusa-Enes\Desktop\wopt021\WLAN Optimizer.exe [109056 2009-08-07] (none)
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Run: [Spotify Web Helper] => C:\Users\Yusa-Enes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-08-07] (Spotify Ltd)
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [174296 2014-03-04] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [148016 2014-03-04] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} =>  No File
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} =>  No File
ShellIconOverlayIdentifiers: [VeriFace Enc] -> {771C7324-DA80-49D3-8017-753B0AF60951} => C:\Windows\system32\IcnOvrly.dll [2012-07-15] ()
GroupPolicyUsers\S-1-5-21-921053363-3756481614-3739615417-1002\User: Group Policy Restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-921053363-3756481614-3739615417-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-921053363-3756481614-3739615417-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7LENN
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-10-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-10-17] (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-04-28] (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-25] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{6425074E-F29D-46B6-B8FC-2A2891C4B2C7}: [NameServer] 77.109.138.45,77.109.139.29

FireFox:
========
FF ProfilePath: C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-20] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-10-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2012-06-28] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-20] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-12-19] (Nero AG)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-15] (Google Inc.)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.19 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2012-01-14] (Veetle Inc)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-09-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-921053363-3756481614-3739615417-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-05-30] ()
FF Extension: ADB Helper - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\adbhelper@mozilla.org [2015-04-22]
FF Extension: Battlefield Play4Free - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\battlefieldplay4free@ea.com [2015-04-17]
FF Extension: Valence - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\fxdevtools-adapters@mozilla.org [2015-04-22]
FF Extension: NoScript - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-01]
FF Extension: Video DownloadHelper - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-04-22]
FF Extension: Adblock Plus - C:\Users\Yusa-Enes\AppData\Roaming\Mozilla\Firefox\Profiles\vnqy7hge.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-29]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-08-30]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-921053363-3756481614-3739615417-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-30]
CHR Extension: (Google Docs) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-08]
CHR Extension: (Google Drive) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-08]
CHR Extension: (YouTube) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-08]
CHR Extension: (Battlefield Heroes) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2013-11-08]
CHR Extension: (Adblock Plus) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-20]
CHR Extension: (Google Search) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-08]
CHR Extension: (FoxyProxy Standard) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcknhkkoolaabfmlnjonogaaifnjlfnp [2014-10-12]
CHR Extension: (Bookmark Manager) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (ProxMate) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifalmiidchkjjmkkbkoaibpmoeichmki [2014-05-21]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Google Wallet) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08]
CHR Extension: (Soundload) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\obeamklhbmaapccdahgeafnpfkdkbimo [2014-05-13]
CHR Extension: (Gmail) - C:\Users\Yusa-Enes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [119424 2012-04-28] (Atheros Commnucations) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-12-23] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2014-12-23] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
S4 DamageGuardSvc; C:\Program Files\Lenovo\Instant Reset\DamageGuardSvc.exe [572976 2012-03-26] (Lenovo (Beijing) Limited)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-28] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [33080 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2011-03-31] () [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-04-17] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2015-04-17] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [163456 2012-04-28] (Atheros) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-01-14] ()
S4 DamageGuard; C:\Windows\System32\DRIVERS\DamageGuardX64.sys [217392 2012-02-10] (Lenovo)
S4 dgFltr; C:\Windows\System32\drivers\dgFltrX64.sys [23648 2011-12-13] (Lenovo)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-09-23] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2012-03-02] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-01-14] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 ALSysIO; \??\C:\Users\YUSA-E~1\AppData\Local\Temp\ALSysIO64.sys [X]
U3 BcmSqlStartupSvc; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 CLKMSVC10_3A60B698; No ImagePath
U2 CLKMSVC10_C3B3B687; No ImagePath
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
U2 DriverService; No ImagePath
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
U2 iATAgentService; No ImagePath
U2 idealife Update Service; No ImagePath
U3 IGRS; No ImagePath
U2 IviRegMgr; No ImagePath
U2 Oasis2Service; No ImagePath
U2 PCCarerService; No ImagePath
U2 ReadyComm.DirectRouter; No ImagePath
U2 RichVideo; No ImagePath
S3 RSUSBVSTOR; System32\Drivers\RtsUVStor.sys [X]
U2 RtLedService; No ImagePath
U2 SeaPort; No ImagePath
U2 SoftwareService; No ImagePath
U3 SQLWriter; No ImagePath
S3 vm332avs; System32\Drivers\vm332avs.sys [X]
S3 wolf; \??\C:\Program Files (x86)\Joygame\WolfTeamTS\avital\wolf64.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AcpiVpc.sys 5E813B11629007309E4FC0F0FD2B7C30
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys 90C53BD47979FB8814F465A08B885102
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\btath_flt.sys 78B183A794A08978EA0A8D017054352B
C:\Windows\System32\DRIVERS\athrx.sys 6C496450404ABDC887E56DF462B34255
C:\Windows\System32\DRIVERS\atksgt.sys FC0E8778C000291CAF60EB88C011E931
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\System32\drivers\BPntDrv.sys AAA4F992F879977A000FE8B8C730CD2C
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bridge.sys 5C2F352A4E961D72518261257AAE204B
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\System32\drivers\btath_a2dp.sys EDEBD26DF631A78483707C3F7429027F
C:\Windows\System32\drivers\btath_avdt.sys 2F22177BFEA75326DC0C535D71985A4E
C:\Windows\System32\DRIVERS\btath_bus.sys D438A33D568C76C24E8D7394981F42DC
C:\Windows\System32\DRIVERS\btath_hcrp.sys 6EFA8C93009E0BE0886C2422C7D20BC5
C:\Windows\System32\DRIVERS\btath_lwflt.sys 168506D0F0C8DF588F8A7E25C58A2DE6
C:\Windows\System32\DRIVERS\btath_rcp.sys 7C8FB1D73BD279DD914CCA6ED0F4F62B
C:\Windows\System32\DRIVERS\btfilter.sys 58D67C18894F96E89C076150BB76AD40
C:\Windows\system32\drivers\BthEnum.sys CF98190A94F62E405C8CB255018B2315
C:\Windows\System32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bthpan.sys 02DD601B708DD0667E1331FA8518E9FF
C:\Windows\System32\Drivers\BTHport.sys 738D0E9272F59EB7A1449C3EC118E6C4
C:\Windows\System32\Drivers\BTHUSB.sys F188B7394D81010767B6DF3178519A37
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 404B7DF9CA4D1CB675045AF220FF3285
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys 27667A788130A7F7A5858DE27572E6D7
C:\Windows\System32\drivers\CHDRT64.sys 9F6DE1995A188615CEEE908E750A34ED
C:\Windows\System32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\DamageGuardX64.sys 56F4750B7F0CE969E43DE2A76DDA5A5F
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\dgFltrX64.sys 5014042B07FE6CBE0E6C737AA3F1EBFC
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dtsoftbus01.sys 46571ED73AE84469DCA53081D33CF3C8
C:\Windows\System32\drivers\dxgkrnl.sys 87CE5C8965E101CCCED1F4675557E868
C:\Windows\System32\DRIVERS\eamonm.sys D00EAE9C735A7DEE8049E50D73D25434
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ehdrv.sys E5EDDE3C8158DD0CBC5812F201DCDED0
C:\Windows\System32\Drivers\ElbyCDIO.sys BE2902E13CA69383F449B6BF927844FB
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\epfwwfpr.sys 3EBB7FD3C605262B942868A1D840F4F1
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 4B18C33EEDD15BD2AAF99807D36555B3
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\System32\drivers\fbfmon.sys 0BDD7984DB7AAFF6DFEFD11D82D473DB
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys B16B626996C74B564005BA855C5DEE90
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hamachi.sys 1E6438D4EA6E1174A3B3B1EDC4DE660B
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys F61634BEC53F73702A10DE69F6DCAF57
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys C224331A54571C8C9162F7714400BBBD
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys 142CFBE6ED0E498CCA7ABE8DD932C1AF
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\IntcDAud.sys 8E4044C6B71B2F837166F6EDB6BF9100
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys 846354992EBB373F452EB9182D501B08
C:\Windows\System32\DRIVERS\iusb3hub.sys 1D88A23853387D34D52CC8F9DDBFC56C
C:\Windows\System32\DRIVERS\iusb3xhc.sys FC5EFD7C797DF19DFB999F0605A7924E
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys F7DFAE6040AC910B7C64EE208A34157D
C:\Windows\System32\Drivers\ksecpkg.sys 8FE94F2EF9BF444E93E35D87E210D02F
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys FC741259B7C22379EE83257D7CF91151
C:\Windows\System32\DRIVERS\LhdX64.sys BE166935083F9C38EDFDC21B9A7A679B
C:\Windows\System32\DRIVERS\lirsgt.sys 156AB2E56DC3CA0B582E3362E07CDED7
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mbam.sys 1E9E32AEC3E1EB1B31B8169F33168B56
C:\Windows\system32\drivers\mwac.sys F49FB3C88E263AE9A246593B0BB29294
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys 6B01B7414A105B9E51652089A03027CF
C:\Windows\System32\drivers\mobiolawave.sys 14F31D60A6C0D73DE9836EDC8F304E83
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 87BCD1034CBF33537D4D4C251D39BA26
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys AE3334958D8F631FF14A0AEB3D7EFB3A
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvlddmkm.sys 757ACE4D4C9FF0571F86AA5D586B45E8
C:\Windows\System32\DRIVERS\nvpciflt.sys 445422B928D2FE322BB6B956EA77DC7B
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 0C4A0D577A6EF1B9D353851668779944
C:\Windows\System32\drivers\nvvad64v.sys DBFE7B2DF103F74AE51840B3C5F25FE9
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ED6E75158D28D33A2E2A020AC5B2B59D
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\drivers\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rfcomm.sys 3DD798846E2C28102B922C56E71B7932
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Sftfslh.sys 21AB491BBCC8C1B26FDC402A374AB196
C:\Windows\System32\DRIVERS\Sftplaylh.sys 3B8D43FEEFF7A187534DDDFD675FE123
C:\Windows\System32\DRIVERS\Sftredirlh.sys F1D1B1DC7A8765A09D7640FBF8D20970
C:\Windows\System32\DRIVERS\Sftvollh.sys B3B9ADE7F8C4AF0C20E712E040588543
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\SysWow64\speedfan.sys 0FFE35F0B0CD5A324BBE22F02569AE3B
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys 3C32FF010F869BC184DF71290477384E
C:\Windows\System32\DRIVERS\tap0901t.sys B08740047145B9BCE15BF75CA0F9718A
C:\Windows\System32\DRIVERS\taphss6.sys BCF5E78E87D258088346E399E406E501
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 70988118145F5F10EF24720B97F35F65
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\tpm.sys DBCC20C02E8A3E43B03C304A4E40A84F
C:\Windows\System32\DRIVERS\tssecsrv.sys E232A3B43A894BB327FC161529BD9ED1
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\system32\drivers\TsUsbGD.sys 9CC2CCAE8A84820EAECB886D477CBCB8
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\system32\drivers\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\system32\drivers\usb8023x.sys 7B28E2FBE75115660FAB31079C0A9F29
C:\Windows\System32\DRIVERS\VClone.sys 3C8E2C591345F38149C69FE8E5DF8C90
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wsvd.sys 83575C43B2BFE9AB0661A7F957E843C0
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\system32\drivers\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 2EE48CFCE7CA8E0DB4C44C7476C0943B

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Three Months Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-02 23:53 - 2015-06-03 00:15 - 00000000 ____D () C:\AdwCleaner
2015-06-02 23:53 - 2015-06-02 23:53 - 02231296 _____ () C:\Users\Yusa-Enes\Downloads\AdwCleaner_4.206.exe
2015-06-02 19:22 - 2015-06-02 19:22 - 00594982 _____ () C:\Users\Yusa-Enes\Downloads\Carlotta, Band 4- Carlotta - Internat und Prinzenball (2)
2015-06-02 19:13 - 2015-06-02 19:13 - 00594982 _____ () C:\Users\Yusa-Enes\Downloads\Carlotta, Band 4- Carlotta - Internat und Prinzenball (1)
2015-06-02 19:13 - 2015-06-02 19:13 - 00594982 _____ () C:\Users\Yusa-Enes\Downloads\Carlotta, Band 4- Carlotta - Internat und Prinzenball
2015-06-01 15:09 - 2015-06-01 15:09 - 00033057 _____ () C:\ComboFix.txt
2015-06-01 14:53 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-06-01 14:53 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-06-01 14:53 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-01 14:53 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-01 14:53 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-01 14:53 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-06-01 14:53 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-06-01 14:53 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-06-01 14:52 - 2015-06-01 15:09 - 00000000 ____D () C:\Qoobox
2015-06-01 14:51 - 2015-06-01 15:08 - 00000000 ____D () C:\Windows\erdnt
2015-06-01 14:50 - 2015-06-01 14:50 - 05628238 ____R (Swearware) C:\Users\Yusa-Enes\Downloads\ComboFix.exe
2015-05-31 22:14 - 2015-05-31 22:14 - 00000363 _____ () C:\Users\Yusa-Enes\Desktop\nod32.txt
2015-05-31 18:40 - 2015-05-31 18:40 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Yusa-Enes\Downloads\tdsskiller44.exe
2015-05-31 16:15 - 2015-05-31 16:15 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\rootkit
2015-05-31 07:12 - 2015-05-31 21:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-31 07:10 - 2015-05-31 07:11 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Yusa-Enes\Downloads\mbar-1.09.1.1004.exe
2015-05-31 05:15 - 2015-05-31 05:15 - 00041839 _____ () C:\Users\Yusa-Enes\Downloads\frst-addition-ykay.rar
2015-05-31 05:02 - 2015-05-31 05:02 - 00111590 _____ () C:\Users\Yusa-Enes\Downloads\Shortcut.txt
2015-05-31 04:58 - 2015-05-31 05:02 - 00069757 _____ () C:\Users\Yusa-Enes\Downloads\Addition.txt
2015-05-31 04:54 - 2015-06-03 00:25 - 00046817 _____ () C:\Users\Yusa-Enes\Downloads\FRST.txt
2015-05-31 04:53 - 2015-06-03 00:22 - 00000000 ____D () C:\FRST
2015-05-31 04:52 - 2015-05-31 04:53 - 02108928 _____ (Farbar) C:\Users\Yusa-Enes\Downloads\FRST64.exe
2015-05-30 13:17 - 2015-06-03 00:16 - 00002560 _____ () C:\Windows\PFRO.log
2015-05-30 00:09 - 2015-05-30 00:17 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Ubisoft Game Launcher
2015-05-30 00:08 - 2015-05-30 00:08 - 00001212 _____ () C:\Users\Yusa-Enes\Desktop\Uplay.lnk
2015-05-30 00:08 - 2015-05-30 00:08 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-05-30 00:08 - 2015-05-30 00:08 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2015-05-29 23:46 - 2015-05-29 23:46 - 24088192 _____ () C:\Users\Yusa-Enes\Downloads\UbisoftGameLauncherInstaller.exe
2015-05-29 23:40 - 2015-05-29 23:40 - 00000000 ____D () C:\cache
2015-05-28 21:05 - 2015-05-28 21:05 - 00004863 _____ () C:\Users\Yusa-Enes\Downloads\php.ini
2015-05-28 15:16 - 2015-05-28 15:19 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\y22_db_2015_05_28_16_12.sql
2015-05-28 15:15 - 2015-05-28 15:15 - 01928410 _____ () C:\Users\Yusa-Enes\Downloads\y22_db_2015_05_28_16_12.sql.gz
2015-05-27 11:01 - 2015-05-27 11:08 - 00000027 _____ () C:\Users\Yusa-Enes\Desktop\osw.txt
2015-05-26 16:26 - 2015-05-26 16:27 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4 (1)
2015-05-26 16:25 - 2015-05-26 16:26 - 00659416 _____ () C:\Users\Yusa-Enes\Downloads\MySQLDumper1.24.4 (1).zip
2015-05-26 15:57 - 2015-05-26 15:57 - 00034024 _____ () C:\Users\Yusa-Enes\Downloads\AUD-20150520-WA0009.aac
2015-05-20 16:08 - 2015-05-20 16:08 - 00431880 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-20 01:11 - 2015-05-20 01:11 - 00000154 _____ () C:\Windows\DirectX.log
2015-05-20 01:08 - 2015-05-20 01:08 - 00118496 _____ () C:\Users\Yusa-Enes\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-20 01:07 - 2015-05-20 01:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-05-20 01:07 - 2015-05-20 01:07 - 00000000 ____D () C:\Program Files\7-Zip
2015-05-20 01:05 - 2015-05-20 01:05 - 01376768 _____ () C:\Users\Yusa-Enes\Downloads\7z920-x64.msi
2015-05-19 21:53 - 2015-05-19 21:53 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\3dduke13
2015-05-19 21:52 - 2015-05-19 21:53 - 05910927 _____ () C:\Users\Yusa-Enes\Downloads\3dduke13.zip
2015-05-19 14:44 - 2015-06-03 00:17 - 00008512 _____ () C:\Windows\setupact.log
2015-05-19 14:44 - 2015-05-19 14:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-19 04:57 - 2015-06-02 16:19 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-19 04:57 - 2015-05-20 16:19 - 00003860 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432004247
2015-05-19 04:57 - 2015-05-19 04:57 - 00001146 _____ () C:\Users\Public\Desktop\Opera.lnk
2015-05-19 04:57 - 2015-05-19 04:57 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-05-19 04:57 - 2015-05-19 04:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Opera Software
2015-05-19 04:57 - 2015-05-19 04:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Opera Software
2015-05-19 04:56 - 2015-05-19 04:57 - 33411912 _____ (Opera Software) C:\Users\Yusa-Enes\Downloads\Opera_29.0.1795.47_Setup.exe
2015-05-18 16:05 - 2015-05-18 16:05 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Trey Songz - Intermission I & II
2015-05-18 16:01 - 2015-05-18 16:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Jamie Foxx - Hollywood A Story of a Dozen Roses (Deluxe Version) [SR]-ULGang
2015-05-18 16:00 - 2015-05-18 16:00 - 62105255 _____ () C:\Users\Yusa-Enes\Downloads\Jamie Foxx - Hollywood A Story of a Dozen Roses (Deluxe Version) [SR]-ULGang.zip
2015-05-18 15:46 - 2015-05-18 15:51 - 108619398 _____ () C:\Users\Yusa-Enes\Downloads\Trey Songz - Intermission I & II.zip
2015-05-18 15:42 - 2015-05-18 17:24 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Black 18.05.2015
2015-05-15 16:29 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-15 16:29 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:46 - 2015-05-13 23:47 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\sacred_gold_schote.biz.7z
2015-05-13 23:34 - 2015-05-13 23:39 - 209715200 _____ () C:\Users\Yusa-Enes\Downloads\sacred_gold_schote.biz.7z.001
2015-05-13 23:34 - 2015-05-13 23:38 - 185491944 _____ () C:\Users\Yusa-Enes\Downloads\sacred_gold_schote.biz.7z.002
2015-05-13 15:56 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 15:56 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 15:56 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 15:56 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 15:55 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 15:55 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 15:55 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 15:55 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 15:55 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 15:55 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 15:55 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 15:55 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 15:55 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 15:55 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 15:55 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 15:55 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 15:55 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 15:55 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 15:55 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 15:55 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 15:55 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 15:55 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 15:55 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 15:55 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 15:55 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 15:55 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 15:55 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 15:55 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 15:55 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 15:55 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 15:55 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 15:55 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 15:55 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 15:55 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 15:55 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 15:55 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 15:55 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 15:55 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 15:55 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 15:55 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 15:55 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 15:55 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 15:55 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 15:55 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 15:55 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 15:55 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 15:55 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 15:55 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 15:55 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 15:55 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 15:55 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 15:55 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 15:55 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 15:55 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 15:55 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 15:55 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 15:55 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 15:55 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 15:55 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 15:55 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 15:55 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 15:55 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 15:55 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 15:55 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 15:55 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 15:55 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 15:55 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 15:55 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 15:55 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 15:55 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 15:55 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 15:55 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 15:55 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 15:55 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 15:55 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 15:55 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 15:55 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 15:55 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 15:55 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 15:55 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 15:55 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 15:55 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 15:55 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 15:55 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 15:55 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 15:55 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 15:55 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 15:55 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 15:55 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 15:55 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 15:55 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 15:54 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 15:54 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 15:54 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 15:54 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 15:54 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 15:54 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 15:54 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 15:54 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 15:54 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 15:54 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 15:54 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 15:54 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 15:54 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 15:54 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 15:54 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 15:54 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 15:54 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 15:54 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 23:06 - 2015-05-12 23:06 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\Add-in Express
2015-05-12 23:05 - 2015-05-20 01:09 - 00000000 ____D () C:\ProgramData\WinZip
2015-05-11 20:56 - 2015-05-11 22:16 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Black 11.05.2015
2015-05-10 21:45 - 2015-05-10 21:46 - 00000000 ____D () C:\Program Files (x86)\Football Manager 2015 Editor
2015-05-10 21:43 - 2015-05-10 21:43 - 00001967 _____ () C:\Users\Yusa-Enes\Desktop\Football Manager 2015.lnk
2015-05-10 21:43 - 2015-05-10 21:43 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Football Manager 2015
2015-05-10 21:38 - 2015-05-18 23:33 - 00000000 ____D () C:\Program Files (x86)\Football Manager 2015
2015-05-10 14:47 - 2015-05-10 14:47 - 09132716 _____ () C:\Users\Yusa-Enes\Downloads\FM15_Deutsch_V13.rar
2015-05-10 14:47 - 2015-05-10 14:47 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\FM15_Deutsch_V13
2015-05-10 03:39 - 2015-05-10 03:39 - 10382349 _____ () C:\Users\Yusa-Enes\Downloads\FMRTE 15 build 16 llpplplp.rar
2015-05-10 03:39 - 2015-05-10 03:39 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\FMRTE 15 build 16 llpplplp
2015-05-10 02:52 - 2015-01-21 17:57 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\db
2015-05-10 02:52 - 2015-01-18 21:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\update_1520
2015-05-10 02:52 - 2015-01-18 21:01 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\languages
2015-05-10 02:52 - 2015-01-18 19:14 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\match_languages
2015-05-09 23:56 - 2015-05-09 23:56 - 00041561 _____ () C:\Users\Yusa-Enes\Downloads\all.zip
2015-05-09 21:55 - 2015-05-09 21:55 - 00368891 _____ () C:\.dbc.bak
2015-05-09 21:40 - 2015-05-10 22:59 - 00369159 _____ () C:\.dbc
2015-05-09 21:38 - 2015-05-09 21:38 - 00367075 _____ () C:\.dbc.dbc
2015-05-08 22:38 - 2015-05-08 22:38 - 01041010 _____ () C:\Users\Yusa-Enes\Downloads\LFCMarshalls FM Transfer Update .fmf.zip
2015-05-08 22:26 - 2015-05-10 21:36 - 00000000 ____D () C:\Program Files (x86)\Sports Interactive
2015-05-08 22:19 - 2015-05-08 22:21 - 83064183 _____ () C:\Users\Yusa-Enes\Downloads\Football Manager 2015 Editor.nosTEAM.rar
2015-05-07 16:20 - 2015-05-07 16:20 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\NoDJ-Certified_Clubtapes_Vol_12
2015-05-07 16:13 - 2015-05-07 16:16 - 172888633 _____ () C:\Users\Yusa-Enes\Downloads\NoDJ-Certified_Clubtapes_Vol_12.zip
2015-05-07 15:41 - 2015-05-05 22:45 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\OJ Da Juiceman - The Realest Nigga I Know 2
2015-05-05 22:18 - 2015-05-07 15:40 - 78153217 _____ () C:\Users\Yusa-Enes\Downloads\The Realest Nigga I Know 2.zip
2015-05-05 21:41 - 2015-06-02 22:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-05 21:41 - 2015-05-31 17:33 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-05 21:41 - 2015-05-05 21:41 - 00001113 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-05 21:41 - 2015-05-05 21:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-05 21:41 - 2015-05-05 21:41 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-05 21:41 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-05 21:40 - 2015-05-05 21:40 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Yusa-Enes\Downloads\mbam-setup-majorgeeks-2.1.6.1022.exe
2015-04-29 18:47 - 2015-04-29 18:48 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Skyrim
2015-04-29 18:44 - 2015-04-29 18:44 - 00002433 _____ () C:\Users\Yusa-Enes\Desktop\The Elder Scrolls V Skyrim - Legendary Edition (Launcher).lnk
2015-04-29 18:44 - 2015-04-29 18:44 - 00002379 _____ () C:\Users\Yusa-Enes\Desktop\The Elder Scrolls V Skyrim - Legendary Edition.lnk
2015-04-29 18:20 - 2015-04-29 18:44 - 00000000 ____D () C:\Program Files (x86)\The Elder Scrolls V Skyrim - Legendary Edition (Game of the Year)
2015-04-26 22:06 - 2015-04-26 22:06 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-04-22 22:01 - 2015-04-22 22:01 - 00000000 ____D () C:\Users\Yusa-Enes\.android
2015-04-20 21:20 - 2015-04-20 21:20 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Sex-Escapades-14-Good-Vibes-Edition
2015-04-20 21:18 - 2015-04-20 21:19 - 105165590 _____ () C:\Users\Yusa-Enes\Downloads\Sex-Escapades-14-Good-Vibes-Edition.zip
2015-04-19 22:10 - 2015-04-19 23:27 - 00000219 _____ () C:\Users\Yusa-Enes\Desktop\Counter-Strike Global Offensive.url
2015-04-18 03:16 - 2015-04-18 03:16 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\1 - 3213
2015-04-18 03:11 - 2015-04-18 03:11 - 14324698 _____ () C:\Users\Yusa-Enes\Downloads\1 - 3213.rar
2015-04-17 21:16 - 2015-04-17 21:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2015-04-16 15:49 - 2015-04-16 15:49 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 00:33 - 2015-04-16 02:14 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Niqle_Nut_-_Imperal-yunus.2kaysixx
2015-04-15 20:16 - 2015-03-25 05:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 20:16 - 2015-03-25 05:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 20:16 - 2015-03-25 05:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 20:16 - 2015-03-25 05:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 20:16 - 2015-03-25 05:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 20:16 - 2015-03-25 05:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 20:16 - 2015-03-25 05:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 20:16 - 2015-03-23 05:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 20:16 - 2015-03-23 05:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 20:16 - 2015-03-23 05:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 20:16 - 2015-03-23 05:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 20:16 - 2015-03-10 05:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 20:16 - 2015-03-10 05:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 20:16 - 2015-03-05 07:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 20:16 - 2015-03-05 06:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 20:16 - 2015-01-28 01:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-04-15 20:15 - 2015-03-10 05:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 20:15 - 2015-03-10 05:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 20:15 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 20:14 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 20:14 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 20:14 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-14 21:30 - 2015-04-14 21:30 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 21:02 - 2015-04-14 21:03 - 07578290 _____ () C:\Users\Yusa-Enes\Downloads\localhost (5).sql
2015-04-14 03:38 - 2015-04-14 03:38 - 01217192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FM20.DLL
2015-04-11 22:56 - 2015-04-11 22:56 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2
2015-04-11 22:06 - 2015-04-11 22:06 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\KLBDMA
2015-04-11 18:06 - 2015-04-11 18:09 - 182788090 _____ () C:\Users\Yusa-Enes\Downloads\KLBDMA.rar
2015-04-11 17:59 - 2015-04-11 18:02 - 28308971 _____ () C:\Users\Yusa-Enes\Downloads\BlumentalsRapidPHPEditor2015v13.2.0.164.rar
2015-04-10 17:10 - 2015-04-10 17:15 - 199229440 _____ () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2.part1.rar
2015-04-10 17:10 - 2015-04-10 17:15 - 191960561 _____ () C:\Users\Yusa-Enes\Downloads\Ear Symphonie Vol. 2.part2.rar
2015-04-10 16:57 - 2015-04-10 16:57 - 72598565 _____ () C:\Users\Yusa-Enes\Downloads\Black.Beauty.vol.21.rar
2015-04-10 03:33 - 2015-04-10 03:33 - 00015442 _____ () C:\Users\Yusa-Enes\Downloads\Zippyshare BBCode.zip
2015-04-10 03:12 - 2015-04-10 03:12 - 07493968 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (6).sql
2015-04-10 02:04 - 2015-04-10 02:05 - 07494344 _____ () C:\Users\Yusa-Enes\Downloads\localhost (4).sql
2015-04-10 00:00 - 2015-04-10 00:31 - 07482376 _____ () C:\Users\Yusa-Enes\Downloads\localhost (3).sql
2015-04-09 22:56 - 2015-04-09 22:56 - 02991950 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (5).sql
2015-04-09 22:07 - 2015-04-09 22:11 - 00000158 _____ () C:\Users\Yusa-Enes\Desktop\wordlist.txt
2015-04-08 23:55 - 2015-04-08 23:55 - 08871704 _____ () C:\Users\Yusa-Enes\Downloads\01 Movin' Bass (feat. JAY Z) [GTA Re.m4a
2015-04-07 13:34 - 2015-04-18 03:02 - 00000184 _____ () C:\Users\Yusa-Enes\Desktop\taxischein.txt
2015-04-07 01:38 - 2015-04-07 01:38 - 07969808 _____ (TeamViewer GmbH) C:\Users\Yusa-Enes\Downloads\TeamViewer_Setup_de.exe
2015-04-06 21:34 - 2015-04-30 17:47 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\stinki mp3
2015-04-04 13:02 - 2015-05-20 16:28 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 13:02 - 2015-05-20 16:28 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-31 00:44 - 2015-03-31 00:45 - 02765212 _____ () C:\Users\Yusa-Enes\Downloads\backup_wBB2_201503310044.sql
2015-03-31 00:32 - 2015-03-31 00:32 - 00003566 _____ () C:\Users\Yusa-Enes\Downloads\useronlinelegende in farbe.zip
2015-03-28 01:39 - 2015-03-28 01:39 - 00001229 _____ () C:\Users\Yusa-Enes\Downloads\URLs in der xy_megashoutbox automatisch umwandeln.txt
2015-03-28 01:28 - 2015-03-28 01:29 - 06067328 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (4).sql
2015-03-28 01:28 - 2015-03-28 01:28 - 06067364 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (3).sql
2015-03-28 01:06 - 2015-03-28 01:07 - 06067030 _____ () C:\Users\Yusa-Enes\Downloads\localhost (2).sql
2015-03-28 01:06 - 2015-03-28 01:06 - 00016627 _____ () C:\Users\Yusa-Enes\Downloads\bb1_users.sql
2015-03-28 00:50 - 2015-03-28 00:50 - 06062987 _____ () C:\Users\Yusa-Enes\Downloads\localhost (1).sql
2015-03-25 00:45 - 2015-03-25 00:45 - 00684424 _____ () C:\Users\Yusa-Enes\Downloads\Light_WBB2_1_2_3.zip
2015-03-25 00:39 - 2015-03-25 00:39 - 00227429 _____ () C:\Users\Yusa-Enes\Downloads\WBB 2_3 Hack - Shoutcast Status Advanced 0_4.zip
2015-03-25 00:39 - 2015-03-25 00:39 - 00227429 _____ () C:\Users\Yusa-Enes\Downloads\WBB 2_3 Hack - Shoutcast Status Advanced 0_4 (1).zip
2015-03-24 23:08 - 2015-03-24 23:08 - 05845832 _____ () C:\Users\Yusa-Enes\Downloads\localhost.sql
2015-03-23 23:07 - 2015-03-23 23:07 - 00000000 ____D () C:\Users\Yusa-Enes\Downloads\Breakfast
2015-03-23 23:05 - 2015-03-23 23:06 - 70315999 _____ () C:\Users\Yusa-Enes\Downloads\Lunch.zip
2015-03-23 23:04 - 2015-03-23 23:05 - 74488932 _____ () C:\Users\Yusa-Enes\Downloads\Dinner.zip
2015-03-23 23:03 - 2015-03-23 23:04 - 66995608 _____ () C:\Users\Yusa-Enes\Downloads\Breakfast.zip
2015-03-23 22:57 - 2015-03-23 22:58 - 58841140 _____ () C:\Users\Yusa-Enes\Downloads\Lamar Starzz - Evelation.rar
2015-03-23 22:39 - 2015-03-23 22:40 - 00000000 ____D () C:\ProgramData\Blumentals
2015-03-23 22:39 - 2015-03-23 22:39 - 00001060 _____ () C:\Users\Yusa-Enes\Desktop\Rapid PHP 2015.lnk
2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Blumentals
2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rapid PHP 2015
2015-03-23 22:39 - 2015-03-23 22:39 - 00000000 ____D () C:\Program Files (x86)\Rapid PHP 2015
2015-03-23 22:38 - 2015-03-23 22:39 - 28224080 _____ (Karlis Blumentals ) C:\Users\Yusa-Enes\Downloads\rapidphp2015.exe
2015-03-23 22:20 - 2015-03-23 22:20 - 00002495 _____ () C:\Users\Yusa-Enes\Downloads\Fix Umlaute in der XundY Megashoutbox V1_3 by kill0rz.txt
2015-03-23 21:56 - 2015-03-23 21:58 - 84776815 _____ () C:\Users\Yusa-Enes\Downloads\Gucci Mane - Breakfast.zip
2015-03-22 04:25 - 2015-03-22 04:25 - 00000000 _____ () C:\Users\Yusa-Enes\Desktop\keyz - dum da dam 27.52.txt
2015-03-20 23:21 - 2015-03-20 23:21 - 00000000 ____D () C:\Users\Yusa-Enes\Desktop\Dokumente
2015-03-20 01:04 - 2015-03-20 01:04 - 02780999 _____ () C:\Users\Yusa-Enes\Downloads\hgfh.rar
2015-03-15 23:15 - 2015-03-15 23:15 - 04071806 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (2).sql
2015-03-15 21:49 - 2015-03-15 21:49 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\FlashFXP
2015-03-15 21:48 - 2015-03-15 21:48 - 05580880 _____ (OpenSight Software LLC ) C:\Users\Yusa-Enes\Downloads\FlashFXP51_3817_Setup.exe
2015-03-15 21:48 - 2015-03-15 21:48 - 00001046 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashFXP 5.lnk
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 __HDC () C:\ProgramData\{4E9C0E19-EB2A-4563-B74E-07D2536941E3}
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\ProgramData\regid.2000-02.com.flashfxp
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\ProgramData\FlashFXP
2015-03-15 21:48 - 2015-03-15 21:48 - 00000000 ____D () C:\Program Files (x86)\FlashFXP 5
2015-03-15 20:14 - 2015-03-15 20:14 - 00000851 _____ () C:\Users\Yusa-Enes\Downloads\Ftp ssl@tpereloaded.tk.xml
2015-03-15 20:01 - 2015-03-15 20:02 - 00021094 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db (1).sql
2015-03-15 19:57 - 2015-03-15 19:57 - 01738231 _____ () C:\Users\Yusa-Enes\Downloads\tpereloa_db.sql
2015-03-15 15:44 - 2015-03-15 15:44 - 01972448 _____ () C:\Users\Yusa-Enes\Downloads\backup_wBB2_201503151444.sql
2015-03-15 12:09 - 2015-03-15 12:09 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\Steam
2015-03-15 00:59 - 2015-03-15 00:59 - 00000856 _____ () C:\Users\Yusa-Enes\Downloads\Ftp tpereloa@tpereloaded.tk.xml
2015-03-15 00:54 - 2015-03-15 00:54 - 00000851 _____ () C:\Users\Yusa-Enes\Downloads\Ftp tpe@tpereloaded.tk.xml
2015-03-15 00:45 - 2015-03-15 00:46 - 49887680 _____ () C:\Users\Yusa-Enes\Downloads\The Turn Up Godz Tour.zip
2015-03-14 23:32 - 2015-03-14 23:33 - 44495182 _____ () C:\Users\Yusa-Enes\Downloads\Ratchet Draft pick master.wav
2015-03-14 23:27 - 2015-03-14 23:30 - 151907429 _____ () C:\Users\Yusa-Enes\Downloads\2015 Draft Picks.zip
2015-03-14 23:26 - 2015-03-14 23:29 - 127463064 _____ () C:\Users\Yusa-Enes\Downloads\Catch The Throne The Mixtape Vol. 2.zip
2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-03-13 21:48 - 2015-03-13 21:50 - 00000000 ____D () C:\Program Files (x86)\OpenVPN
2015-03-13 21:48 - 2015-03-13 21:48 - 01712392 _____ () C:\Users\Yusa-Enes\Downloads\openvpn-install-2.3.6-I001-i686.exe
2015-03-13 21:48 - 2015-03-13 21:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2015-03-12 21:05 - 2015-03-12 21:05 - 00018556 _____ () C:\Windows\unins000.dat
2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\MingGuan
2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drakonia Black
2015-03-12 21:05 - 2015-03-12 21:05 - 00000000 ____D () C:\Program Files (x86)\Drakonia Configurator
2015-03-12 21:05 - 2015-03-12 21:04 - 01192533 _____ () C:\Windows\unins000.exe
2015-03-12 01:09 - 2015-03-12 01:09 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Hard Disk Sentinel
2015-03-12 01:08 - 2015-05-31 17:23 - 00000000 ____D () C:\Program Files (x86)\Hard Disk Sentinel
2015-03-12 01:07 - 2015-03-12 01:08 - 20434858 _____ () C:\Users\Yusa-Enes\Downloads\hdsentinel_trial_setup.zip
2015-03-11 23:28 - 2015-03-20 16:36 - 00000000 ____D () C:\CDI
2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Seagate
2015-03-11 23:13 - 2015-03-11 23:13 - 00000000 ____D () C:\Program Files (x86)\Seagate
2015-03-11 23:11 - 2015-03-11 23:12 - 26771088 _____ () C:\Users\Yusa-Enes\Downloads\SeaToolsforWindowsSetup.exe
2015-03-11 15:18 - 2015-02-20 06:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 15:18 - 2015-02-20 06:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 15:18 - 2015-02-20 06:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 15:18 - 2015-02-20 06:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 15:18 - 2015-02-20 06:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 15:18 - 2015-02-20 06:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 15:18 - 2015-02-20 06:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 15:18 - 2015-02-20 06:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 15:18 - 2015-02-20 05:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 15:18 - 2015-02-20 05:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 15:18 - 2015-02-03 05:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-03-11 15:18 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-03-11 15:18 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-03-11 15:18 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-03-11 15:18 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-03-11 15:17 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-03-11 15:17 - 2015-02-03 05:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-03-11 15:17 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-03-11 15:17 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-03-11 15:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-03-11 15:17 - 2015-02-03 05:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-03-11 15:17 - 2015-02-03 05:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-03-11 15:17 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-03-11 15:17 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-03-11 15:17 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-03-11 15:17 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-03-11 15:17 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-03-11 15:17 - 2015-02-03 05:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-03-11 15:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-03-11 15:17 - 2015-02-03 05:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-03-11 15:17 - 2015-02-03 05:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-03-11 15:17 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-03-11 15:17 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-03-11 15:17 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-03-11 15:17 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-03-11 15:17 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-03-11 15:17 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-03-11 15:17 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-03-11 15:16 - 2015-02-13 07:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 15:16 - 2015-02-13 07:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 15:16 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 15:16 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 15:16 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 15:16 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-03-11 15:16 - 2015-01-31 01:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-03-11 15:16 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 15:16 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 15:14 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 15:14 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 04:41 - 2015-03-11 04:41 - 00544112 _____ () C:\Users\Yusa-Enes\Downloads\Setup_Shutdown4U.exe
2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Shutdown4U
2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shutdown4U
2015-03-11 04:41 - 2015-03-11 04:41 - 00000000 ____D () C:\Program Files\Shutdown4U

==================== Three Months Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 00:21 - 2012-09-01 16:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-06-03 00:19 - 2014-10-13 01:11 - 03352059 _____ () C:\FaceProv.log
2015-06-03 00:19 - 2013-11-08 18:51 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-03 00:19 - 2012-07-15 10:26 - 00177250 _____ () C:\Windows\system32\fastboot.set
2015-06-03 00:19 - 2012-07-15 10:23 - 00000000 ____D () C:\ProgramData\VeriFace
2015-06-03 00:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-03 00:16 - 2013-03-31 14:52 - 01205430 _____ () C:\Windows\WindowsUpdate.log
2015-06-02 23:51 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-02 23:51 - 2009-07-14 06:45 - 00032064 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-02 23:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Speech
2015-06-02 23:33 - 2013-11-08 18:51 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-02 23:30 - 2013-03-05 11:03 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-02 03:23 - 2012-07-15 19:23 - 20259792 _____ () C:\Windows\system32\perfh007.dat
2015-06-02 03:23 - 2012-07-15 19:23 - 06515874 _____ () C:\Windows\system32\perfc007.dat
2015-06-02 03:23 - 2009-07-14 07:13 - 00006592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-06-02 02:58 - 2012-10-19 20:35 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\TS3Client
2015-06-01 20:22 - 2014-09-27 03:06 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\JDownloader 2.0
2015-06-01 17:37 - 2012-08-29 17:40 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Skype
2015-06-01 15:06 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-31 17:24 - 2012-12-09 16:26 - 00000000 ____D () C:\Windows\de
2015-05-30 00:18 - 2013-09-29 22:04 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\My Games
2015-05-30 00:09 - 2012-09-01 21:05 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\CrashDumps
2015-05-30 00:05 - 2012-07-15 09:44 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-30 00:05 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-29 15:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-27 22:24 - 2015-01-27 17:07 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2015-05-27 19:30 - 2012-11-06 16:12 - 00000000 ____D () C:\ProgramData\Origin
2015-05-24 18:26 - 2013-11-09 22:29 - 00000000 ____D () C:\JD
2015-05-24 07:16 - 2014-01-06 16:32 - 00000000 ____D () C:\Users\Hayrunnisa\AppData\Roaming\Skype
2015-05-24 07:16 - 2009-07-14 07:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-05-23 21:33 - 2015-01-07 23:36 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Game Dev Tycoon
2015-05-23 02:28 - 2014-03-08 19:24 - 00000336 _____ () C:\Users\Yusa-Enes\Desktop\2B166A.txt
2015-05-20 16:16 - 2012-08-28 20:30 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Adobe
2015-05-20 16:15 - 2013-03-05 11:03 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-20 16:15 - 2013-03-05 11:03 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-20 16:15 - 2013-03-05 11:03 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-20 01:14 - 2014-06-03 01:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-18 00:58 - 2014-04-01 23:37 - 00000000 ____D () C:\csgo
2015-05-15 18:13 - 2011-10-10 10:19 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-15 18:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-15 18:12 - 2014-12-22 16:18 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-05-15 18:12 - 2014-12-22 16:18 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2015-05-15 16:56 - 2012-09-16 13:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-15 16:56 - 2012-09-09 20:58 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2015-05-15 16:53 - 2013-08-18 03:04 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-15 16:34 - 2012-08-28 23:15 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-15 16:29 - 2014-12-22 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-15 15:28 - 2013-11-08 18:51 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-15 15:28 - 2013-11-08 18:51 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-13 17:43 - 2014-05-14 17:49 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\NVIDIA Corporation
2015-05-13 17:43 - 2014-05-14 17:49 - 00000000 ____D () C:\Users\Sebiha\AppData\Local\NVIDIA
2015-05-13 17:38 - 2012-09-18 20:06 - 00000000 ____D () C:\Users\Sebiha\AppData\Roaming\Skype
2015-05-13 17:30 - 2014-07-14 20:54 - 00000000 ____D () C:\Users\Hayrunnisa\Desktop\PicsArt
2015-05-13 17:26 - 2015-01-10 17:45 - 00000000 ____D () C:\Users\Hayrunnisa\Desktop\Camera
2015-05-13 17:25 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-12 23:06 - 2012-08-28 20:23 - 00000000 ____D () C:\Users\Yusa-Enes
2015-05-12 21:33 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-11 22:09 - 2014-08-07 21:14 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Spotify
2015-05-11 21:16 - 2014-08-07 21:16 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Spotify
2015-05-10 21:57 - 2014-01-31 23:28 - 00000000 ____D () C:\Users\Yusa-Enes\Documents\Sports Interactive
2015-05-10 21:52 - 2014-01-31 23:28 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Local\Sports Interactive
2015-05-05 21:41 - 2013-01-20 03:57 - 00000000 ____D () C:\Users\Yusa-Enes\AppData\Roaming\Malwarebytes
2015-05-05 21:41 - 2013-01-20 03:57 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-04 17:24 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports

==================== Files in the root of some directories =======

2013-02-27 14:45 - 2013-02-27 15:02 - 0072060 _____ () C:\Users\Yusa-Enes\AppData\Roaming\ArtRom.LST
2013-03-23 14:15 - 2014-05-22 17:08 - 0009728 _____ () C:\Users\Yusa-Enes\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-12-21 21:26 - 2012-12-21 21:26 - 0005240 _____ () C:\Users\Yusa-Enes\AppData\Local\recently-used.xbel
2014-08-30 21:37 - 2014-12-22 14:41 - 0002365 _____ () C:\ProgramData\hpzinstall.log

Some files in TEMP:
====================
C:\Users\Yusa-Enes\AppData\Local\Temp\proxy_vole2390722611758678681.dll
C:\Users\Yusa-Enes\AppData\Local\Temp\Quarantine.exe
C:\Users\Yusa-Enes\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Yusa-Enes\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
         

Alt 03.06.2015, 00:47   #14
ykay
 
Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Code:
ATTFilter
==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=\Device\HarddiskVolume1
description             Windows Boot Manager
locale                  de-DE
inherit                 {globalsettings}
default                 {current}
resumeobject            {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 0

Windows-Startladeprogramm
-------------------------
Bezeichner              {775b600f-f13d-11e1-85d4-74e543345de1}
device                  ramdisk=[C:]\Recovery\775b600f-f13d-11e1-85d4-74e543345de1\Winre.wim,{775b6010-f13d-11e1-85d4-74e543345de1}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\775b600f-f13d-11e1-85d4-74e543345de1\Winre.wim,{775b6010-f13d-11e1-85d4-74e543345de1}
systemroot              \windows
nx                      OptIn
winpe                   Yes

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  de-DE
inherit                 {bootloadersettings}
recoverysequence        {775b600f-f13d-11e1-85d4-74e543345de1}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec}
nx                      OptIn

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {b4e214ce-ce17-11e1-8638-dc0ea1fe1eec}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  de-DE
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=\Device\HarddiskVolume1
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  de-DE
inherit                 {globalsettings}
badmemoryaccess         Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                 Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                 {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {775b6010-f13d-11e1-85d4-74e543345de1}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\775b600f-f13d-11e1-85d4-74e543345de1\boot.sdi

Optionen zum RAM-Datentr„gersetup
---------------------------------
Bezeichner              {ramdiskoptions}
description             Ramdisk options
ramdisksdidevice        boot
ramdisksdipath          \boot\boot.sdi



LastRegBack: 2015-05-25 21:57

==================== End of log ============================
         

Alt 03.06.2015, 19:38   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Standard

Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)



Passt



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)
abgebrochen, alarm, anleitung, anti-malware, automatische, automatischen, browser, cache, datei, download, fake, gen, installiert, kleine, link, malwarebytes, neu, nod32, ordner, recovery, redirect, scan, steam, tool, zeichen



Ähnliche Themen: Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)


  1. Fake Steam Programm/ Pishing auf dem PC
    Plagegeister aller Art und deren Bekämpfung - 09.07.2015 (12)
  2. Chrome hat download einer Datei abgebrochen
    Plagegeister aller Art und deren Bekämpfung - 30.05.2015 (9)
  3. Steam Freundschaftsanfrage mit komischem Link
    Plagegeister aller Art und deren Bekämpfung - 12.04.2015 (3)
  4. Steam Trojaner über Friendslist bekommen! Link mit .png Foto
    Log-Analyse und Auswertung - 10.01.2015 (27)
  5. Windows 8: .scr-Datei Download per Link über Steam
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (11)
  6. Wenn ich in Steam einen Chat öffne, wird automatisch ein Link abgesendet
    Plagegeister aller Art und deren Bekämpfung - 08.01.2015 (13)
  7. Externer Link bei Steam Chat für Handel -> nach öffnen : Virus
    Log-Analyse und Auswertung - 18.09.2014 (14)
  8. Steam Pishing-Link angeklickt
    Alles rund um Windows - 07.08.2014 (6)
  9. Downloads hören kurz vorm Ende auf / Funktionieren nicht
    Plagegeister aller Art und deren Bekämpfung - 30.06.2014 (44)
  10. Steam - download- Cpu Überlastet.
    Plagegeister aller Art und deren Bekämpfung - 24.05.2014 (11)
  11. Windows XP: Auf fake links für Flash und Java reingefallen
    Plagegeister aller Art und deren Bekämpfung - 26.02.2014 (11)
  12. browsersafesearhing.com als standardsuchmaschine nach installation von steam-download.de
    Log-Analyse und Auswertung - 06.03.2012 (25)
  13. browsersafesearching.com Standardsuchmaschine nach Installation von steam-download.de
    Log-Analyse und Auswertung - 30.12.2011 (7)
  14. [doppelt] browsersafesearching.com Standardsuchmaschine nach Installation von steam-download.de
    Mülltonne - 28.12.2011 (2)
  15. auch auf codec download reingefallen!
    Plagegeister aller Art und deren Bekämpfung - 06.11.2006 (2)
  16. Download wird abgebrochen
    Netzwerk und Hardware - 18.05.2006 (4)
  17. Werbung ohne Ende.... kurz vor der Verzweiflung...
    Plagegeister aller Art und deren Bekämpfung - 03.11.2005 (1)

Zum Thema Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) - Hey, ich würde mich gerne freuen, wenn einer vom Team mir helfen kann, obwohl ich frisch neu gereggt bin. Ich bin wie ein Idiot auf den Fake Steam Link drauf - Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam)...
Archiv
Du betrachtest: Auf .png Link reingefallen Download kurz vor Ende abgebrochen - unsicher (Fake.Steam) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.