Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows-kein-Originalprodukt-Meldung

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Alt 01.06.2015, 16:53   #1
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung




Hallo, vor einigen Tagen begann Windows eine Meldung mit der Aussage "Windows [sei] kein Originalprodukt" zu öffnen. Alles begann mit einer Fehlfunktion von Skype, die ich seit Wochen zu beheben versuche und bei einer vermeintlichen Lösung in Form einer Anleitung innerhalb eines Forums führte ich einen Windowsinternen Scan via cmd aus. Dadurch entstand eine Logfile, die ich nicht öffnen konnte, worauf ich per Administratorenrecht die Leserechte aktivierte und anschliessend wieder abschaltete. Einen Tag später blinkte die Meldung auf "Windows ist kein Originalprodukt".
Im Anhang findet ihr die FRST Logs.

Vielen Dank für jegliche Hilfe,
Euer Ratchigka

Alt 01.06.2015, 17:02   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 01.06.2015, 17:19   #3
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Entschuldige bitte

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Aaron (administrator) on AARON-PC on 01-06-2015 17:44:45
Running from C:\Users\Aaron\Downloads
Loaded Profiles: Aaron (Available Profiles: Aaron)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Windows\System32\slui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Platinum] => "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" -StartUp
HKLM\...\Run: [Trend Micro Client Framework] => "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2015-03-12] (VIA Technologies, Inc.)
HKLM-x32\...\Run: [G Data ASM] => "C:\Program Files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe" /autostart
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-28] (BlueStack Systems, Inc.)
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-02] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-03-12]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000 -> DefaultScope {FDE77B5B-F923-4C0E-BAD4-29914B67A6C0} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000 -> {FDE77B5B-F923-4C0E-BAD4-29914B67A6C0} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-17] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4857B833-3EF8-4626-880E-BEF4F16D68AD}: [NameServer] 95.169.183.219,89.41.60.38

FireFox:
========
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-26] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-20] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2455565853-2773199953-1460756191-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aaron\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\user.js [2015-05-25]
FF user.js: detected! => C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\ktw5ym78.dev-edition-default\user.js [2015-05-25]
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\google-images.xml [2014-11-01]
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\google-maps.xml [2014-11-01]
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\youtube-video-search.xml [2015-05-29]
FF Extension: YouTube Unblocker - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-29]
FF Extension: Ghostery - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\firefox@ghostery.com.xpi [2015-01-18]
FF Extension: Tab for a Cause - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\tabforacause@tabforacause.org.xpi [2014-12-21]
FF Extension: NoScript - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-01]
FF Extension: VideoService - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{9d58e825-a4eb-4a2c-9736-3b0d51b3c8c5}.xpi [2014-12-20]
FF Extension: Adblock Plus - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-01]
FF Extension: BetterPrivacy - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-02-02]
FF Extension: {f9f3dafd-5da0-4d41-a597-c11bf9609e1b} - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{f9f3dafd-5da0-4d41-a597-c11bf9609e1b}.xpi [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-14]
FF HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\extensions\cliqz@cliqz.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-28] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-28] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-28] (BlueStack Systems, Inc.)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-31] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-28] (BlueStack Systems)
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-15] (G Data Software AG)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-05-17] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-05-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-31] ()
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-31 20:10 - 2015-05-31 20:11 - 00029538 _____ () C:\Users\Aaron\Downloads\Addition.txt
2015-05-31 20:09 - 2015-06-01 17:44 - 00018619 _____ () C:\Users\Aaron\Downloads\FRST.txt
2015-05-31 20:09 - 2015-06-01 17:44 - 00000000 ____D () C:\FRST
2015-05-31 20:08 - 2015-05-31 20:08 - 02108928 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64.exe
2015-05-31 10:47 - 2015-05-31 10:47 - 00235936 _____ (Tagès SA) C:\Users\Aaron\Downloads\TagesSetup_x64.exe
2015-05-29 20:40 - 2015-05-29 20:40 - 00159144 _____ (Microsoft Corporation) C:\Users\Aaron\Downloads\WindowsActivationUpdate.exe
2015-05-28 21:37 - 2015-05-28 21:37 - 00000000 ____D () C:\Users\Aaron\.android
2015-05-28 21:20 - 2015-05-29 22:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-28 21:20 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-28 21:20 - 2015-05-28 21:20 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-28 20:47 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-05-28 20:47 - 2015-05-29 22:22 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-05-28 20:47 - 2015-05-29 22:21 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-05-28 20:47 - 2015-05-28 20:47 - 00001818 _____ () C:\Users\Public\Desktop\Apps.lnk
2015-05-28 20:47 - 2015-05-28 20:47 - 00001807 _____ () C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-05-28 20:46 - 2015-05-28 20:46 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Bluestacks
2015-05-28 20:44 - 2015-05-28 20:46 - 14155832 _____ (BlueStack Systems Inc.) C:\Users\Aaron\Downloads\BlueStacks-ThinInstaller(1).exe
2015-05-28 20:36 - 2015-05-28 20:36 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Aaron\Downloads\SkypeSetup.exe
2015-05-26 22:15 - 2015-05-26 23:21 - 00020125 _____ () C:\Users\Aaron\Documents\SEminario.odt
2015-05-25 16:01 - 2015-05-25 16:01 - 00000000 ____D () C:\Users\Aaron\Downloads\Passage
2015-05-25 16:00 - 2015-05-25 16:00 - 00497214 _____ () C:\Users\Aaron\Downloads\Passage_v3_Windows(1).exe
2015-05-24 22:17 - 2015-05-24 22:17 - 00000592 _____ () C:\Users\Aaron\Documents\Taddl.txt
2015-05-20 17:08 - 2015-06-01 17:13 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-20 17:08 - 2015-06-01 17:13 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-20 17:08 - 2015-05-20 17:08 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 17:08 - 2015-05-20 17:08 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 19:22 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-19 19:22 - 2015-05-19 19:22 - 00000000 ____D () C:\Users\Aaron\AppData\Roaming\Apple Computer
2015-05-19 19:22 - 2015-05-19 19:22 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Apple Computer
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files\iTunes
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files\iPod
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-19 19:21 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-19 19:20 - 2015-05-21 22:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-19 19:20 - 2015-05-19 19:20 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Apple
2015-05-19 19:19 - 2015-05-21 22:03 - 00000000 ____D () C:\ProgramData\Apple
2015-05-19 19:02 - 2015-05-19 19:15 - 121283888 _____ (Apple Inc.) C:\Users\Aaron\Downloads\itunes64setup.exe
2015-05-19 18:40 - 2015-05-19 18:49 - 108728624 _____ (Apple Inc.) C:\Users\Aaron\Downloads\iTunesSetup.exe
2015-05-19 17:24 - 2015-05-31 10:49 - 00088480 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-05-19 17:24 - 2015-05-31 10:49 - 00046400 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-05-19 17:24 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Windows\system32\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\ProgramData\InstallShield
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-05-19 17:23 - 2015-05-19 17:23 - 00002358 _____ () C:\Users\Public\Desktop\Sherlock Holmes jagt Arsene Lupin  spielen.lnk
2015-05-19 17:23 - 2015-05-19 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus
2015-05-19 17:21 - 2015-05-19 17:21 - 00002068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2015-05-19 17:21 - 2015-05-19 17:21 - 00000000 ____D () C:\Program Files (x86)\Focus
2015-05-19 17:21 - 2004-08-09 06:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
2015-05-18 16:10 - 2015-05-18 16:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-14 22:53 - 2015-05-18 15:05 - 00002334 _____ () C:\Users\Aaron\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-14 22:52 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-14 22:52 - 2015-05-14 22:52 - 00001196 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-14 22:52 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-05-14 22:51 - 2015-06-01 17:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-14 22:51 - 2015-05-17 21:49 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-14 22:51 - 2015-05-17 21:49 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-05-14 22:51 - 2015-05-14 22:51 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-05-14 22:51 - 2015-05-14 22:51 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-14 22:51 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-14 22:43 - 2015-05-14 22:48 - 176562784 _____ () C:\Users\Aaron\Downloads\kis15.0.0.463de_6508.exe
2015-05-13 13:20 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:20 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:59 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:59 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 10:59 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:59 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 10:59 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:59 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:59 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:59 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:59 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:59 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:59 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:59 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:59 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:59 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:59 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:59 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:59 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:59 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:59 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:59 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:59 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:59 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:59 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 10:59 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 10:59 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:59 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:59 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 10:59 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 10:59 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 10:59 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 10:59 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:59 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:59 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 10:59 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:59 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 10:59 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 10:59 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 10:59 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 10:59 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 10:59 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 10:59 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 10:59 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:59 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:59 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 10:59 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:59 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:59 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 10:59 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:59 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 10:59 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 10:59 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 10:59 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 10:59 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:59 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 10:59 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 10:59 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 10:59 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 10:59 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:59 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:59 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 10:59 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 10:59 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 10:59 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:59 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 10:58 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:58 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:58 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:58 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 10:58 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:58 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:58 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:58 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 10:58 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 10:58 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 10:58 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 10:58 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 10:58 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 10:58 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:58 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 10:58 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 10:58 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 10:58 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:58 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 10:58 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:58 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:57 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:57 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:57 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:57 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:57 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 10:57 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 10:57 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 10:57 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 10:57 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:57 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:57 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:23 - 2015-05-12 17:23 - 00005710 _____ () C:\Users\Aaron\Downloads\idlesave(1)
2015-05-10 21:09 - 2015-05-10 21:09 - 00003756 _____ () C:\Users\Aaron\Downloads\idlesave
2015-05-08 23:03 - 2015-05-08 23:03 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Steam
2015-05-08 22:57 - 2015-05-08 22:57 - 01142128 _____ () C:\Users\Aaron\Downloads\SteamSetup.exe
2015-05-04 19:03 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-04 18:54 - 2015-05-04 19:02 - 13611736 _____ (BlueStack Systems Inc.) C:\Users\Aaron\Downloads\BlueStacks-ThinInstaller.exe
2015-05-03 17:14 - 2015-05-03 17:14 - 00000000 ____D () C:\Users\Aaron\Tracing

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 17:10 - 2015-04-11 08:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-01 16:52 - 2009-07-14 06:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 16:52 - 2009-07-14 06:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 15:00 - 2014-11-01 14:00 - 01860963 _____ () C:\Windows\WindowsUpdate.log
2015-06-01 14:52 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 14:52 - 2009-07-14 06:51 - 00059294 _____ () C:\Windows\setupact.log
2015-05-29 22:26 - 2014-11-01 18:18 - 00000000 ____D () C:\Users\Aaron\AppData\Roaming\Skype
2015-05-29 22:23 - 2014-11-01 14:02 - 00000000 ____D () C:\Users\Aaron
2015-05-29 22:22 - 2015-04-04 15:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-29 22:22 - 2015-03-07 14:00 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-05-29 22:22 - 2014-12-26 22:24 - 00000000 ____D () C:\Users\Aaron\AppData\Local\fabi.me
2015-05-29 22:22 - 2014-11-01 23:20 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Abelssoft
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-29 22:21 - 2014-11-01 18:18 - 00000000 ____D () C:\ProgramData\Skype
2015-05-29 22:04 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-28 22:56 - 2015-03-07 14:01 - 00000000 ____D () C:\Users\Aaron\AppData\Local\CyberGhost
2015-05-28 22:56 - 2014-11-01 14:02 - 00000000 ____D () C:\Users\Aaron\AppData\Local\VirtualStore
2015-05-28 20:47 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-05-26 23:25 - 2009-07-14 19:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-05-26 23:25 - 2009-07-14 19:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-05-26 23:25 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-26 21:43 - 2015-03-08 17:37 - 00000000 ____D () C:\Users\Aaron\Desktop\Moot
2015-05-26 18:41 - 2014-11-01 14:15 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Adobe
2015-05-26 18:16 - 2015-04-11 08:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-26 18:16 - 2014-11-01 14:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-26 18:16 - 2014-11-01 14:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-26 16:52 - 2009-07-14 07:08 - 00002898 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-24 22:17 - 2014-11-27 23:41 - 00006360 _____ () C:\Users\Aaron\Documents\SC.txt
2015-05-21 22:05 - 2015-02-05 09:08 - 00000000 ____D () C:\Users\Aaron\Desktop\EA
2015-05-20 23:50 - 2015-04-04 15:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 16:58 - 2014-11-01 15:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-19 17:21 - 2014-11-01 14:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-17 19:56 - 2015-04-14 18:27 - 00000000 ____D () C:\Program Files (x86)\G Data
2015-05-17 19:56 - 2014-11-01 14:33 - 01368830 _____ () C:\Windows\PFRO.log
2015-05-17 19:55 - 2015-04-14 18:17 - 00000000 ____D () C:\ProgramData\G Data
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-05-17 19:42 - 2015-03-13 15:56 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-05-17 19:38 - 2015-03-27 18:33 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Trend Micro
2015-05-14 22:49 - 2015-03-30 19:05 - 00001161 _____ () C:\Users\Aaron\Desktop\VideoCacheView.cfg
2015-05-14 22:40 - 2015-04-26 21:54 - 00000962 _____ () C:\Users\Aaron\Documents\hahah.txt
2015-05-13 23:59 - 2014-11-07 23:14 - 00000000 ____D () C:\Users\Aaron\Documents\Anki
2015-05-13 17:05 - 2009-07-14 06:45 - 00298248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 17:02 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:24 - 2014-11-01 14:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 13:22 - 2009-10-14 07:12 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-11 09:58 - 2015-04-14 18:27 - 00006074 _____ () C:\Windows\DPINST.LOG
2015-05-05 20:14 - 2014-11-01 15:07 - 00000000 ____D () C:\Users\Aaron\Desktop\Neuer Ordner

==================== Files in the root of some directories =======

2015-04-14 18:27 - 2015-04-14 18:27 - 0000000 _____ () C:\Users\Aaron\AppData\Roaming\gdfw.log
2015-04-14 18:27 - 2015-04-14 18:27 - 0000779 _____ () C:\Users\Aaron\AppData\Roaming\gdscan.log
2015-03-13 15:56 - 2015-03-13 15:56 - 0000036 _____ () C:\Users\Aaron\AppData\Local\housecall.guid.cache

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-29 19:51

==================== End of log ============================
         













Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Aaron at 2015-06-01 17:45:02
Running from C:\Users\Aaron\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Aaron (S-1-5-21-2455565853-2773199953-1460756191-1000 - Administrator - Enabled) => C:\Users\Aaron
Administrator (S-1-5-21-2455565853-2773199953-1460756191-500 - Administrator - Disabled)
Gast (S-1-5-21-2455565853-2773199953-1460756191-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2455565853-2773199953-1460756191-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
AGEIA PhysX v6.12.02 (HKLM-x32\...\{7032E73F-68A0-48F9-8100-E70E79169BAE}) (Version: 6.12.02 - AGEIA Technologies, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version:  - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.27.5408 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{C1F53C9F-C560-4292-9237-12786FE6BF62}) (Version: 0.9.27.5408 - BlueStack Systems, Inc.)
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.42 - Abelssoft)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Firefox Developer Edition 38.0a2 (x64 de) (HKLM\...\Firefox Developer Edition 38.0a2 (x64 de)) (Version: 38.0a2 - Mozilla)
Free Audio Converter version 5.0.55.113 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google 日本語入力 (HKLM\...\{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}) (Version: 1.13.1641.0 - Google Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5D239A92-31A4-4FCA-967D-F9EA8E1FDF6A}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1020 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0a2 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Pale Moon 25.3.1 (x86 en-US) (HKLM-x32\...\Pale Moon 25.3.1 (x86 en-US)) (Version: 25.3.1 - Moonchild Productions)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Sherlock Holmes jagt Arsene Lupin (HKLM-x32\...\{63686BEF-04CA-461C-B364-53BBC322F7BF}) (Version: 1.00.0777 - Frogwares)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unity Web Player (HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
YTD Video Downloader 4.8.9 (HKLM-x32\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8.9 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Restore Points =========================

20-05-2015 23:49:57 Windows Update
21-05-2015 17:35:47 Removed Apple Mobile Device Support
21-05-2015 21:58:17 Removed Bonjour
21-05-2015 22:01:20 Removed Apple Application Support (32-Bit)
21-05-2015 22:03:54 Removed Apple Software Update
21-05-2015 22:04:22 Removed Apple Mobile Device Support
26-05-2015 16:59:35 Windows Update
28-05-2015 20:30:45 Removed Skype™ 7.4
28-05-2015 20:33:46 Removed Skype Click to Call
28-05-2015 20:40:16 Removed BlueStacks Notification Center
29-05-2015 22:00:49 Wiederherstellungsvorgang

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E3E308E-ABEF-4846-89B8-278B4B018F87} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {0F88D255-2241-4208-8237-E341A4D7A173} - System32\Tasks\{5A57084D-AC5A-4D37-847B-140B7C012D90} => pcalua.exe -a D:\directx\dxsetup.exe -d D:\directx
Task: {1C4CB41F-68B8-4D5A-8A6F-F4C3AE36F657} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)
Task: {2A998A09-FB15-4811-A83D-3199505578DA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {37FB0945-E77F-4D35-8BC0-D0235553AB98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {5038085A-5CF3-494E-A1B5-8BB30E207A17} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {55A4219C-07FF-4C29-9BD8-3C619515A305} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {57F70703-9A44-4723-AB28-AFC48700A0A1} - \{1DFC94E0-EEB0-4BAF-A5B2-1F07400E5341} No Task File <==== ATTENTION
Task: {7C0BC5CD-DA14-4277-B6C1-E8744715E8FA} - \{EEF77C93-E979-49BA-8AA0-17E886F1EAEB} No Task File <==== ATTENTION
Task: {824BD7D4-3B9B-4A57-AB35-B82400A8F815} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {8820FE82-E598-4326-954A-39452D194616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)
Task: {9BEE7F76-659C-4C46-8456-C3F4C8407328} - \User_Feed_Synchronization-{600F234B-E5B6-4B2D-9EB7-84B30C9F11A3} No Task File <==== ATTENTION
Task: {B7FD4B15-9BA8-468C-A210-B505DCC89E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C713F4D1-F331-4653-B26A-F95CBFCB07D1} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-20] (Microsoft Corporation)
Task: {F99D18BE-4F1D-43A0-BD32-CC74BD35149D} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-12 19:25 - 2015-03-12 19:25 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2014-12-04 21:34 - 2013-11-01 18:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2015-05-17 21:23 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-11-01 14:09 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-05-26 18:16 - 2015-05-26 18:16 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
2015-02-22 11:59 - 2015-02-22 11:59 - 02108488 _____ () C:\Users\Aaron\AppData\LocalLow\Unity\WebPlayer\mono\Release3.x.x\mono-1-vc.dll
2015-05-28 11:05 - 2015-05-28 20:47 - 00195584 _____ () C:\Program Files (x86)\BlueStacks\libEGL.dll
2015-05-28 11:05 - 2015-05-28 20:47 - 01467392 _____ () C:\Program Files (x86)\BlueStacks\libGLESv2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 95.169.183.219 - 89.41.60.38

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F910D0C9-262F-4427-9587-0E6D623BE027}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A7CBF020-E154-4520-82A5-F40CD5A5B7F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{652FE1B6-04A6-4AB5-A263-EAA23ED5AF39}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{302EDD12-0AC8-4F32-8EC4-E7D89E05A27B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{48181101-7CA1-47FF-92C4-661EC8D8CC94}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{CFA596B3-FE44-4054-8514-A491E93A548B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{5203D9A2-92C6-4216-A0EA-872EF81D838F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{2F8E4ABE-8813-41DD-8D11-B5B91F771C53}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{3E0A475E-F79E-4A19-8FC4-E6C041642D44}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{9B6DD1C2-563B-40A3-ACEE-ABC35DBF0A16}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{A1AC3D49-DA7E-4405-A0A8-0CB37F6567D6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{0A163EAF-70F4-49F4-AF3A-F3F0E347D685}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{844A7132-5511-45ED-B0D3-A6A2CC5613A1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6F80F7CA-4A0C-463F-998A-AEA71EFF8C3F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3BC87F6A-8C1F-4599-B2B0-2061EAB55569}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{C99151BB-774A-443B-A1DB-14A54D9B3201}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{F34A9EC6-DD46-4BE9-91D3-081674BC78CF}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{243C2F74-B1BD-4240-9D59-722D40F618E9}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [TCP Query User{BCA82D7E-E09E-4282-9713-9D5476F446F4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{90985EBA-FDA7-4896-BABE-94A5AB81DFB3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{227CD673-EFE0-4C39-95B8-CDC817BB04C7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7C632050-24B5-4D37-9BB9-0A8281082923}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{725EF301-0470-4F66-B155-EA5A4BAF23B3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{92FDDB1F-16DB-4943-B6A6-A9B59D6C8EE2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{77118A62-B07D-473F-8425-8026BDA0D373}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719D0DC3-7F9C-4DF8-A244-1029DB8C5602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3349BEC-5E4E-4AF9-87A3-EEC5AEA7F02D}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [{CE52468E-665F-4C3F-9DC6-79F6AEF8553A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{7D882834-5CE4-4B78-969E-3EE357EEC731}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{940AFD68-2716-4CD4-8E11-505371C53FC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BA9A4195-2E37-460B-8CDD-DAADF45FD634}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BDA4317-797A-4D13-91A9-3862BCE7E88C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BFBDE6A1-CDF0-4FCC-9785-46D364151161}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1E7CF97D-0B95-47BE-98C8-F2C5A31996FF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F55D7FA2-0F23-40CC-AC52-B93B705654C9}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{E9098807-5655-4DBD-B013-AB2A0FA29E2D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/29/2015 10:28:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.5.0.101 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d68

Startzeit: 01d09a4d6d5b3213

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: 2867a548-0641-11e5-8dd8-94de80a96248

Error: (05/29/2015 10:06:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. C:\ProgramData\BlueStacks\Android\kernel.elf.signature doesn't exist
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 08:51:30 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 08:51:30 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 08:48:38 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 08:48:38 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 07:54:57 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 07:54:57 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.


System errors:
=============
Error: (06/01/2015 02:53:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/01/2015 02:53:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.

Error: (06/01/2015 02:52:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WSWNA3100" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (05/31/2015 09:54:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CyberGhost 5 Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/31/2015 09:54:11 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst CyberGhost 5 Client Service erreicht.

Error: (05/31/2015 09:53:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WSWNA3100" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (05/31/2015 09:53:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (05/31/2015 09:53:35 AM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber atksgt.sys konnte nicht geladen werden.

Error: (05/30/2015 06:03:27 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WSWNA3100" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%5

Error: (05/30/2015 06:03:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275


Microsoft Office:
=========================
Error: (05/29/2015 10:28:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.5.0.101d6801d09a4d6d5b32135C:\Program Files (x86)\Skype\Phone\Skype.exe2867a548-0641-11e5-8dd8-94de80a96248

Error: (05/29/2015 10:06:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. C:\ProgramData\BlueStacks\Android\kernel.elf.signature doesn't exist
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 08:51:30 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 08:51:30 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 08:48:38 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 08:48:38 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 07:54:57 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 07:54:57 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f


CodeIntegrity Errors:
===================================
  Date: 2014-11-01 13:48:42.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG2015\avghooka.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 65%
Total physical RAM: 7656.09 MB
Available physical RAM: 2636.73 MB
Total Pagefile: 15310.39 MB
Available Pagefile: 9232.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:116.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SHERLOCKHOLMES4) (CDROM) (Total:6.84 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F22B4E44)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of log ============================
         
__________________

Alt 02.06.2015, 07:35   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    YTD Video Downloader 4.8.9


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 




Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.06.2015, 16:57   #5
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Es wurden insgesamt keine Bedrohungen gefunden

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.02.03
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Aaron :: AARON-PC [administrator]

02.06.2015 17:29:51
mbar-log-2015-06-02 (17-29-51).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 357855
Time elapsed: 18 minute(s), 53 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
17:51:30.0372 0x0e48  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:51:34.0613 0x0e48  ============================================================
17:51:34.0613 0x0e48  Current date / time: 2015/06/02 17:51:34.0613
17:51:34.0613 0x0e48  SystemInfo:
17:51:34.0613 0x0e48  
17:51:34.0613 0x0e48  OS Version: 6.1.7601 ServicePack: 1.0
17:51:34.0613 0x0e48  Product type: Workstation
17:51:34.0613 0x0e48  ComputerName: AARON-PC
17:51:34.0613 0x0e48  UserName: Aaron
17:51:34.0613 0x0e48  Windows directory: C:\Windows
17:51:34.0613 0x0e48  System windows directory: C:\Windows
17:51:34.0613 0x0e48  Running under WOW64
17:51:34.0613 0x0e48  Processor architecture: Intel x64
17:51:34.0613 0x0e48  Number of processors: 4
17:51:34.0613 0x0e48  Page size: 0x1000
17:51:34.0613 0x0e48  Boot type: Normal boot
17:51:34.0613 0x0e48  ============================================================
17:51:35.0059 0x0e48  KLMD registered as C:\Windows\system32\drivers\14790290.sys
17:51:35.0585 0x0e48  System UUID: {E94B2135-FA5D-0F23-A8C1-2762363C0878}
17:51:36.0332 0x0e48  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:51:36.0344 0x0e48  Drive \Device\Harddisk1\DR1 - Size: 0x77800000 ( 1.87 Gb ), SectorSize: 0x200, Cylinders: 0xF3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:51:36.0346 0x0e48  ============================================================
17:51:36.0346 0x0e48  \Device\Harddisk0\DR0:
17:51:36.0356 0x0e48  MBR partitions:
17:51:36.0356 0x0e48  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D192800
17:51:36.0356 0x0e48  \Device\Harddisk1\DR1:
17:51:36.0356 0x0e48  MBR partitions:
17:51:36.0356 0x0e48  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0x20, BlocksNum 0x3BBFE0
17:51:36.0356 0x0e48  ============================================================
17:51:36.0389 0x0e48  C: <-> \Device\Harddisk0\DR0\Partition1
17:51:36.0390 0x0e48  ============================================================
17:51:36.0390 0x0e48  Initialize success
17:51:36.0390 0x0e48  ============================================================
17:52:12.0917 0x0f80  ============================================================
17:52:12.0917 0x0f80  Scan started
17:52:12.0917 0x0f80  Mode: Manual; SigCheck; TDLFS; 
17:52:12.0917 0x0f80  ============================================================
17:52:12.0917 0x0f80  KSN ping started
17:52:15.0392 0x0f80  KSN ping finished: true
17:52:16.0436 0x0f80  ================ Scan system memory ========================
17:52:16.0436 0x0f80  System memory - ok
17:52:16.0436 0x0f80  ================ Scan services =============================
17:52:16.0633 0x0f80  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:52:16.0805 0x0f80  1394ohci - ok
17:52:16.0868 0x0f80  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:52:16.0885 0x0f80  ACPI - ok
17:52:16.0923 0x0f80  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:52:17.0046 0x0f80  AcpiPmi - ok
17:52:17.0157 0x0f80  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:52:17.0181 0x0f80  AdobeFlashPlayerUpdateSvc - ok
17:52:17.0252 0x0f80  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
17:52:17.0269 0x0f80  adp94xx - ok
17:52:17.0300 0x0f80  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
17:52:17.0311 0x0f80  adpahci - ok
17:52:17.0356 0x0f80  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
17:52:17.0364 0x0f80  adpu320 - ok
17:52:17.0408 0x0f80  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:52:17.0459 0x0f80  AeLookupSvc - ok
17:52:17.0510 0x0f80  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:52:17.0561 0x0f80  AFD - ok
17:52:17.0623 0x0f80  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:52:17.0631 0x0f80  agp440 - ok
17:52:17.0653 0x0f80  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:52:17.0714 0x0f80  ALG - ok
17:52:17.0796 0x0f80  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:52:17.0804 0x0f80  aliide - ok
17:52:17.0942 0x0f80  [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:52:18.0018 0x0f80  AMD External Events Utility - ok
17:52:18.0108 0x0f80  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:52:18.0115 0x0f80  amdide - ok
17:52:18.0152 0x0f80  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
17:52:18.0267 0x0f80  AmdK8 - ok
17:52:19.0121 0x0f80  [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:52:19.0511 0x0f80  amdkmdag - ok
17:52:19.0576 0x0f80  [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:52:19.0594 0x0f80  amdkmdap - ok
17:52:19.0628 0x0f80  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:52:19.0656 0x0f80  AmdPPM - ok
17:52:19.0687 0x0f80  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:52:19.0698 0x0f80  amdsata - ok
17:52:19.0716 0x0f80  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
17:52:19.0726 0x0f80  amdsbs - ok
17:52:19.0739 0x0f80  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:52:19.0745 0x0f80  amdxata - ok
17:52:19.0787 0x0f80  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
17:52:19.0839 0x0f80  AppID - ok
17:52:19.0868 0x0f80  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:52:19.0913 0x0f80  AppIDSvc - ok
17:52:19.0966 0x0f80  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
17:52:20.0024 0x0f80  Appinfo - ok
17:52:20.0091 0x0f80  [ CC19A6452BA688EA32D14D8DBEC190F4, 6D52B63926E1766DB8BD00CC5CC0AD9EA3B68FC1E6C66FAF4E899606437468A3 ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
17:52:20.0105 0x0f80  AppleCharger - ok
17:52:20.0133 0x0f80  [ 95EF7247C50C7241FDAE39A9B3AFF4AE, 6E08FB095C04B2E217B139D6431336C0F24C128A2A83082A3085DC8C44AA247D ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
17:52:20.0141 0x0f80  AppleChargerSrv - ok
17:52:20.0324 0x0f80  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:52:20.0407 0x0f80  AppMgmt - ok
17:52:20.0448 0x0f80  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
17:52:20.0457 0x0f80  arc - ok
17:52:20.0463 0x0f80  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
17:52:20.0472 0x0f80  arcsas - ok
17:52:20.0605 0x0f80  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:52:20.0621 0x0f80  aspnet_state - ok
17:52:20.0655 0x0f80  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:52:20.0773 0x0f80  AsyncMac - ok
17:52:20.0821 0x0f80  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:52:20.0834 0x0f80  atapi - ok
17:52:20.0890 0x0f80  [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:52:20.0943 0x0f80  AtiHDAudioService - ok
17:52:21.0017 0x0f80  [ B4BDE3F758A34658A37DFED3D9783CD8, BC9F6B9BDD639457894DE0F596AB3A655374E078796762FE5E8E5414F0481208 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
17:52:21.0025 0x0f80  atksgt - ok
17:52:21.0085 0x0f80  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:52:21.0143 0x0f80  AudioEndpointBuilder - ok
17:52:21.0177 0x0f80  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:52:21.0195 0x0f80  AudioSrv - ok
17:52:21.0442 0x0f80  [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0       C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
17:52:21.0453 0x0f80  AVP15.0.0 - ok
17:52:21.0502 0x0f80  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:52:21.0625 0x0f80  AxInstSV - ok
17:52:21.0675 0x0f80  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
17:52:21.0744 0x0f80  b06bdrv - ok
17:52:21.0787 0x0f80  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:52:21.0833 0x0f80  b57nd60a - ok
17:52:21.0958 0x0f80  [ 44E6E51AEDBF3E0B38A6CD5432649E57, AB7F3EF0F5859B6C759BF1B9704C2F839166905C02300057997836C4B07A2221 ] BCMH43XX        C:\Windows\system32\DRIVERS\bcmwlhigh664.sys
17:52:21.0986 0x0f80  BCMH43XX - ok
17:52:22.0024 0x0f80  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:52:22.0083 0x0f80  BDESVC - ok
17:52:22.0133 0x0f80  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:52:22.0190 0x0f80  Beep - ok
17:52:22.0283 0x0f80  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:52:22.0397 0x0f80  BFE - ok
17:52:22.0598 0x0f80  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:52:23.0688 0x0f80  BITS - ok
17:52:23.0715 0x0f80  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:52:23.0737 0x0f80  blbdrive - ok
17:52:23.0772 0x0f80  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:52:23.0790 0x0f80  bowser - ok
17:52:23.0830 0x0f80  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:52:23.0910 0x0f80  BrFiltLo - ok
17:52:23.0914 0x0f80  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:52:23.0943 0x0f80  BrFiltUp - ok
17:52:23.0977 0x0f80  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:52:24.0047 0x0f80  Browser - ok
17:52:24.0103 0x0f80  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:52:24.0225 0x0f80  Brserid - ok
17:52:24.0246 0x0f80  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:52:24.0278 0x0f80  BrSerWdm - ok
17:52:24.0304 0x0f80  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:52:24.0329 0x0f80  BrUsbMdm - ok
17:52:24.0331 0x0f80  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:52:24.0339 0x0f80  BrUsbSer - ok
17:52:24.0510 0x0f80  [ D06D2E9564B8EB6EFDAF6E44E358C52B, CB9791A28BC255E5C47F19F0345BE796226D0956E33942CB21CA113A1E7867AB ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
17:52:24.0528 0x0f80  BstHdAndroidSvc - ok
17:52:24.0592 0x0f80  [ 0BEBC1455AD308493CC5AAB69789A251, 9E72FC030FF8D778C400FC347AC038E2C81278CAA55788A769BC55D6FD80A8F4 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
17:52:24.0603 0x0f80  BstHdDrv - ok
17:52:24.0655 0x0f80  [ 0592A705BBDFD7563F3055FD02C939BB, 4712407ACAB144E64A8D130DD271A54FD4495E470A6A8A676E70EA57956B6F90 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
17:52:24.0671 0x0f80  BstHdLogRotatorSvc - ok
17:52:24.0741 0x0f80  [ 2E0CED88F254A3929AE3167456768992, A7CB4F246DEB84FAF77E5CF7A5EA4DD457CE33EFE3009FD5645CF45D78DF1C0C ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
17:52:24.0768 0x0f80  BstHdUpdaterSvc - ok
17:52:24.0797 0x0f80  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
17:52:24.0825 0x0f80  BTHMODEM - ok
17:52:24.0906 0x0f80  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:52:24.0948 0x0f80  bthserv - ok
17:52:24.0996 0x0f80  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:52:25.0039 0x0f80  cdfs - ok
17:52:25.0116 0x0f80  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:52:25.0153 0x0f80  cdrom - ok
17:52:25.0203 0x0f80  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:52:25.0243 0x0f80  CertPropSvc - ok
17:52:25.0404 0x0f80  [ 23E65CFFB215D4A2A3DCA8E8A0017E5B, A28772C37BCDE7710600948AA7FAD21EEF01646CC219BD8E3D09B493D2F73243 ] CGVPNCliService C:\Program Files\CyberGhost 5\Service.exe
17:52:25.0413 0x0f80  CGVPNCliService - ok
17:52:25.0455 0x0f80  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
17:52:25.0485 0x0f80  circlass - ok
17:52:25.0557 0x0f80  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:52:25.0577 0x0f80  CLFS - ok
17:52:25.0629 0x0f80  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:52:25.0642 0x0f80  clr_optimization_v2.0.50727_32 - ok
17:52:25.0682 0x0f80  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:52:25.0692 0x0f80  clr_optimization_v2.0.50727_64 - ok
17:52:25.0770 0x0f80  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:52:25.0791 0x0f80  clr_optimization_v4.0.30319_32 - ok
17:52:25.0843 0x0f80  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:52:25.0865 0x0f80  clr_optimization_v4.0.30319_64 - ok
17:52:25.0896 0x0f80  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:52:25.0926 0x0f80  CmBatt - ok
17:52:25.0950 0x0f80  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:52:25.0957 0x0f80  cmdide - ok
17:52:26.0052 0x0f80  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:52:26.0091 0x0f80  CNG - ok
17:52:26.0148 0x0f80  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:52:26.0154 0x0f80  Compbatt - ok
17:52:26.0185 0x0f80  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
17:52:26.0227 0x0f80  CompositeBus - ok
17:52:26.0255 0x0f80  COMSysApp - ok
17:52:26.0297 0x0f80  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
17:52:26.0309 0x0f80  crcdisk - ok
17:52:26.0360 0x0f80  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:52:26.0405 0x0f80  CryptSvc - ok
17:52:26.0437 0x0f80  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
17:52:26.0494 0x0f80  CSC - ok
17:52:26.0622 0x0f80  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:52:26.0681 0x0f80  CscService - ok
17:52:26.0756 0x0f80  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:52:26.0789 0x0f80  DcomLaunch - ok
17:52:26.0810 0x0f80  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:52:26.0854 0x0f80  defragsvc - ok
17:52:26.0880 0x0f80  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:52:26.0936 0x0f80  DfsC - ok
17:52:26.0990 0x0f80  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:52:27.0063 0x0f80  Dhcp - ok
17:52:27.0172 0x0f80  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:52:27.0280 0x0f80  DiagTrack - ok
17:52:27.0302 0x0f80  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:52:27.0352 0x0f80  discache - ok
17:52:27.0386 0x0f80  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
17:52:27.0393 0x0f80  Disk - ok
17:52:27.0466 0x0f80  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:52:27.0536 0x0f80  Dnscache - ok
17:52:27.0567 0x0f80  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:52:27.0635 0x0f80  dot3svc - ok
17:52:27.0676 0x0f80  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:52:27.0739 0x0f80  DPS - ok
17:52:27.0785 0x0f80  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:52:27.0834 0x0f80  drmkaud - ok
17:52:27.0880 0x0f80  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:52:27.0901 0x0f80  DXGKrnl - ok
17:52:27.0950 0x0f80  [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD, 967829CE37158020F6026C588260FCFC6F9852DDDACD622FAF7AB75121DF5B3D ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
17:52:27.0988 0x0f80  E1G60 - ok
17:52:28.0030 0x0f80  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:52:28.0095 0x0f80  EapHost - ok
17:52:28.0269 0x0f80  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
17:52:28.0326 0x0f80  ebdrv - ok
17:52:28.0352 0x0f80  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
17:52:28.0394 0x0f80  EFS - ok
17:52:28.0494 0x0f80  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:52:28.0630 0x0f80  ehRecvr - ok
17:52:28.0660 0x0f80  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:52:28.0713 0x0f80  ehSched - ok
17:52:28.0761 0x0f80  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
17:52:28.0774 0x0f80  elxstor - ok
17:52:28.0791 0x0f80  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:52:28.0799 0x0f80  ErrDev - ok
17:52:28.0938 0x0f80  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:52:29.0000 0x0f80  EventSystem - ok
17:52:29.0023 0x0f80  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:52:29.0066 0x0f80  exfat - ok
17:52:29.0091 0x0f80  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:52:29.0116 0x0f80  fastfat - ok
17:52:29.0180 0x0f80  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:52:29.0250 0x0f80  Fax - ok
17:52:29.0265 0x0f80  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
17:52:29.0287 0x0f80  fdc - ok
17:52:29.0328 0x0f80  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:52:29.0368 0x0f80  fdPHost - ok
17:52:29.0391 0x0f80  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:52:29.0435 0x0f80  FDResPub - ok
17:52:29.0453 0x0f80  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:52:29.0460 0x0f80  FileInfo - ok
17:52:29.0482 0x0f80  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:52:29.0503 0x0f80  Filetrace - ok
17:52:29.0539 0x0f80  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
17:52:29.0566 0x0f80  flpydisk - ok
17:52:29.0605 0x0f80  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:52:29.0616 0x0f80  FltMgr - ok
17:52:29.0690 0x0f80  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
17:52:29.0796 0x0f80  FontCache - ok
17:52:29.0837 0x0f80  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:52:29.0844 0x0f80  FontCache3.0.0.0 - ok
17:52:29.0856 0x0f80  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:52:29.0863 0x0f80  FsDepends - ok
17:52:29.0886 0x0f80  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:52:29.0893 0x0f80  Fs_Rec - ok
17:52:29.0942 0x0f80  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:52:29.0952 0x0f80  fvevol - ok
17:52:29.0988 0x0f80  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
17:52:29.0995 0x0f80  gagp30kx - ok
17:52:30.0034 0x0f80  [ 1543775197DD1A27D16C0FA0FF73CAFB, B149282AFA5A60CEC797B643207F2541722C360989148FBC7A06DA0EB501ABED ] GDKBFlt         C:\Windows\system32\drivers\GDKBFlt64.sys
17:52:30.0039 0x0f80  GDKBFlt - ok
17:52:30.0064 0x0f80  gdrv - ok
17:52:30.0115 0x0f80  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:52:30.0120 0x0f80  GEARAspiWDM - ok
17:52:30.0254 0x0f80  [ 5AE64F0DDD7EBD1532FC70ECDB963023, 28D5F5B1B3AFC335EFC1ABD1B8EBA3C9629C6552F81670A4B5DBDFB18110C5D7 ] GoogleIMEJaCacheService C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
17:52:30.0283 0x0f80  GoogleIMEJaCacheService - ok
17:52:30.0338 0x0f80  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:52:30.0423 0x0f80  gpsvc - ok
17:52:30.0484 0x0f80  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:52:30.0492 0x0f80  gupdate - ok
17:52:30.0501 0x0f80  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:52:30.0507 0x0f80  gupdatem - ok
17:52:30.0531 0x0f80  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:52:30.0573 0x0f80  hcw85cir - ok
17:52:30.0632 0x0f80  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:52:30.0661 0x0f80  HdAudAddService - ok
17:52:30.0722 0x0f80  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
17:52:30.0746 0x0f80  HDAudBus - ok
17:52:30.0775 0x0f80  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
17:52:30.0782 0x0f80  HidBatt - ok
17:52:30.0787 0x0f80  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
17:52:30.0796 0x0f80  HidBth - ok
17:52:30.0800 0x0f80  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
17:52:30.0825 0x0f80  HidIr - ok
17:52:30.0858 0x0f80  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:52:30.0919 0x0f80  hidserv - ok
17:52:30.0975 0x0f80  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:52:30.0992 0x0f80  HidUsb - ok
17:52:31.0011 0x0f80  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:52:31.0056 0x0f80  hkmsvc - ok
17:52:31.0122 0x0f80  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:52:31.0197 0x0f80  HomeGroupListener - ok
17:52:31.0220 0x0f80  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:52:31.0251 0x0f80  HomeGroupProvider - ok
17:52:31.0311 0x0f80  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:52:31.0318 0x0f80  HpSAMD - ok
17:52:31.0355 0x0f80  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:52:31.0405 0x0f80  HTTP - ok
17:52:31.0425 0x0f80  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:52:31.0431 0x0f80  hwpolicy - ok
17:52:31.0478 0x0f80  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:52:31.0487 0x0f80  i8042prt - ok
17:52:31.0528 0x0f80  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:52:31.0542 0x0f80  iaStor - ok
17:52:31.0657 0x0f80  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:52:31.0668 0x0f80  IAStorDataMgrSvc - ok
17:52:31.0711 0x0f80  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:52:31.0724 0x0f80  iaStorV - ok
17:52:31.0852 0x0f80  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:52:31.0953 0x0f80  idsvc - ok
17:52:31.0975 0x0f80  IEEtwCollectorService - ok
17:52:32.0000 0x0f80  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
17:52:32.0006 0x0f80  iirsp - ok
17:52:32.0063 0x0f80  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:52:32.0155 0x0f80  IKEEXT - ok
17:52:32.0260 0x0f80  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:52:32.0275 0x0f80  Intel(R) Capability Licensing Service Interface - ok
17:52:32.0303 0x0f80  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:52:32.0309 0x0f80  intelide - ok
17:52:32.0345 0x0f80  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:52:32.0353 0x0f80  intelppm - ok
17:52:32.0394 0x0f80  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:52:32.0443 0x0f80  IPBusEnum - ok
17:52:32.0511 0x0f80  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:52:32.0555 0x0f80  IpFilterDriver - ok
17:52:32.0604 0x0f80  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:52:32.0641 0x0f80  iphlpsvc - ok
17:52:32.0664 0x0f80  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:52:32.0696 0x0f80  IPMIDRV - ok
17:52:32.0760 0x0f80  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:52:32.0782 0x0f80  IPNAT - ok
17:52:32.0925 0x0f80  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:52:32.0949 0x0f80  iPod Service - ok
17:52:32.0973 0x0f80  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:52:33.0050 0x0f80  IRENUM - ok
17:52:33.0095 0x0f80  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:52:33.0101 0x0f80  isapnp - ok
17:52:33.0129 0x0f80  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:52:33.0138 0x0f80  iScsiPrt - ok
17:52:33.0172 0x0f80  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:52:33.0178 0x0f80  iusb3hcs - ok
17:52:33.0235 0x0f80  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
17:52:33.0245 0x0f80  iusb3hub - ok
17:52:33.0264 0x0f80  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:52:33.0281 0x0f80  iusb3xhc - ok
17:52:33.0348 0x0f80  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:52:33.0356 0x0f80  jhi_service - ok
17:52:33.0380 0x0f80  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
17:52:33.0386 0x0f80  kbdclass - ok
17:52:33.0420 0x0f80  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:52:33.0448 0x0f80  kbdhid - ok
17:52:33.0475 0x0f80  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
17:52:33.0483 0x0f80  KeyIso - ok
17:52:33.0537 0x0f80  [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
17:52:33.0550 0x0f80  kl1 - ok
17:52:33.0653 0x0f80  [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt           C:\Windows\system32\DRIVERS\klflt.sys
17:52:33.0662 0x0f80  klflt - ok
17:52:33.0702 0x0f80  [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
17:52:33.0712 0x0f80  klhk - ok
17:52:33.0755 0x0f80  [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
17:52:33.0775 0x0f80  KLIF - ok
17:52:33.0810 0x0f80  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
17:52:33.0817 0x0f80  KLIM6 - ok
17:52:33.0831 0x0f80  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
17:52:33.0837 0x0f80  klkbdflt - ok
17:52:33.0863 0x0f80  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
17:52:33.0869 0x0f80  klmouflt - ok
17:52:33.0907 0x0f80  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
17:52:33.0913 0x0f80  klpd - ok
17:52:33.0931 0x0f80  [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
17:52:33.0938 0x0f80  kltdi - ok
17:52:33.0966 0x0f80  [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
17:52:33.0974 0x0f80  kneps - ok
17:52:34.0005 0x0f80  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:52:34.0012 0x0f80  KSecDD - ok
17:52:34.0074 0x0f80  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:52:34.0090 0x0f80  KSecPkg - ok
17:52:34.0107 0x0f80  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:52:34.0149 0x0f80  ksthunk - ok
17:52:34.0200 0x0f80  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:52:34.0251 0x0f80  KtmRm - ok
17:52:34.0291 0x0f80  [ A43A9920D2409BB9DA747D2FD20A2E61, 6D48897F3B9F0D04FC0C09017A34F1614C708476829F275682963F162BCBE8A0 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
17:52:34.0299 0x0f80  L1C - ok
17:52:34.0363 0x0f80  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:52:34.0399 0x0f80  LanmanServer - ok
17:52:34.0488 0x0f80  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:52:34.0536 0x0f80  LanmanWorkstation - ok
17:52:34.0611 0x0f80  [ 955982BF4421B77722196552B62E8DC2, 3732449ACDBB78E1ED8436DF153C899C28573F458FDCFE345DFA1B305D085033 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
17:52:34.0618 0x0f80  lirsgt - ok
17:52:34.0664 0x0f80  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:52:34.0705 0x0f80  lltdio - ok
17:52:34.0794 0x0f80  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:52:34.0847 0x0f80  lltdsvc - ok
17:52:34.0869 0x0f80  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:52:34.0890 0x0f80  lmhosts - ok
17:52:34.0936 0x0f80  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:52:34.0945 0x0f80  LMS - ok
17:52:34.0975 0x0f80  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
17:52:34.0983 0x0f80  LSI_FC - ok
17:52:35.0003 0x0f80  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
17:52:35.0010 0x0f80  LSI_SAS - ok
17:52:35.0017 0x0f80  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:52:35.0024 0x0f80  LSI_SAS2 - ok
17:52:35.0032 0x0f80  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:52:35.0039 0x0f80  LSI_SCSI - ok
17:52:35.0081 0x0f80  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:52:35.0124 0x0f80  luafv - ok
17:52:35.0155 0x0f80  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:52:35.0179 0x0f80  Mcx2Svc - ok
17:52:35.0197 0x0f80  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
17:52:35.0204 0x0f80  megasas - ok
17:52:35.0238 0x0f80  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
17:52:35.0249 0x0f80  MegaSR - ok
17:52:35.0271 0x0f80  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:52:35.0277 0x0f80  MEIx64 - ok
17:52:35.0333 0x0f80  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:52:35.0375 0x0f80  MMCSS - ok
17:52:35.0398 0x0f80  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:52:35.0418 0x0f80  Modem - ok
17:52:35.0456 0x0f80  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:52:35.0465 0x0f80  monitor - ok
17:52:35.0493 0x0f80  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
17:52:35.0500 0x0f80  mouclass - ok
17:52:35.0532 0x0f80  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:52:35.0553 0x0f80  mouhid - ok
17:52:35.0588 0x0f80  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:52:35.0595 0x0f80  mountmgr - ok
17:52:35.0645 0x0f80  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:52:35.0655 0x0f80  MozillaMaintenance - ok
17:52:35.0676 0x0f80  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:52:35.0684 0x0f80  mpio - ok
17:52:35.0718 0x0f80  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:52:35.0740 0x0f80  mpsdrv - ok
17:52:35.0816 0x0f80  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:52:35.0892 0x0f80  MpsSvc - ok
17:52:35.0929 0x0f80  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:52:35.0970 0x0f80  MRxDAV - ok
17:52:35.0989 0x0f80  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:52:36.0034 0x0f80  mrxsmb - ok
17:52:36.0096 0x0f80  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:52:36.0131 0x0f80  mrxsmb10 - ok
17:52:36.0154 0x0f80  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:52:36.0181 0x0f80  mrxsmb20 - ok
17:52:36.0222 0x0f80  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:52:36.0229 0x0f80  msahci - ok
17:52:36.0246 0x0f80  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:52:36.0254 0x0f80  msdsm - ok
17:52:36.0265 0x0f80  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:52:36.0294 0x0f80  MSDTC - ok
17:52:36.0323 0x0f80  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:52:36.0360 0x0f80  Msfs - ok
17:52:36.0381 0x0f80  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:52:36.0423 0x0f80  mshidkmdf - ok
17:52:36.0449 0x0f80  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:52:36.0455 0x0f80  msisadrv - ok
17:52:36.0521 0x0f80  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:52:36.0608 0x0f80  MSiSCSI - ok
17:52:36.0612 0x0f80  msiserver - ok
17:52:36.0651 0x0f80  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:52:36.0673 0x0f80  MSKSSRV - ok
17:52:36.0676 0x0f80  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:52:36.0697 0x0f80  MSPCLOCK - ok
17:52:36.0700 0x0f80  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:52:36.0729 0x0f80  MSPQM - ok
17:52:36.0769 0x0f80  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:52:36.0781 0x0f80  MsRPC - ok
17:52:36.0801 0x0f80  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
17:52:36.0807 0x0f80  mssmbios - ok
17:52:36.0828 0x0f80  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:52:36.0861 0x0f80  MSTEE - ok
17:52:36.0871 0x0f80  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
17:52:36.0902 0x0f80  MTConfig - ok
17:52:36.0923 0x0f80  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:52:36.0930 0x0f80  Mup - ok
17:52:36.0977 0x0f80  [ 7EAE8A7EE4955DC1439E6C93D5CC7EE4, 2A967660945080C6176E508DA2133F5DF00E944130453119B03E86D157645032 ] mvs91xx         C:\Windows\system32\DRIVERS\mvs91xx.sys
17:52:36.0999 0x0f80  mvs91xx - ok
17:52:37.0064 0x0f80  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:52:37.0124 0x0f80  napagent - ok
17:52:37.0179 0x0f80  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:52:37.0221 0x0f80  NativeWifiP - ok
17:52:37.0367 0x0f80  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:52:37.0387 0x0f80  NDIS - ok
17:52:37.0403 0x0f80  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:52:37.0442 0x0f80  NdisCap - ok
17:52:37.0477 0x0f80  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:52:37.0498 0x0f80  NdisTapi - ok
17:52:37.0533 0x0f80  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:52:37.0553 0x0f80  Ndisuio - ok
17:52:37.0599 0x0f80  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:52:37.0622 0x0f80  NdisWan - ok
17:52:37.0661 0x0f80  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:52:37.0702 0x0f80  NDProxy - ok
17:52:37.0746 0x0f80  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:52:37.0787 0x0f80  NetBIOS - ok
17:52:37.0850 0x0f80  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:52:37.0936 0x0f80  NetBT - ok
17:52:37.0982 0x0f80  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
17:52:37.0989 0x0f80  Netlogon - ok
17:52:38.0062 0x0f80  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:52:38.0120 0x0f80  Netman - ok
17:52:38.0161 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:38.0172 0x0f80  NetMsmqActivator - ok
17:52:38.0178 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:38.0186 0x0f80  NetPipeActivator - ok
17:52:38.0208 0x0f80  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:52:38.0246 0x0f80  netprofm - ok
17:52:38.0261 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:38.0270 0x0f80  NetTcpActivator - ok
17:52:38.0276 0x0f80  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:52:38.0285 0x0f80  NetTcpPortSharing - ok
17:52:38.0332 0x0f80  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
17:52:38.0338 0x0f80  nfrd960 - ok
17:52:38.0381 0x0f80  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:52:38.0443 0x0f80  NlaSvc - ok
17:52:38.0493 0x0f80  [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] NPF             C:\Windows\system32\DRIVERS\npf.sys
17:52:38.0499 0x0f80  NPF - ok
17:52:38.0518 0x0f80  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:52:38.0539 0x0f80  Npfs - ok
17:52:38.0574 0x0f80  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:52:38.0629 0x0f80  nsi - ok
17:52:38.0652 0x0f80  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:52:38.0678 0x0f80  nsiproxy - ok
17:52:38.0751 0x0f80  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:52:38.0782 0x0f80  Ntfs - ok
17:52:38.0797 0x0f80  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:52:38.0833 0x0f80  Null - ok
17:52:38.0861 0x0f80  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:52:38.0871 0x0f80  nvraid - ok
17:52:38.0908 0x0f80  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:52:38.0916 0x0f80  nvstor - ok
17:52:38.0965 0x0f80  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:52:38.0973 0x0f80  nv_agp - ok
17:52:38.0986 0x0f80  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:52:38.0994 0x0f80  ohci1394 - ok
17:52:39.0021 0x0f80  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:52:39.0095 0x0f80  p2pimsvc - ok
17:52:39.0131 0x0f80  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:52:39.0178 0x0f80  p2psvc - ok
17:52:39.0221 0x0f80  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:52:39.0241 0x0f80  Parport - ok
17:52:39.0257 0x0f80  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:52:39.0264 0x0f80  partmgr - ok
17:52:39.0292 0x0f80  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:52:39.0337 0x0f80  PcaSvc - ok
17:52:39.0369 0x0f80  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:52:39.0378 0x0f80  pci - ok
17:52:39.0398 0x0f80  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:52:39.0404 0x0f80  pciide - ok
17:52:39.0430 0x0f80  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
17:52:39.0440 0x0f80  pcmcia - ok
17:52:39.0453 0x0f80  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:52:39.0461 0x0f80  pcw - ok
17:52:39.0490 0x0f80  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:52:39.0506 0x0f80  PEAUTH - ok
17:52:39.0614 0x0f80  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:52:39.0727 0x0f80  PeerDistSvc - ok
17:52:39.0852 0x0f80  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:52:39.0882 0x0f80  PerfHost - ok
17:52:40.0001 0x0f80  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:52:40.0076 0x0f80  pla - ok
17:52:40.0156 0x0f80  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:52:40.0208 0x0f80  PlugPlay - ok
17:52:40.0230 0x0f80  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:52:40.0238 0x0f80  PNRPAutoReg - ok
17:52:40.0253 0x0f80  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:52:40.0265 0x0f80  PNRPsvc - ok
17:52:40.0308 0x0f80  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:52:40.0362 0x0f80  PolicyAgent - ok
17:52:40.0401 0x0f80  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:52:40.0426 0x0f80  Power - ok
17:52:40.0472 0x0f80  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:52:40.0509 0x0f80  PptpMiniport - ok
17:52:40.0531 0x0f80  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
17:52:40.0554 0x0f80  Processor - ok
17:52:40.0591 0x0f80  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:52:40.0610 0x0f80  ProfSvc - ok
17:52:40.0622 0x0f80  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:52:40.0629 0x0f80  ProtectedStorage - ok
17:52:40.0719 0x0f80  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:52:40.0763 0x0f80  Psched - ok
17:52:40.0880 0x0f80  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
17:52:40.0908 0x0f80  ql2300 - ok
17:52:40.0934 0x0f80  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
17:52:40.0943 0x0f80  ql40xx - ok
17:52:40.0966 0x0f80  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:52:40.0981 0x0f80  QWAVE - ok
17:52:40.0987 0x0f80  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:52:41.0011 0x0f80  QWAVEdrv - ok
17:52:41.0036 0x0f80  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:52:41.0086 0x0f80  RasAcd - ok
17:52:41.0120 0x0f80  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:52:41.0168 0x0f80  RasAgileVpn - ok
17:52:41.0221 0x0f80  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:52:41.0264 0x0f80  RasAuto - ok
17:52:41.0306 0x0f80  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:52:41.0327 0x0f80  Rasl2tp - ok
17:52:41.0386 0x0f80  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:52:41.0444 0x0f80  RasMan - ok
17:52:41.0484 0x0f80  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:52:41.0519 0x0f80  RasPppoe - ok
17:52:41.0539 0x0f80  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:52:41.0560 0x0f80  RasSstp - ok
17:52:41.0604 0x0f80  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:52:41.0640 0x0f80  rdbss - ok
17:52:41.0658 0x0f80  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:52:41.0667 0x0f80  rdpbus - ok
17:52:41.0676 0x0f80  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:52:41.0712 0x0f80  RDPCDD - ok
17:52:41.0743 0x0f80  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:52:41.0785 0x0f80  RDPDR - ok
17:52:41.0815 0x0f80  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:52:41.0850 0x0f80  RDPENCDD - ok
17:52:41.0862 0x0f80  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:52:41.0900 0x0f80  RDPREFMP - ok
17:52:41.0953 0x0f80  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:52:42.0016 0x0f80  RdpVideoMiniport - ok
17:52:42.0052 0x0f80  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:52:42.0114 0x0f80  RDPWD - ok
17:52:42.0148 0x0f80  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:52:42.0158 0x0f80  rdyboost - ok
17:52:42.0178 0x0f80  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:52:42.0218 0x0f80  RemoteAccess - ok
17:52:42.0297 0x0f80  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:52:42.0351 0x0f80  RemoteRegistry - ok
17:52:42.0387 0x0f80  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:52:42.0435 0x0f80  RpcEptMapper - ok
17:52:42.0453 0x0f80  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:52:42.0476 0x0f80  RpcLocator - ok
17:52:42.0570 0x0f80  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:52:42.0610 0x0f80  RpcSs - ok
17:52:42.0653 0x0f80  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:52:42.0694 0x0f80  rspndr - ok
17:52:42.0710 0x0f80  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:52:42.0722 0x0f80  s3cap - ok
17:52:42.0737 0x0f80  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
17:52:42.0745 0x0f80  SamSs - ok
17:52:42.0764 0x0f80  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:52:42.0771 0x0f80  sbp2port - ok
17:52:42.0825 0x0f80  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:52:42.0855 0x0f80  SCardSvr - ok
17:52:42.0878 0x0f80  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:52:42.0899 0x0f80  scfilter - ok
17:52:43.0094 0x0f80  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:52:43.0179 0x0f80  Schedule - ok
17:52:43.0222 0x0f80  [ 2A50BE713FAF033420466C25979C028E, 46EAF744B8EB23F5D134D63C4600EE46662FAB28282CD762945DFB448D2463B3 ] SCMNdisP        C:\Windows\system32\DRIVERS\scmndisp.sys
17:52:43.0228 0x0f80  SCMNdisP - ok
17:52:43.0245 0x0f80  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:52:43.0265 0x0f80  SCPolicySvc - ok
17:52:43.0289 0x0f80  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:52:43.0340 0x0f80  SDRSVC - ok
17:52:43.0373 0x0f80  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:52:43.0424 0x0f80  secdrv - ok
17:52:43.0452 0x0f80  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:52:43.0487 0x0f80  seclogon - ok
17:52:43.0523 0x0f80  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:52:43.0564 0x0f80  SENS - ok
17:52:43.0583 0x0f80  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:52:43.0626 0x0f80  SensrSvc - ok
17:52:43.0674 0x0f80  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:52:43.0706 0x0f80  Serenum - ok
17:52:43.0727 0x0f80  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:52:43.0742 0x0f80  Serial - ok
17:52:43.0783 0x0f80  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
17:52:43.0791 0x0f80  sermouse - ok
17:52:43.0817 0x0f80  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:52:43.0862 0x0f80  SessionEnv - ok
17:52:43.0880 0x0f80  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:52:43.0915 0x0f80  sffdisk - ok
17:52:43.0934 0x0f80  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:52:43.0978 0x0f80  sffp_mmc - ok
17:52:44.0004 0x0f80  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:52:44.0015 0x0f80  sffp_sd - ok
17:52:44.0052 0x0f80  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
17:52:44.0076 0x0f80  sfloppy - ok
17:52:44.0108 0x0f80  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:52:44.0137 0x0f80  SharedAccess - ok
17:52:44.0170 0x0f80  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:52:44.0229 0x0f80  ShellHWDetection - ok
17:52:44.0266 0x0f80  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:52:44.0293 0x0f80  SiSRaid2 - ok
17:52:44.0325 0x0f80  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
17:52:44.0333 0x0f80  SiSRaid4 - ok
17:52:44.0421 0x0f80  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:52:44.0435 0x0f80  SkypeUpdate - ok
17:52:44.0465 0x0f80  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:52:44.0486 0x0f80  Smb - ok
17:52:44.0505 0x0f80  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:52:44.0530 0x0f80  SNMPTRAP - ok
17:52:44.0560 0x0f80  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:52:44.0566 0x0f80  spldr - ok
17:52:44.0643 0x0f80  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:52:44.0700 0x0f80  Spooler - ok
17:52:44.0860 0x0f80  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:52:44.0980 0x0f80  sppsvc - ok
17:52:45.0034 0x0f80  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:52:45.0072 0x0f80  sppuinotify - ok
17:52:45.0140 0x0f80  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:52:45.0202 0x0f80  srv - ok
17:52:45.0226 0x0f80  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:52:45.0265 0x0f80  srv2 - ok
17:52:45.0296 0x0f80  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:52:45.0327 0x0f80  srvnet - ok
17:52:45.0375 0x0f80  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:52:45.0419 0x0f80  SSDPSRV - ok
17:52:45.0442 0x0f80  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:52:45.0479 0x0f80  SstpSvc - ok
17:52:45.0520 0x0f80  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
17:52:45.0527 0x0f80  stexstor - ok
17:52:45.0553 0x0f80  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:52:45.0597 0x0f80  stisvc - ok
17:52:45.0628 0x0f80  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:52:45.0636 0x0f80  storflt - ok
17:52:45.0681 0x0f80  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:52:45.0688 0x0f80  storvsc - ok
17:52:45.0703 0x0f80  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
17:52:45.0709 0x0f80  swenum - ok
17:52:45.0745 0x0f80  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:52:45.0784 0x0f80  swprv - ok
17:52:45.0806 0x0f80  Synth3dVsc - ok
17:52:45.0989 0x0f80  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:52:46.0100 0x0f80  SysMain - ok
17:52:46.0128 0x0f80  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:52:46.0140 0x0f80  TabletInputService - ok
17:52:46.0180 0x0f80  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
17:52:46.0189 0x0f80  tap0901 - ok
17:52:46.0243 0x0f80  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:52:46.0280 0x0f80  TapiSrv - ok
17:52:46.0302 0x0f80  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:52:46.0324 0x0f80  TBS - ok
17:52:46.0434 0x0f80  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:52:46.0499 0x0f80  Tcpip - ok
17:52:46.0578 0x0f80  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:52:46.0613 0x0f80  TCPIP6 - ok
17:52:46.0634 0x0f80  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:52:46.0642 0x0f80  tcpipreg - ok
17:52:46.0663 0x0f80  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:52:46.0703 0x0f80  TDPIPE - ok
17:52:46.0730 0x0f80  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:52:46.0773 0x0f80  TDTCP - ok
17:52:46.0831 0x0f80  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:52:46.0879 0x0f80  tdx - ok
17:52:46.0898 0x0f80  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
17:52:46.0906 0x0f80  TermDD - ok
17:52:47.0115 0x0f80  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:52:47.0162 0x0f80  TermService - ok
17:52:47.0184 0x0f80  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:52:47.0197 0x0f80  Themes - ok
17:52:47.0218 0x0f80  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:52:47.0239 0x0f80  THREADORDER - ok
17:52:47.0276 0x0f80  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:52:47.0313 0x0f80  TrkWks - ok
17:52:47.0370 0x0f80  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:52:47.0425 0x0f80  TrustedInstaller - ok
17:52:47.0448 0x0f80  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:52:47.0492 0x0f80  tssecsrv - ok
17:52:47.0521 0x0f80  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:52:47.0569 0x0f80  TsUsbFlt - ok
17:52:47.0572 0x0f80  tsusbhub - ok
17:52:47.0645 0x0f80  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:52:47.0679 0x0f80  tunnel - ok
17:52:47.0713 0x0f80  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
17:52:47.0734 0x0f80  uagp35 - ok
17:52:47.0768 0x0f80  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:52:47.0809 0x0f80  udfs - ok
17:52:47.0862 0x0f80  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:52:47.0898 0x0f80  UI0Detect - ok
17:52:47.0954 0x0f80  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:52:47.0976 0x0f80  uliagpkx - ok
17:52:48.0030 0x0f80  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
17:52:48.0067 0x0f80  umbus - ok
17:52:48.0104 0x0f80  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
17:52:48.0134 0x0f80  UmPass - ok
17:52:48.0236 0x0f80  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:52:48.0261 0x0f80  UmRdpService - ok
17:52:48.0316 0x0f80  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:52:48.0390 0x0f80  upnphost - ok
17:52:48.0413 0x0f80  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:52:48.0472 0x0f80  usbccgp - ok
17:52:48.0518 0x0f80  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:52:48.0592 0x0f80  usbcir - ok
17:52:48.0623 0x0f80  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
17:52:48.0656 0x0f80  usbehci - ok
17:52:48.0720 0x0f80  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:52:48.0740 0x0f80  usbhub - ok
17:52:48.0774 0x0f80  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
17:52:48.0794 0x0f80  usbohci - ok
17:52:48.0815 0x0f80  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:52:48.0824 0x0f80  usbprint - ok
17:52:48.0868 0x0f80  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:52:48.0930 0x0f80  USBSTOR - ok
17:52:48.0953 0x0f80  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:52:48.0989 0x0f80  usbuhci - ok
17:52:49.0023 0x0f80  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:52:49.0064 0x0f80  UxSms - ok
17:52:49.0109 0x0f80  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
17:52:49.0116 0x0f80  VaultSvc - ok
17:52:49.0144 0x0f80  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:52:49.0152 0x0f80  vdrvroot - ok
17:52:49.0186 0x0f80  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:52:49.0218 0x0f80  vds - ok
17:52:49.0253 0x0f80  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:52:49.0262 0x0f80  vga - ok
17:52:49.0284 0x0f80  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:52:49.0326 0x0f80  VgaSave - ok
17:52:49.0328 0x0f80  VGPU - ok
17:52:49.0382 0x0f80  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:52:49.0406 0x0f80  vhdmp - ok
17:52:49.0627 0x0f80  [ 3CCC0D9607419AC28B4216C18F6FA5E9, D51049B48EAC426C78C0651630BE6995E78E3E0E045AA4A8C7285A9941BF22A3 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:52:49.0755 0x0f80  VIAHdAudAddService - ok
17:52:49.0776 0x0f80  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:52:49.0783 0x0f80  viaide - ok
17:52:49.0819 0x0f80  [ 888450E821E7A66CB8A4E5B7A01BA5C5, 9D78E82F533D045CB47E4BF452C1BF3F5451A71171D7D11E744CFA03C154D242 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
17:52:49.0826 0x0f80  VIAKaraokeService - ok
17:52:49.0871 0x0f80  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:52:49.0887 0x0f80  vmbus - ok
17:52:49.0900 0x0f80  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:52:49.0907 0x0f80  VMBusHID - ok
17:52:49.0919 0x0f80  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:52:49.0927 0x0f80  volmgr - ok
17:52:49.0952 0x0f80  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:52:49.0972 0x0f80  volmgrx - ok
17:52:50.0003 0x0f80  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:52:50.0023 0x0f80  volsnap - ok
17:52:50.0066 0x0f80  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
17:52:50.0076 0x0f80  vsmraid - ok
17:52:50.0221 0x0f80  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:52:50.0319 0x0f80  VSS - ok
17:52:50.0393 0x0f80  [ 316A1762BD41C3DB06EB484527838E2D, D358F9008F347BCE673C9EA5027FE9A2C169943A775DF012364965643C9AB794 ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
17:52:50.0427 0x0f80  VUSB3HUB - ok
17:52:50.0458 0x0f80  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:52:50.0492 0x0f80  vwifibus - ok
17:52:50.0560 0x0f80  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:52:50.0571 0x0f80  vwififlt - ok
17:52:50.0636 0x0f80  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:52:50.0677 0x0f80  W32Time - ok
17:52:50.0696 0x0f80  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
17:52:50.0722 0x0f80  WacomPen - ok
17:52:50.0774 0x0f80  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:52:50.0830 0x0f80  WANARP - ok
17:52:50.0835 0x0f80  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:52:50.0855 0x0f80  Wanarpv6 - ok
17:52:50.0999 0x0f80  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:52:51.0050 0x0f80  WatAdminSvc - ok
17:52:51.0251 0x0f80  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:52:51.0359 0x0f80  wbengine - ok
17:52:51.0384 0x0f80  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:52:51.0419 0x0f80  WbioSrvc - ok
17:52:51.0524 0x0f80  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:52:51.0574 0x0f80  wcncsvc - ok
17:52:51.0600 0x0f80  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:52:51.0619 0x0f80  WcsPlugInService - ok
17:52:51.0639 0x0f80  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
17:52:51.0647 0x0f80  Wd - ok
17:52:51.0686 0x0f80  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:52:51.0720 0x0f80  Wdf01000 - ok
17:52:51.0769 0x0f80  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:52:51.0821 0x0f80  WdiServiceHost - ok
17:52:51.0832 0x0f80  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:52:51.0841 0x0f80  WdiSystemHost - ok
17:52:51.0894 0x0f80  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:52:51.0953 0x0f80  WebClient - ok
17:52:52.0001 0x0f80  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:52:52.0069 0x0f80  Wecsvc - ok
17:52:52.0088 0x0f80  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:52:52.0126 0x0f80  wercplsupport - ok
17:52:52.0166 0x0f80  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:52:52.0195 0x0f80  WerSvc - ok
17:52:52.0228 0x0f80  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:52:52.0275 0x0f80  WfpLwf - ok
17:52:52.0312 0x0f80  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:52:52.0319 0x0f80  WIMMount - ok
17:52:52.0329 0x0f80  WinDefend - ok
17:52:52.0350 0x0f80  WinHttpAutoProxySvc - ok
17:52:52.0440 0x0f80  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:52:52.0466 0x0f80  Winmgmt - ok
17:52:52.0767 0x0f80  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:52:52.0871 0x0f80  WinRM - ok
17:52:52.0937 0x0f80  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
17:52:52.0961 0x0f80  WinUsb - ok
17:52:53.0076 0x0f80  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:52:53.0139 0x0f80  Wlansvc - ok
17:52:53.0184 0x0f80  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
17:52:53.0220 0x0f80  WmiAcpi - ok
17:52:53.0268 0x0f80  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:52:53.0286 0x0f80  wmiApSrv - ok
17:52:53.0328 0x0f80  WMPNetworkSvc - ok
17:52:53.0353 0x0f80  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:52:53.0405 0x0f80  WPCSvc - ok
17:52:53.0440 0x0f80  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:52:53.0469 0x0f80  WPDBusEnum - ok
17:52:53.0496 0x0f80  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:52:53.0536 0x0f80  ws2ifsl - ok
17:52:53.0571 0x0f80  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:52:53.0602 0x0f80  wscsvc - ok
17:52:53.0604 0x0f80  WSearch - ok
17:52:53.0785 0x0f80  [ E1C281225E6ECB16BC675D0687077E40, 79CD615FB6A05F791A554FC83717D2805829D07E16E96C2A9B41FF50847B5504 ] WSWNA3100       C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
17:52:53.0807 0x0f80  WSWNA3100 - ok
17:52:54.0121 0x0f80  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:52:54.0246 0x0f80  wuauserv - ok
17:52:54.0273 0x0f80  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:52:54.0296 0x0f80  WudfPf - ok
17:52:54.0327 0x0f80  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:52:54.0361 0x0f80  WUDFRd - ok
17:52:54.0391 0x0f80  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:52:54.0424 0x0f80  wudfsvc - ok
17:52:54.0496 0x0f80  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:52:54.0551 0x0f80  WwanSvc - ok
17:52:54.0625 0x0f80  [ FFDB0ED9D1D453F7F19DE55FE0706195, 926982B6204B3820AF3F9FE5A423938587E07CE1832B103AD77C5AEC2762DF3E ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
17:52:54.0668 0x0f80  xhcdrv - ok
17:52:54.0722 0x0f80  ================ Scan global ===============================
17:52:54.0761 0x0f80  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:52:54.0822 0x0f80  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
17:52:54.0842 0x0f80  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
17:52:54.0876 0x0f80  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:52:54.0905 0x0f80  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:52:54.0913 0x0f80  [ Global ] - ok
17:52:54.0913 0x0f80  ================ Scan MBR ==================================
17:52:54.0930 0x0f80  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:52:55.0159 0x0f80  \Device\Harddisk0\DR0 - ok
17:52:55.0162 0x0f80  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
17:52:55.0237 0x0f80  \Device\Harddisk1\DR1 - ok
17:52:55.0238 0x0f80  ================ Scan VBR ==================================
17:52:55.0260 0x0f80  [ 8633AD49C0C5497AF10BBBAEF545ED92 ] \Device\Harddisk0\DR0\Partition1
17:52:55.0261 0x0f80  \Device\Harddisk0\DR0\Partition1 - ok
17:52:55.0264 0x0f80  [ 9A8777CC4D48614CE5FC2BF9183695C8 ] \Device\Harddisk1\DR1\Partition1
17:52:55.0265 0x0f80  \Device\Harddisk1\DR1\Partition1 - ok
17:52:55.0265 0x0f80  ================ Scan generic autorun ======================
17:52:55.0271 0x0f80  Platinum - ok
17:52:55.0271 0x0f80  Trend Micro Client Framework - ok
17:52:55.0363 0x0f80  [ 6B90AE01904E5071226E2D2C4397FE52, F58DEC674B2D30AD67347708E4739E9ED2D4774B48CFD30E6009F7412EC597BC ] C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe
17:52:55.0419 0x0f80  Google Japanese Input Prelauncher - ok
17:52:55.0508 0x0f80  [ 5FC6AD6AE07F8827F954C4C6B73568E2, 6A2C1328BFBFB8D41CE268C2D1C26B1E2FCF2E426A98A740536689FB568ACFE9 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:52:55.0560 0x0f80  StartCCC - ok
17:52:55.0593 0x0f80  [ 968EDA6EA6E00DFAE78586BFA6322B74, 8F3A01704E67D2F9212A08F0D5B4FF15DEE4791E1BB303DF4C9CF7DD3871E6E5 ] C:\VIA_XHCI\usb3Monitor.exe
17:52:55.0628 0x0f80  VIAxHCUtl - detected UnsignedFile.Multi.Generic ( 1 )
17:52:58.0124 0x0f80  Detect skipped due to KSN trusted
17:52:58.0124 0x0f80  VIAxHCUtl - ok
17:52:58.0139 0x0f80  G Data ASM - ok
17:52:58.0194 0x0f80  [ 20769F05B2A6EBF78CF3D82ED0063236, 5D89FC2DF6E13BB062B723CA85C0EF10253ACE64EBA064A58A362DC581573C1E ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
17:52:58.0204 0x0f80  iTunesHelper - ok
17:52:58.0343 0x0f80  [ 02926E66A3E909194725D30911C0AEEF, 88CC5FDD229A9FD2B0F6D628D27032901B5CA5B6815294EACCC8EEE65279F664 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
17:52:58.0371 0x0f80  BlueStacks Agent - ok
17:52:58.0455 0x0f80  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:52:58.0514 0x0f80  Sidebar - ok
17:52:58.0536 0x0f80  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:52:58.0547 0x0f80  mctadmin - ok
17:52:58.0589 0x0f80  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:52:58.0613 0x0f80  Sidebar - ok
17:52:58.0627 0x0f80  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:52:58.0639 0x0f80  mctadmin - ok
17:52:58.0709 0x0f80  [ EF5B914540364AA5BA7672DFDFE5EEF1, 1A6CB9E88635849C6568E8748B3EF5E383EBF5E7C0299BBD3B8613EA6455024E ] C:\Program Files\CyberGhost 5\CyberGhost.exe
17:52:58.0756 0x0f80  CyberGhost - ok
17:52:58.0797 0x0f80  Skype - ok
17:52:58.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:52:59.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:00.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:01.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:02.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:03.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:04.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:05.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:06.0798 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:07.0799 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:08.0799 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:09.0799 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:10.0799 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:11.0799 0x0f80  Waiting for KSN requests completion. In queue: 106
17:53:12.0888 0x0f80  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x41000 ( enabled : updated )
17:53:12.0974 0x0f80  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\wmifw.exe ( 15.0.0.463 ), 0x41010 ( enabled )
17:53:15.0441 0x0f80  ============================================================
17:53:15.0441 0x0f80  Scan finished
17:53:15.0441 0x0f80  ============================================================
17:53:15.0446 0x130c  Detected object count: 0
17:53:15.0446 0x130c  Actual detected object count: 0
         


Alt 03.06.2015, 11:46   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
--> Windows-kein-Originalprodukt-Meldung

Alt 03.06.2015, 15:18   #7
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Hi,

[CODE]
Combofix Logfile:
Code:
ATTFilter
ComboFix 15-05-31.01 - Aaron 03.06.2015  15:48:00.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.7654.3626 [GMT 2:00]
ausgeführt von:: c:\users\Aaron\Downloads\ComboFix.exe
AV: Kaspersky Internet Security *Enabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Internet Security *Enabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Internet Security *Enabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-03 bis 2015-06-03  ))))))))))))))))))))))))))))))
.
.
2015-06-02 15:51 . 2015-06-02 15:51	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DF0D3F8D-7C09-4A03-A073-D6AE0D7C802F}\offreg.5080.dll
2015-06-02 15:50 . 2015-06-02 15:50	136408	----a-w-	c:\windows\system32\drivers\20C31D9D.sys
2015-06-02 15:50 . 2015-06-02 15:50	107736	----a-w-	c:\windows\system32\drivers\7EF21D72.sys
2015-06-02 15:09 . 2015-06-02 15:09	--------	d-----w-	c:\programdata\Malwarebytes
2015-06-02 15:09 . 2015-06-02 15:50	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-06-02 15:09 . 2015-06-02 15:09	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-02 15:07 . 2015-06-02 15:07	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-06-02 15:00 . 2015-06-02 15:00	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-05-31 18:09 . 2015-06-01 15:45	--------	d-----w-	C:\FRST
2015-05-31 08:57 . 2015-05-31 08:57	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DF0D3F8D-7C09-4A03-A073-D6AE0D7C802F}\offreg.4348.dll
2015-05-29 20:29 . 2015-05-03 03:16	12214312	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{DF0D3F8D-7C09-4A03-A073-D6AE0D7C802F}\mpengine.dll
2015-05-28 19:37 . 2015-05-28 19:37	--------	d-----w-	c:\users\Aaron\.android
2015-05-28 19:20 . 2015-05-29 20:22	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2015-05-28 19:20 . 2015-05-29 20:22	--------	d-----r-	c:\program files (x86)\Skype
2015-05-20 21:50 . 2015-05-20 21:50	--------	d-----w-	c:\windows\SysWow64\Wat
2015-05-20 21:50 . 2015-05-20 21:50	--------	d-----w-	c:\windows\system32\Wat
2015-05-19 17:22 . 2015-05-19 17:22	--------	d-----w-	c:\users\Aaron\AppData\Local\Apple Computer
2015-05-19 17:22 . 2015-05-19 17:22	--------	d-----w-	c:\users\Aaron\AppData\Roaming\Apple Computer
2015-05-19 17:21 . 2012-10-03 14:14	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2015-05-19 17:21 . 2015-05-19 17:21	--------	dc----w-	c:\windows\system32\DRVSTORE
2015-05-19 17:21 . 2015-05-19 17:21	--------	d-----w-	c:\programdata\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-19 17:21 . 2015-05-19 17:21	--------	d-----w-	c:\program files\iTunes
2015-05-19 17:21 . 2015-05-19 17:21	--------	d-----w-	c:\program files (x86)\iTunes
2015-05-19 17:21 . 2015-05-19 17:21	--------	d-----w-	c:\programdata\Apple Computer
2015-05-19 17:21 . 2015-05-19 17:21	--------	d-----w-	c:\program files\iPod
2015-05-19 17:20 . 2015-05-19 17:20	--------	d-----w-	c:\users\Aaron\AppData\Local\Apple
2015-05-19 17:20 . 2015-05-21 20:04	--------	d-----w-	c:\program files\Common Files\Apple
2015-05-19 17:19 . 2015-05-21 20:04	--------	d-----w-	c:\program files (x86)\Common Files\Apple
2015-05-19 17:19 . 2015-05-21 20:03	--------	d-----w-	c:\programdata\Apple
2015-05-19 15:24 . 2015-05-19 15:24	--------	d-----w-	c:\programdata\InstallShield
2015-05-19 15:24 . 2015-05-19 15:24	--------	d-----w-	c:\windows\system32\AGEIA
2015-05-19 15:24 . 2015-05-19 15:24	--------	d-----w-	c:\windows\SysWow64\AGEIA
2015-05-19 15:24 . 2015-05-19 15:24	--------	d-----w-	c:\program files (x86)\AGEIA Technologies
2015-05-19 15:24 . 2015-05-19 15:24	--------	d-----w-	c:\program files (x86)\Common Files\Wise Installation Wizard
2015-05-19 15:24 . 2015-05-31 08:49	88480	----a-w-	c:\windows\system32\drivers\atksgt.sys
2015-05-19 15:24 . 2015-05-31 08:49	46400	----a-w-	c:\windows\system32\drivers\lirsgt.sys
2015-05-19 15:21 . 2015-05-19 15:21	--------	d-----w-	c:\program files (x86)\Focus
2015-05-19 15:21 . 2004-08-09 04:04	73728	----a-w-	c:\windows\SysWow64\ISUSPM.cpl
2015-05-19 15:21 . 2004-08-09 04:03	221184	----a-w-	c:\program files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
2015-05-19 15:21 . 2004-08-09 04:03	385024	----a-w-	c:\program files (x86)\Common Files\InstallShield\UpdateService\_ispmres.dll
2015-05-19 15:21 . 2004-08-09 04:03	368640	----a-w-	c:\program files (x86)\Common Files\InstallShield\UpdateService\_isusres.dll
2015-05-19 15:21 . 2004-08-09 04:03	81920	----a-w-	c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe
2015-05-19 15:21 . 2004-08-09 04:02	217088	----a-w-	c:\program files (x86)\Common Files\InstallShield\UpdateService\ISDM.exe
2015-05-19 15:21 . 2004-08-09 04:03	512000	----a-w-	c:\program files (x86)\Common Files\InstallShield\UpdateService\agent.exe
2015-05-19 15:18 . 2004-10-22 00:17	69715	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2015-05-19 15:18 . 2004-10-22 00:17	274432	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2015-05-19 15:18 . 2004-10-22 00:16	180224	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2015-05-19 15:18 . 2004-10-22 00:16	5632	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2015-05-19 15:18 . 2015-05-19 15:18	192644	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2015-05-19 15:18 . 2004-10-22 00:18	749568	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2015-05-19 15:18 . 2015-05-19 15:18	323716	----a-w-	c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2015-05-17 18:00 . 2015-05-17 18:00	--------	d-----w-	c:\windows\SysWow64\wbem\Logs
2015-05-14 20:52 . 2013-05-06 07:13	110176	----a-w-	c:\windows\system32\klfphc.dll
2015-05-14 20:51 . 2015-05-14 20:51	--------	d-----w-	c:\windows\ELAMBKUP
2015-05-14 20:51 . 2015-06-03 13:54	--------	d-----w-	c:\programdata\Kaspersky Lab
2015-05-14 20:51 . 2015-05-14 20:51	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2015-05-14 20:51 . 2015-05-17 19:49	793800	----a-w-	c:\windows\system32\drivers\klif.sys
2015-05-14 20:51 . 2015-05-17 19:49	141320	----a-w-	c:\windows\system32\drivers\klflt.sys
2015-05-14 20:51 . 2014-04-10 15:25	243808	----a-w-	c:\windows\system32\drivers\klhk.sys
2015-05-13 11:20 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:20 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 08:58 . 2015-04-13 03:28	328704	----a-w-	c:\windows\system32\services.exe
2015-05-13 08:57 . 2015-04-08 03:29	169984	----a-w-	c:\program files\Common Files\Microsoft Shared\ink\rtscom.dll
2015-05-08 21:03 . 2015-05-08 21:03	--------	d-----w-	c:\users\Aaron\AppData\Local\Steam
2015-05-08 20:58 . 2015-05-10 16:42	--------	d-----w-	c:\program files (x86)\Common Files\Steam
2015-05-04 17:03 . 2015-05-29 20:22	--------	d-----w-	c:\programdata\BlueStacksSetup
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-26 16:16 . 2014-11-01 12:17	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-26 16:16 . 2014-11-01 12:17	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-13 11:22 . 2009-10-14 05:12	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-05-01 09:56 . 2015-05-01 09:56	21840	----a-w-	c:\windows\SysWow64\SIntfNT.dll
2015-05-01 09:56 . 2015-05-01 09:56	17212	----a-w-	c:\windows\SysWow64\SIntf32.dll
2015-05-01 09:56 . 2015-05-01 09:56	12067	----a-w-	c:\windows\SysWow64\SIntf16.dll
2015-04-27 19:04 . 2015-05-13 08:58	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-15 15:40 . 2015-04-14 16:28	20992	----a-w-	c:\windows\system32\drivers\GDKBFlt64.sys
2015-03-25 03:24 . 2015-04-15 15:19	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 15:19	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 15:19	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 15:19	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 15:19	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 15:19	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 15:19	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 15:19	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 15:19	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 15:19	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 15:19	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 15:19	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 15:19	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 15:19	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 15:19	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 15:19	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 15:19	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 15:19	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 15:19	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 15:19	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 15:19	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 15:19	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 15:19	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 15:19	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-15 16:56 . 2015-03-15 16:56	236080	----a-w-	c:\windows\RegBootClean64.exe
2015-03-13 09:23 . 2015-03-13 09:23	4096	----a-w-	c:\windows\SysWow64\msdxm.ocx
2015-03-10 03:25 . 2015-04-15 15:19	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 15:19	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 15:19	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 15:19	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.exe" [2015-05-21 430048]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-05-14 28917376]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Google Japanese Input Prelauncher"="c:\program files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe" [2013-12-18 1435672]
"StartCCC"="c:\program files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2014-11-20 767176]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2015-03-12 331776]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2015-04-06 157480]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNA3100 Genie.lnk - c:\program files (x86)\NETGEAR\WNA3100\WNA3100.exe [2015-3-12 8266456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\keyboard layouts\e0200411]
   Ime File	REG_SZ         	GIMEJA.IME
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WSWNA3100;WSWNA3100;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe;c:\program files (x86)\NETGEAR\WNA3100\WifiSvc.exe [x]
R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe;c:\windows\SYSNATIVE\AppleChargerSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\DRIVERS\scmndisp.sys;c:\windows\SYSNATIVE\DRIVERS\scmndisp.sys [x]
S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AppleCharger.sys [x]
S1 GDKBFlt;G Data GDKBFlt Driver;c:\windows\system32\drivers\GDKBFlt64.sys;c:\windows\SYSNATIVE\drivers\GDKBFlt64.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AVP15.0.0;Kaspersky Anti-Virus Service 15.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GoogleIMEJaCacheService;Google Japanese Input Cache Service;c:\program files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe;c:\program files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;Treiber für Broadcom 802.11-USB-Netzwerkadapter;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
S3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
S3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-02 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-11 16:16]
.
2015-06-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-22 22:52]
.
2015-06-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-11-22 22:52]
.
.
--------- X64 Entries -----------
.
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Zu Anti-Banner hinzufügen - c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm
TCP: DhcpNameServer = 192.168.178.1
TCP: Interfaces\{4857B833-3EF8-4626-880E-BEF4F16D68AD}: NameServer = 95.169.183.219,89.41.60.38
FF - ProfilePath - c:\users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\
FF - user.js: plugin.state.npcontentblocker - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
FF - user.js: plugin.state.nponlinebanking - 2
FF - user.js: plugin.state.npvkplugin - 2
FF - user.js: plugin.state.anti_banner_native_proxy - 2
FF - user.js: plugin.state.url_advisor - 2
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-G Data ASM - c:\program files (x86)\G Data\InternetSecurity\DelayLoader\AutorunDelayLoader.exe
Wow6432Node-HKLM-Run-BlueStacks Agent - c:\program files (x86)\BlueStacks\HD-Agent.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM-Run-Platinum - c:\program files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe
HKLM-Run-Trend Micro Client Framework - c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,89,d5,40,14,58,7c,c0,46,bd,f4,88,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,89,d5,40,14,58,7c,c0,46,bd,f4,88,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-03  15:59:34 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-03 13:59
.
Vor Suchlauf: 11 Verzeichnis(se), 130.554.417.152 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 130.121.367.552 Bytes frei
.
- - End Of File - - 4B4BA47D141F2862242D316EE8F7BB99
         
--- --- ---

Alt 04.06.2015, 10:59   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.06.2015, 17:28   #9
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Hier die Ergebnisse

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 04.06.2015
Suchlauf-Zeit: 17:08:40
Logdatei: MB.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.04.03
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Aaron

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 359173
Verstrichene Zeit: 14 Min, 22 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 8
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, In Quarantäne, [0f6a88bbf09a122418874a361ae99d63], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, In Quarantäne, [0f6a88bbf09a122418874a361ae99d63], 
PUP.Optional.ViView.A, C:\Users\Aaron\AppData\Roaming\vi-view, In Quarantäne, [ee8b7ec5e6a4082e3123e6b644bf06fa], 
PUP.Optional.ViView.A, C:\Users\Aaron\AppData\Roaming\vi-view\log, In Quarantäne, [ee8b7ec5e6a4082e3123e6b644bf06fa], 
PUP.Optional.SolutionReal.A, C:\Program Files (x86)\Solution Real, In Quarantäne, [ccade1626a2032044232693343c0d22e], 
PUP.Optional.SolutionReal.A, C:\Program Files (x86)\Solution Real\bin, In Quarantäne, [ccade1626a2032044232693343c0d22e], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, In Quarantäne, [651456edb4d6c96d2f077c211be8d030], 
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, In Quarantäne, [651456edb4d6c96d2f077c211be8d030], 

Dateien: 2
PUP.Optional.ViView.A, C:\Users\Aaron\AppData\Roaming\vi-view\log\UninstallManager_2015-01-09[17-32-21-525].log, In Quarantäne, [ee8b7ec5e6a4082e3123e6b644bf06fa], 
PUP.Optional.SolutionReal.A, C:\Program Files (x86)\Solution Real\bin\BrowserAdapter.7z, In Quarantäne, [ccade1626a2032044232693343c0d22e], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
# AdwCleaner v4.206 - Bericht erstellt 04/06/2015 um 17:47:16
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-01.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Aaron - HEIM
# Gestarted von : C:\Users\Aaron\Downloads\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\XTab
Ordner Gelöscht : C:\Program Files\Hola
Ordner Gelöscht : C:\Users\Aaron\AppData\Local\Hola
Ordner Gelöscht : C:\Users\Aaron\AppData\Roaming\RHEng
Datei Gelöscht : C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\user.js
Datei Gelöscht : C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\ktw5ym78.dev-edition-default\user.js

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKCU\Software\OCS
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.5 (x86 de)


-\\ Pale Moon v25.3.1 (en-US)


*************************

AdwCleaner[R0].txt - [1514 Bytes] - [04/06/2015 17:25:11]
AdwCleaner[R1].txt - [1573 Bytes] - [04/06/2015 17:31:02]
AdwCleaner[S0].txt - [1447 Bytes] - [04/06/2015 17:47:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1506  Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.8 (06.03.2015:1)
OS: Windows 7 Ultimate x64
Ran by Aaron on 04.06.2015 at 18:06:20,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Windows\prefetch\SPEEDAUTOCLICKER.EXE-49C7D7B2.pf



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\55itt523.default\searchplugins\youtube-video-search.xml
Emptied folder: C:\Users\Aaron\AppData\Roaming\mozilla\firefox\profiles\55itt523.default\minidumps [249 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.06.2015 at 18:08:13,48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Aaron (administrator) on HEIM on 04-06-2015 18:15:31
Running from C:\Users\Aaron\Downloads
Loaded Profiles: Aaron (Available Profiles: Aaron)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Platinum] => "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" -StartUp
HKLM\...\Run: [Trend Micro Client Framework] => "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2015-03-12] (VIA Technologies, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-03-12]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000 -> {FDE77B5B-F923-4C0E-BAD4-29914B67A6C0} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-17] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4857B833-3EF8-4626-880E-BEF4F16D68AD}: [NameServer] 95.169.183.219,89.41.60.38

FireFox:
========
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-26] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-20] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2455565853-2773199953-1460756191-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aaron\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\google-images.xml [2014-11-01]
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\google-maps.xml [2014-11-01]
FF Extension: YouTube Unblocker - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-29]
FF Extension: Ghostery - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\firefox@ghostery.com.xpi [2015-01-18]
FF Extension: Tab for a Cause - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\tabforacause@tabforacause.org.xpi [2014-12-21]
FF Extension: NoScript - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-01]
FF Extension: VideoService - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{9d58e825-a4eb-4a2c-9736-3b0d51b3c8c5}.xpi [2014-12-20]
FF Extension: Adblock Plus - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-01]
FF Extension: BetterPrivacy - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-02-02]
FF Extension: {f9f3dafd-5da0-4d41-a597-c11bf9609e1b} - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{f9f3dafd-5da0-4d41-a597-c11bf9609e1b}.xpi [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-14]
FF HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\extensions\cliqz@cliqz.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-31] ()
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-15] (G Data Software AG)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-05-17] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-05-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-31] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 18:08 - 2015-06-04 18:08 - 00001090 _____ () C:\Users\Aaron\Desktop\JRT.txt
2015-06-04 18:06 - 2015-06-04 18:06 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HEIM-Windows-7-Ultimate-(64-bit).dat
2015-06-04 18:06 - 2015-06-04 18:06 - 00000000 ____D () C:\RegBackup
2015-06-04 18:02 - 2015-06-04 18:03 - 02942610 _____ (Thisisu) C:\Users\Aaron\Downloads\JRT.exe
2015-06-04 17:51 - 2015-06-04 17:51 - 00001586 _____ () C:\Users\Aaron\Desktop\AdwCleaner[S0].txt
2015-06-04 17:25 - 2015-06-04 17:47 - 00000000 ____D () C:\AdwCleaner
2015-06-04 17:24 - 2015-06-04 17:24 - 02231296 _____ () C:\Users\Aaron\Downloads\AdwCleaner_4.206.exe
2015-06-04 17:24 - 2015-06-04 17:24 - 00002387 _____ () C:\Users\Aaron\Desktop\MB.txt
2015-06-04 17:07 - 2015-06-04 17:07 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-04 17:07 - 2015-06-04 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-04 17:07 - 2015-06-04 17:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-04 17:07 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-04 17:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-04 17:06 - 2015-06-04 17:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Aaron\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-03 22:41 - 2015-06-03 22:41 - 00000211 _____ () C:\Users\Aaron\Desktop\Idl.txt
2015-06-03 15:59 - 2015-06-03 15:59 - 00027183 _____ () C:\ComboFix.txt
2015-06-03 15:46 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-06-03 15:46 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-06-03 15:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-06-03 15:45 - 2015-06-03 15:59 - 00000000 ____D () C:\Qoobox
2015-06-03 15:45 - 2015-06-03 15:58 - 00000000 ____D () C:\Windows\erdnt
2015-06-03 15:44 - 2015-06-03 15:44 - 05628238 ____R (Swearware) C:\Users\Aaron\Downloads\ComboFix.exe
2015-06-02 17:50 - 2015-06-02 17:50 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\20C31D9D.sys
2015-06-02 17:50 - 2015-06-02 17:50 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7EF21D72.sys
2015-06-02 17:24 - 2015-06-03 15:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-06-02 17:09 - 2015-06-04 17:50 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-02 17:09 - 2015-06-04 17:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-02 17:09 - 2015-06-02 17:50 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-02 17:08 - 2015-06-02 17:08 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Aaron\Downloads\tdsskiller.exe
2015-06-02 17:07 - 2015-06-02 17:51 - 00000000 ____D () C:\Users\Aaron\Desktop\mbar
2015-06-02 17:07 - 2015-06-02 17:07 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Aaron\Downloads\mbar-1.09.1.1004.exe
2015-06-02 17:07 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-02 17:00 - 2015-06-02 17:00 - 00001268 _____ () C:\Users\Aaron\Desktop\Revo Uninstaller.lnk
2015-06-02 17:00 - 2015-06-02 17:00 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-06-02 16:59 - 2015-06-02 17:00 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aaron\Downloads\revosetup95.exe
2015-06-01 17:50 - 2015-06-01 17:50 - 00057739 _____ () C:\Users\Aaron\Desktop\FRST.txt
2015-06-01 17:50 - 2015-06-01 17:50 - 00030288 _____ () C:\Users\Aaron\Desktop\Addition.txt
2015-05-31 20:10 - 2015-06-01 17:45 - 00030288 _____ () C:\Users\Aaron\Downloads\Addition.txt
2015-05-31 20:09 - 2015-06-04 18:15 - 00017020 _____ () C:\Users\Aaron\Downloads\FRST.txt
2015-05-31 20:09 - 2015-06-04 18:15 - 00000000 ____D () C:\FRST
2015-05-31 20:08 - 2015-05-31 20:08 - 02108928 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64.exe
2015-05-31 10:47 - 2015-05-31 10:47 - 00235936 _____ (Tagès SA) C:\Users\Aaron\Downloads\TagesSetup_x64.exe
2015-05-29 20:40 - 2015-05-29 20:40 - 00159144 _____ (Microsoft Corporation) C:\Users\Aaron\Downloads\WindowsActivationUpdate.exe
2015-05-28 21:37 - 2015-05-28 21:37 - 00000000 ____D () C:\Users\Aaron\.android
2015-05-28 21:20 - 2015-05-29 22:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-28 21:20 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-28 21:20 - 2015-05-28 21:20 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-28 20:44 - 2015-05-28 20:46 - 14155832 _____ (BlueStack Systems Inc.) C:\Users\Aaron\Downloads\BlueStacks-ThinInstaller(1).exe
2015-05-28 20:36 - 2015-05-28 20:36 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Aaron\Downloads\SkypeSetup.exe
2015-05-26 22:15 - 2015-05-26 23:21 - 00020125 _____ () C:\Users\Aaron\Documents\SEminario.odt
2015-05-25 16:01 - 2015-05-25 16:01 - 00000000 ____D () C:\Users\Aaron\Downloads\Passage
2015-05-25 16:00 - 2015-05-25 16:00 - 00497214 _____ () C:\Users\Aaron\Downloads\Passage_v3_Windows(1).exe
2015-05-24 22:17 - 2015-05-24 22:17 - 00000592 _____ () C:\Users\Aaron\Documents\Taddl.txt
2015-05-20 17:08 - 2015-06-04 18:13 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-20 17:08 - 2015-06-04 17:50 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-20 17:08 - 2015-05-20 17:08 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 17:08 - 2015-05-20 17:08 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 19:22 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-19 19:22 - 2015-05-19 19:22 - 00000000 ____D () C:\Users\Aaron\AppData\Roaming\Apple Computer
2015-05-19 19:22 - 2015-05-19 19:22 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Apple Computer
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files\iTunes
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files\iPod
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-19 19:21 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-19 19:20 - 2015-05-21 22:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-19 19:20 - 2015-05-19 19:20 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Apple
2015-05-19 19:19 - 2015-05-21 22:03 - 00000000 ____D () C:\ProgramData\Apple
2015-05-19 19:02 - 2015-05-19 19:15 - 121283888 _____ (Apple Inc.) C:\Users\Aaron\Downloads\itunes64setup.exe
2015-05-19 18:40 - 2015-05-19 18:49 - 108728624 _____ (Apple Inc.) C:\Users\Aaron\Downloads\iTunesSetup.exe
2015-05-19 17:24 - 2015-05-31 10:49 - 00088480 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-05-19 17:24 - 2015-05-31 10:49 - 00046400 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-05-19 17:24 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Windows\system32\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\ProgramData\InstallShield
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-05-19 17:23 - 2015-05-19 17:23 - 00002358 _____ () C:\Users\Public\Desktop\Sherlock Holmes jagt Arsene Lupin  spielen.lnk
2015-05-19 17:23 - 2015-05-19 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus
2015-05-19 17:21 - 2015-05-19 17:21 - 00002068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2015-05-19 17:21 - 2015-05-19 17:21 - 00000000 ____D () C:\Program Files (x86)\Focus
2015-05-19 17:21 - 2004-08-09 06:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
2015-05-14 22:53 - 2015-05-18 15:05 - 00002334 _____ () C:\Users\Aaron\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-14 22:52 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-14 22:52 - 2015-05-14 22:52 - 00001196 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-14 22:52 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-05-14 22:51 - 2015-06-04 18:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-14 22:51 - 2015-05-17 21:49 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-14 22:51 - 2015-05-17 21:49 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-05-14 22:51 - 2015-05-14 22:51 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-05-14 22:51 - 2015-05-14 22:51 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-14 22:51 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-14 22:43 - 2015-05-14 22:48 - 176562784 _____ () C:\Users\Aaron\Downloads\kis15.0.0.463de_6508.exe
2015-05-13 13:20 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:20 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:59 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:59 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 10:59 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:59 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 10:59 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:59 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:59 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:59 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:59 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:59 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:59 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:59 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:59 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:59 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:59 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:59 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:59 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:59 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:59 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:59 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:59 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:59 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:59 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 10:59 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 10:59 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:59 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:59 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 10:59 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 10:59 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 10:59 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 10:59 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:59 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:59 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 10:59 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:59 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 10:59 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 10:59 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 10:59 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 10:59 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 10:59 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 10:59 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 10:59 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:59 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:59 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 10:59 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:59 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:59 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 10:59 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:59 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 10:59 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 10:59 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 10:59 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 10:59 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:59 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 10:59 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 10:59 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 10:59 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 10:59 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:59 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:59 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 10:59 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 10:59 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 10:59 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:59 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 10:58 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:58 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:58 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:58 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 10:58 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:58 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:58 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:58 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 10:58 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 10:58 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 10:58 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 10:58 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 10:58 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 10:58 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:58 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 10:58 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 10:58 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 10:58 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:58 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 10:58 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:58 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:57 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:57 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:57 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:57 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:57 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 10:57 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 10:57 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 10:57 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 10:57 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:57 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:57 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:23 - 2015-05-12 17:23 - 00005710 _____ () C:\Users\Aaron\Downloads\idlesave(1)
2015-05-10 21:09 - 2015-05-10 21:09 - 00003756 _____ () C:\Users\Aaron\Downloads\idlesave
2015-05-08 23:03 - 2015-05-08 23:03 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Steam
2015-05-08 22:57 - 2015-05-08 22:57 - 01142128 _____ () C:\Users\Aaron\Downloads\SteamSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-04 18:10 - 2015-04-11 08:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-04 18:06 - 2009-07-14 06:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-04 18:06 - 2009-07-14 06:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-04 17:54 - 2014-11-01 14:00 - 01959760 _____ () C:\Windows\WindowsUpdate.log
2015-06-04 17:50 - 2014-11-01 14:33 - 01370112 _____ () C:\Windows\PFRO.log
2015-06-04 17:50 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-04 17:50 - 2009-07-14 06:51 - 00060595 _____ () C:\Windows\setupact.log
2015-06-03 15:59 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-06-03 15:54 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-06-03 15:53 - 2009-07-14 04:34 - 68681728 _____ () C:\Windows\system32\config\software.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 53215232 _____ () C:\Windows\system32\config\components.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-06-03 15:38 - 2014-11-01 15:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 19:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-06-02 18:14 - 2014-11-07 23:14 - 00000000 ____D () C:\Users\Aaron\Documents\Anki
2015-06-02 18:01 - 2015-02-05 09:08 - 00000000 ____D () C:\Users\Aaron\Desktop\EA
2015-06-01 18:40 - 2009-07-14 19:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-06-01 18:40 - 2009-07-14 19:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-06-01 18:40 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 22:26 - 2014-11-01 18:18 - 00000000 ____D () C:\Users\Aaron\AppData\Roaming\Skype
2015-05-29 22:23 - 2014-11-01 14:02 - 00000000 ____D () C:\Users\Aaron
2015-05-29 22:22 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-29 22:22 - 2015-04-04 15:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-29 22:22 - 2015-03-07 14:00 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-05-29 22:22 - 2014-12-26 22:24 - 00000000 ____D () C:\Users\Aaron\AppData\Local\fabi.me
2015-05-29 22:22 - 2014-11-01 23:20 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Abelssoft
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-29 22:21 - 2014-11-01 18:18 - 00000000 ____D () C:\ProgramData\Skype
2015-05-29 22:04 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-28 22:56 - 2015-03-07 14:01 - 00000000 ____D () C:\Users\Aaron\AppData\Local\CyberGhost
2015-05-28 22:56 - 2014-11-01 14:02 - 00000000 ____D () C:\Users\Aaron\AppData\Local\VirtualStore
2015-05-26 21:43 - 2015-03-08 17:37 - 00000000 ____D () C:\Users\Aaron\Desktop\Moot
2015-05-26 18:41 - 2014-11-01 14:15 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Adobe
2015-05-26 18:16 - 2015-04-11 08:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-26 18:16 - 2014-11-01 14:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-26 18:16 - 2014-11-01 14:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-26 16:52 - 2009-07-14 07:08 - 00004662 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-24 22:17 - 2014-11-27 23:41 - 00006360 _____ () C:\Users\Aaron\Documents\SC.txt
2015-05-20 23:50 - 2015-04-04 15:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 17:21 - 2014-11-01 14:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-17 19:56 - 2015-04-14 18:27 - 00000000 ____D () C:\Program Files (x86)\G Data
2015-05-17 19:55 - 2015-04-14 18:17 - 00000000 ____D () C:\ProgramData\G Data
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-05-17 19:42 - 2015-03-13 15:56 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-05-17 19:38 - 2015-03-27 18:33 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Trend Micro
2015-05-14 22:49 - 2015-03-30 19:05 - 00001161 _____ () C:\Users\Aaron\Desktop\VideoCacheView.cfg
2015-05-14 22:40 - 2015-04-26 21:54 - 00000962 _____ () C:\Users\Aaron\Documents\hahah.txt
2015-05-13 17:05 - 2009-07-14 06:45 - 00298248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 17:02 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:24 - 2014-11-01 14:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 13:22 - 2009-10-14 07:12 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-11 09:58 - 2015-04-14 18:27 - 00006074 _____ () C:\Windows\DPINST.LOG
2015-05-05 20:14 - 2014-11-01 15:07 - 00000000 ____D () C:\Users\Aaron\Desktop\Neuer Ordner

==================== Files in the root of some directories =======

2015-04-14 18:27 - 2015-04-14 18:27 - 0000000 _____ () C:\Users\Aaron\AppData\Roaming\gdfw.log
2015-04-14 18:27 - 2015-04-14 18:27 - 0000779 _____ () C:\Users\Aaron\AppData\Roaming\gdscan.log
2015-03-13 15:56 - 2015-03-13 15:56 - 0000036 _____ () C:\Users\Aaron\AppData\Local\housecall.guid.cache

Some files in TEMP:
====================
C:\Users\Aaron\AppData\Local\Temp\Quarantine.exe
C:\Users\Aaron\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-29 19:51

==================== End of log ============================
         
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Aaron at 2015-06-04 18:15:53
Running from C:\Users\Aaron\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Aaron (S-1-5-21-2455565853-2773199953-1460756191-1000 - Administrator - Enabled) => C:\Users\Aaron
Administrator (S-1-5-21-2455565853-2773199953-1460756191-500 - Administrator - Disabled)
Gast (S-1-5-21-2455565853-2773199953-1460756191-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2455565853-2773199953-1460756191-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
AGEIA PhysX v6.12.02 (HKLM-x32\...\{7032E73F-68A0-48F9-8100-E70E79169BAE}) (Version: 6.12.02 - AGEIA Technologies, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version:  - )
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.42 - Abelssoft)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Firefox Developer Edition 38.0a2 (x64 de) (HKLM\...\Firefox Developer Edition 38.0a2 (x64 de)) (Version: 38.0a2 - Mozilla)
Free Audio Converter version 5.0.55.113 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google 日本語入力 (HKLM\...\{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}) (Version: 1.13.1641.0 - Google Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5D239A92-31A4-4FCA-967D-F9EA8E1FDF6A}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1020 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0a2 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Pale Moon 25.3.1 (x86 en-US) (HKLM-x32\...\Pale Moon 25.3.1 (x86 en-US)) (Version: 25.3.1 - Moonchild Productions)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sherlock Holmes jagt Arsene Lupin (HKLM-x32\...\{63686BEF-04CA-461C-B364-53BBC322F7BF}) (Version: 1.00.0777 - Frogwares)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unity Web Player (HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Restore Points =========================

26-05-2015 16:59:35 Windows Update
28-05-2015 20:30:45 Removed Skype™ 7.4
28-05-2015 20:33:46 Removed Skype Click to Call
28-05-2015 20:40:16 Removed BlueStacks Notification Center
29-05-2015 22:00:49 Wiederherstellungsvorgang
02-06-2015 17:01:47 Revo Uninstaller's restore point - YTD Video Downloader 4.8.9
02-06-2015 19:02:41 Removed BlueStacks Notification Center

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-03 15:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {039F849F-A8B0-4950-9DEA-B2C22EE323CA} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {0E3E308E-ABEF-4846-89B8-278B4B018F87} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {0F88D255-2241-4208-8237-E341A4D7A173} - System32\Tasks\{5A57084D-AC5A-4D37-847B-140B7C012D90} => pcalua.exe -a D:\directx\dxsetup.exe -d D:\directx
Task: {1C4CB41F-68B8-4D5A-8A6F-F4C3AE36F657} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)
Task: {37FB0945-E77F-4D35-8BC0-D0235553AB98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {55A4219C-07FF-4C29-9BD8-3C619515A305} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {57F70703-9A44-4723-AB28-AFC48700A0A1} - \{1DFC94E0-EEB0-4BAF-A5B2-1F07400E5341} No Task File <==== ATTENTION
Task: {7C0BC5CD-DA14-4277-B6C1-E8744715E8FA} - \{EEF77C93-E979-49BA-8AA0-17E886F1EAEB} No Task File <==== ATTENTION
Task: {8820FE82-E598-4326-954A-39452D194616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)
Task: {9BEE7F76-659C-4C46-8456-C3F4C8407328} - \User_Feed_Synchronization-{600F234B-E5B6-4B2D-9EB7-84B30C9F11A3} No Task File <==== ATTENTION
Task: {B7FD4B15-9BA8-468C-A210-B505DCC89E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C2B10E82-65DC-4C03-B7EB-C26DAEF338BB} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C713F4D1-F331-4653-B26A-F95CBFCB07D1} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-20] (Microsoft Corporation)
Task: {F3AD173A-D319-4317-A3AF-6ADF3E16210C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {F99D18BE-4F1D-43A0-BD32-CC74BD35149D} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2015-05-17 21:23 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2015-05-26 18:16 - 2015-05-26 18:16 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 95.169.183.219 - 89.41.60.38

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F910D0C9-262F-4427-9587-0E6D623BE027}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A7CBF020-E154-4520-82A5-F40CD5A5B7F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{652FE1B6-04A6-4AB5-A263-EAA23ED5AF39}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{302EDD12-0AC8-4F32-8EC4-E7D89E05A27B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{48181101-7CA1-47FF-92C4-661EC8D8CC94}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{CFA596B3-FE44-4054-8514-A491E93A548B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{5203D9A2-92C6-4216-A0EA-872EF81D838F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{2F8E4ABE-8813-41DD-8D11-B5B91F771C53}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{3E0A475E-F79E-4A19-8FC4-E6C041642D44}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{9B6DD1C2-563B-40A3-ACEE-ABC35DBF0A16}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{A1AC3D49-DA7E-4405-A0A8-0CB37F6567D6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{0A163EAF-70F4-49F4-AF3A-F3F0E347D685}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{844A7132-5511-45ED-B0D3-A6A2CC5613A1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6F80F7CA-4A0C-463F-998A-AEA71EFF8C3F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3BC87F6A-8C1F-4599-B2B0-2061EAB55569}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{C99151BB-774A-443B-A1DB-14A54D9B3201}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{F34A9EC6-DD46-4BE9-91D3-081674BC78CF}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{243C2F74-B1BD-4240-9D59-722D40F618E9}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [TCP Query User{BCA82D7E-E09E-4282-9713-9D5476F446F4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{90985EBA-FDA7-4896-BABE-94A5AB81DFB3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{227CD673-EFE0-4C39-95B8-CDC817BB04C7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7C632050-24B5-4D37-9BB9-0A8281082923}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{725EF301-0470-4F66-B155-EA5A4BAF23B3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{92FDDB1F-16DB-4943-B6A6-A9B59D6C8EE2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{77118A62-B07D-473F-8425-8026BDA0D373}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719D0DC3-7F9C-4DF8-A244-1029DB8C5602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3349BEC-5E4E-4AF9-87A3-EEC5AEA7F02D}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [{CE52468E-665F-4C3F-9DC6-79F6AEF8553A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{7D882834-5CE4-4B78-969E-3EE357EEC731}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{940AFD68-2716-4CD4-8E11-505371C53FC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BA9A4195-2E37-460B-8CDD-DAADF45FD634}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BDA4317-797A-4D13-91A9-3862BCE7E88C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BFBDE6A1-CDF0-4FCC-9785-46D364151161}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1E7CF97D-0B95-47BE-98C8-F2C5A31996FF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F55D7FA2-0F23-40CC-AC52-B93B705654C9}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{E9098807-5655-4DBD-B013-AB2A0FA29E2D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 10:28:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.5.0.101 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d68

Startzeit: 01d09a4d6d5b3213

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: 2867a548-0641-11e5-8dd8-94de80a96248

Error: (05/29/2015 10:06:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. C:\ProgramData\BlueStacks\Android\kernel.elf.signature doesn't exist
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.


System errors:
=============
Error: (06/04/2015 06:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 06:06:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/04/2015 06:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 06:06:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/04/2015 06:06:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VIA Karaoke digital mixer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/04/2015 06:06:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/04/2015 06:06:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2015 06:06:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Druckwarteschlange" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 10:28:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.5.0.101d6801d09a4d6d5b32135C:\Program Files (x86)\Skype\Phone\Skype.exe2867a548-0641-11e5-8dd8-94de80a96248

Error: (05/29/2015 10:06:50 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service. C:\ProgramData\BlueStacks\Android\kernel.elf.signature doesn't exist
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 09:44:01 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f


CodeIntegrity Errors:
===================================
  Date: 2015-06-03 15:52:21.962
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-03 15:52:21.946
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-01 13:48:42.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG2015\avghooka.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 43%
Total physical RAM: 7653.8 MB
Available physical RAM: 4358.48 MB
Total Pagefile: 15305.82 MB
Available Pagefile: 11530.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:120.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SHERLOCKHOLMES4) (CDROM) (Total:6.84 GB) (Free:0 GB) UDF
Drive e: (INTENSO USB) (Removable) (Total:1.87 GB) (Free:1.85 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F22B4E44)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=1.9 GB) - (Type=06)

==================== End of log ============================
         
--- --- ---

Alt 05.06.2015, 11:05   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.06.2015, 16:09   #11
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Code:
ATTFilter
 Results of screen317's Security Check version 1.002  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 17.0.0.188  
 Mozilla Firefox (38.0.5) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2b095940077086409a45af4af828a363
# end=init
# utc_time=2015-06-05 12:00:52
# local_time=2015-06-05 02:00:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24188
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=2b095940077086409a45af4af828a363
# end=updated
# utc_time=2015-06-05 12:05:31
# local_time=2015-06-05 02:05:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=2b095940077086409a45af4af828a363
# engine=24188
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-05 12:59:10
# local_time=2015-06-05 02:59:10 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1296 16777213 100 100 7393 37585432 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 77641 185139000 0 0
# scanned=195611
# found=14
# cleaned=0
# scan_time=3218
sh=457335C7D7CF3B76BDA5156BDFC9D2E55F5EB26E ft=1 fh=733834ea60493ef0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Desktop\Neuer Ordner\Downloads\Integrated_CT2325506.exe"
sh=0969D23DB7533F849540DD226947B964F5F73F12 ft=1 fh=cea93413e9d3c21c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\64bit_Win7_Win8_Win81_R275 - CHIP-Installer.exe"
sh=84F5FDC400AAD26FE49BFF71BD7CFE4EE9B60DC7 ft=1 fh=32a8d7bea6733e9c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\Blobby Volley 2 - CHIP-Installer.exe"
sh=755E559B9CE644B24163B60A4AA40EE4FCBD5001 ft=1 fh=52d82a8d8b77a3c2 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\BPM Analyzer - CHIP-Installer.exe"
sh=55221CC3A66AD51EADBEF6E2C19D2E46702C8727 ft=1 fh=6271892ec16dd2fa vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\Firefox 38 Developer Edition 64 Bit - CHIP-Installer.exe"
sh=614D9529C4AC5698BA44413ED9FF2F2AB7194030 ft=1 fh=fb5c7ba1cde5bf0c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\FREEAV1504(1).exe"
sh=614D9529C4AC5698BA44413ED9FF2F2AB7194030 ft=1 fh=fb5c7ba1cde5bf0c vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\FREEAV1504.exe"
sh=DFEFEFFFD0A0587308AC1E5F268448EE20F67754 ft=1 fh=84d41bc8117249fc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\G Data Internet Security 2015 - CHIP-Installer.exe"
sh=777316ECFEC690E17B3890B7C7520E2452D25ED8 ft=1 fh=14ac7b02e5859647 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\Origin EA Download Manager - CHIP-Installer.exe"
sh=EDF53DC693F15F4F49980ED000D42D46B5C75419 ft=1 fh=e9d5b7120831db57 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer(1).exe"
sh=AF3DF60A376F6923FB8B6379F2CE6D9B9F5EBEE7 ft=1 fh=e5245e81b84bc2af vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer.exe"
sh=8AD8D128884DCB0CD4BBA658FD5646C53EB3A852 ft=1 fh=0589a30c4ca7ce0b vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\Titanium Internet Security 2015 - CHIP-Installer.exe"
sh=D4C0724790681F904D75B9D909C81DC72ACD8040 ft=1 fh=5a13d4043353bcbf vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\VideoCacheView - CHIP-Installer.exe"
sh=D7F594C59AFFBA2805AECBCAE8D6A9CEFC6B0FE4 ft=1 fh=42226fa41212edde vn="Variante von Win32/Toolbar.Widgi.N evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aaron\Downloads\YTDSetup.exe"
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Aaron (administrator) on HEIM on 05-06-2015 15:15:55
Running from C:\Users\Aaron\Downloads
Loaded Profiles: Aaron (Available Profiles: Aaron)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_188.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Platinum] => "C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe" -StartUp
HKLM\...\Run: [Trend Micro Client Framework] => "C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
HKLM-x32\...\Run: [Google Japanese Input Prelauncher] => C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaBroker32.exe [1435672 2013-12-18] (Google Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [VIAxHCUtl] => C:\VIA_XHCI\usb3Monitor.exe [331776 2015-03-12] (VIA Technologies, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2015-04-07] (Apple Inc.)
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28917376 2015-05-14] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Genie.lnk [2015-03-12]
ShortcutTarget: NETGEAR WNA3100 Genie.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000 -> {FDE77B5B-F923-4C0E-BAD4-29914B67A6C0} URL = https://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-17] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2015-05-17] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4857B833-3EF8-4626-880E-BEF4F16D68AD}: [NameServer] 95.169.183.219,89.41.60.38

FireFox:
========
FF ProfilePath: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default
FF DefaultSearchEngine: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-26] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-20] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-26] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1214154.dll [2014-11-26] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @kaspersky.com/online_banking -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-17] ()
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2015-05-20] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-20] (Google Inc.)
FF Plugin HKU\S-1-5-21-2455565853-2773199953-1460756191-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Aaron\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\google-images.xml [2014-11-01]
FF SearchPlugin: C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\searchplugins\google-maps.xml [2014-11-01]
FF Extension: YouTube Unblocker - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-29]
FF Extension: Ghostery - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\firefox@ghostery.com.xpi [2015-01-18]
FF Extension: Tab for a Cause - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\tabforacause@tabforacause.org.xpi [2014-12-21]
FF Extension: NoScript - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-11-01]
FF Extension: VideoService - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{9d58e825-a4eb-4a2c-9736-3b0d51b3c8c5}.xpi [2014-12-20]
FF Extension: Adblock Plus - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-01]
FF Extension: BetterPrivacy - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-02-02]
FF Extension: {f9f3dafd-5da0-4d41-a597-c11bf9609e1b} - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\Extensions\{f9f3dafd-5da0-4d41-a597-c11bf9609e1b}.xpi [2014-12-09]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-02]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-05-14]
FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-14]
FF HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Aaron\AppData\Roaming\Mozilla\Firefox\Profiles\55itt523.default\extensions\cliqz@cliqz.com
StartMenuInternet: FIREFOX.EXE - C:\Program Files\Firefox Developer Edition\firefox.exe

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
R2 GoogleIMEJaCacheService; C:\Program Files (x86)\Google\Google Japanese Input\GoogleIMEJaCacheService.exe [754712 2013-12-18] (Google Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [307928 2013-11-11] ()

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-05-31] ()
R1 GDKBFlt; C:\Windows\system32\drivers\GDKBFlt64.sys [20992 2015-04-15] (G Data Software AG)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2015-05-17] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2015-05-17] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-05-31] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 15:10 - 2015-06-05 15:10 - 00852639 _____ () C:\Users\Aaron\Downloads\SecurityCheck.exe
2015-06-05 13:59 - 2015-06-05 14:00 - 02870984 _____ (ESET) C:\Users\Aaron\Downloads\esetsmartinstaller_deu.exe
2015-06-04 18:08 - 2015-06-04 18:08 - 00001090 _____ () C:\Users\Aaron\Desktop\JRT.txt
2015-06-04 18:06 - 2015-06-04 18:06 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-HEIM-Windows-7-Ultimate-(64-bit).dat
2015-06-04 18:06 - 2015-06-04 18:06 - 00000000 ____D () C:\RegBackup
2015-06-04 18:02 - 2015-06-04 18:03 - 02942610 _____ (Thisisu) C:\Users\Aaron\Downloads\JRT.exe
2015-06-04 17:51 - 2015-06-04 17:51 - 00001586 _____ () C:\Users\Aaron\Desktop\AdwCleaner[S0].txt
2015-06-04 17:25 - 2015-06-04 17:47 - 00000000 ____D () C:\AdwCleaner
2015-06-04 17:24 - 2015-06-04 17:24 - 02231296 _____ () C:\Users\Aaron\Downloads\AdwCleaner_4.206.exe
2015-06-04 17:24 - 2015-06-04 17:24 - 00002387 _____ () C:\Users\Aaron\Desktop\MB.txt
2015-06-04 17:07 - 2015-06-04 17:07 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-04 17:07 - 2015-06-04 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-04 17:07 - 2015-06-04 17:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-04 17:07 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-04 17:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-04 17:06 - 2015-06-04 17:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Aaron\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-03 22:41 - 2015-06-03 22:41 - 00000211 _____ () C:\Users\Aaron\Desktop\Idl.txt
2015-06-03 15:59 - 2015-06-03 15:59 - 00027183 _____ () C:\ComboFix.txt
2015-06-03 15:46 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-06-03 15:46 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-06-03 15:46 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-06-03 15:46 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-06-03 15:45 - 2015-06-03 15:59 - 00000000 ____D () C:\Qoobox
2015-06-03 15:45 - 2015-06-03 15:58 - 00000000 ____D () C:\Windows\erdnt
2015-06-03 15:44 - 2015-06-03 15:44 - 05628238 ____R (Swearware) C:\Users\Aaron\Downloads\ComboFix.exe
2015-06-02 17:50 - 2015-06-02 17:50 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\20C31D9D.sys
2015-06-02 17:50 - 2015-06-02 17:50 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7EF21D72.sys
2015-06-02 17:24 - 2015-06-03 15:38 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-06-02 17:09 - 2015-06-05 13:35 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-02 17:09 - 2015-06-04 17:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-06-02 17:09 - 2015-06-02 17:50 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-02 17:08 - 2015-06-02 17:08 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Aaron\Downloads\tdsskiller.exe
2015-06-02 17:07 - 2015-06-02 17:51 - 00000000 ____D () C:\Users\Aaron\Desktop\mbar
2015-06-02 17:07 - 2015-06-02 17:07 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Aaron\Downloads\mbar-1.09.1.1004.exe
2015-06-02 17:07 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-02 17:00 - 2015-06-02 17:00 - 00001268 _____ () C:\Users\Aaron\Desktop\Revo Uninstaller.lnk
2015-06-02 17:00 - 2015-06-02 17:00 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-06-02 16:59 - 2015-06-02 17:00 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aaron\Downloads\revosetup95.exe
2015-06-01 17:50 - 2015-06-01 17:50 - 00057739 _____ () C:\Users\Aaron\Desktop\FRST.txt
2015-06-01 17:50 - 2015-06-01 17:50 - 00030288 _____ () C:\Users\Aaron\Desktop\Addition.txt
2015-05-31 20:10 - 2015-06-04 18:16 - 00031269 _____ () C:\Users\Aaron\Downloads\Addition.txt
2015-05-31 20:09 - 2015-06-05 15:15 - 00018162 _____ () C:\Users\Aaron\Downloads\FRST.txt
2015-05-31 20:09 - 2015-06-05 15:15 - 00000000 ____D () C:\FRST
2015-05-31 20:08 - 2015-05-31 20:08 - 02108928 _____ (Farbar) C:\Users\Aaron\Downloads\FRST64.exe
2015-05-31 10:47 - 2015-05-31 10:47 - 00235936 _____ (Tagès SA) C:\Users\Aaron\Downloads\TagesSetup_x64.exe
2015-05-29 20:40 - 2015-05-29 20:40 - 00159144 _____ (Microsoft Corporation) C:\Users\Aaron\Downloads\WindowsActivationUpdate.exe
2015-05-28 21:37 - 2015-05-28 21:37 - 00000000 ____D () C:\Users\Aaron\.android
2015-05-28 21:20 - 2015-05-29 22:22 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-05-28 21:20 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-05-28 21:20 - 2015-05-28 21:20 - 00002699 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-05-28 20:44 - 2015-05-28 20:46 - 14155832 _____ (BlueStack Systems Inc.) C:\Users\Aaron\Downloads\BlueStacks-ThinInstaller(1).exe
2015-05-28 20:36 - 2015-05-28 20:36 - 01384064 _____ (Skype Technologies S.A.) C:\Users\Aaron\Downloads\SkypeSetup.exe
2015-05-26 22:15 - 2015-05-26 23:21 - 00020125 _____ () C:\Users\Aaron\Documents\SEminario.odt
2015-05-25 16:01 - 2015-05-25 16:01 - 00000000 ____D () C:\Users\Aaron\Downloads\Passage
2015-05-25 16:00 - 2015-05-25 16:00 - 00497214 _____ () C:\Users\Aaron\Downloads\Passage_v3_Windows(1).exe
2015-05-24 22:17 - 2015-05-24 22:17 - 00000592 _____ () C:\Users\Aaron\Documents\Taddl.txt
2015-05-20 17:08 - 2015-06-05 15:13 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-20 17:08 - 2015-06-05 12:55 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-20 17:08 - 2015-05-20 17:08 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-20 17:08 - 2015-05-20 17:08 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 19:22 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-19 19:22 - 2015-05-19 19:22 - 00000000 ____D () C:\Users\Aaron\AppData\Roaming\Apple Computer
2015-05-19 19:22 - 2015-05-19 19:22 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Apple Computer
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\ProgramData\Apple Computer
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files\iTunes
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files\iPod
2015-05-19 19:21 - 2015-05-19 19:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-05-19 19:21 - 2012-10-03 16:14 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-05-19 19:20 - 2015-05-21 22:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-05-19 19:20 - 2015-05-19 19:20 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Apple
2015-05-19 19:19 - 2015-05-21 22:03 - 00000000 ____D () C:\ProgramData\Apple
2015-05-19 19:02 - 2015-05-19 19:15 - 121283888 _____ (Apple Inc.) C:\Users\Aaron\Downloads\itunes64setup.exe
2015-05-19 18:40 - 2015-05-19 18:49 - 108728624 _____ (Apple Inc.) C:\Users\Aaron\Downloads\iTunesSetup.exe
2015-05-19 17:24 - 2015-05-31 10:49 - 00088480 _____ () C:\Windows\system32\Drivers\atksgt.sys
2015-05-19 17:24 - 2015-05-31 10:49 - 00046400 _____ () C:\Windows\system32\Drivers\lirsgt.sys
2015-05-19 17:24 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Windows\SysWOW64\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Windows\system32\AGEIA
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\ProgramData\InstallShield
2015-05-19 17:24 - 2015-05-19 17:24 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-05-19 17:23 - 2015-05-19 17:23 - 00002358 _____ () C:\Users\Public\Desktop\Sherlock Holmes jagt Arsene Lupin  spielen.lnk
2015-05-19 17:23 - 2015-05-19 17:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Focus
2015-05-19 17:21 - 2015-05-19 17:21 - 00002068 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Program Updates.lnk
2015-05-19 17:21 - 2015-05-19 17:21 - 00000000 ____D () C:\Program Files (x86)\Focus
2015-05-19 17:21 - 2004-08-09 06:04 - 00073728 _____ (InstallShield Software Corporation) C:\Windows\SysWOW64\ISUSPM.cpl
2015-05-14 22:53 - 2015-05-18 15:05 - 00002334 _____ () C:\Users\Aaron\Desktop\Sicherer Zahlungsverkehr.lnk
2015-05-14 22:52 - 2015-05-29 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-05-14 22:52 - 2015-05-14 22:52 - 00001196 _____ () C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2015-05-14 22:52 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-05-14 22:51 - 2015-06-05 13:11 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2015-05-14 22:51 - 2015-05-17 21:49 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-05-14 22:51 - 2015-05-17 21:49 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-05-14 22:51 - 2015-05-14 22:51 - 00000000 ____D () C:\Windows\ELAMBKUP
2015-05-14 22:51 - 2015-05-14 22:51 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2015-05-14 22:51 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-05-14 22:43 - 2015-05-14 22:48 - 176562784 _____ () C:\Users\Aaron\Downloads\kis15.0.0.463de_6508.exe
2015-05-13 13:20 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:20 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 10:59 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 10:59 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 10:59 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 10:59 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 10:59 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 10:59 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 10:59 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 10:59 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 10:59 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 10:59 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 10:59 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 10:59 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 10:59 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 10:59 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 10:59 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 10:59 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 10:59 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 10:59 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 10:59 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 10:59 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 10:59 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 10:59 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 10:59 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 10:59 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 10:59 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 10:59 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 10:59 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 10:59 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 10:59 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 10:59 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 10:59 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 10:59 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 10:59 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 10:59 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 10:59 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 10:59 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 10:59 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 10:59 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 10:59 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 10:59 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 10:59 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 10:59 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 10:59 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 10:59 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 10:59 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 10:59 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 10:59 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 10:59 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 10:59 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 10:59 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 10:59 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 10:59 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 10:59 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 10:59 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 10:59 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 10:59 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 10:59 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 10:59 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 10:59 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 10:59 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 10:59 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 10:59 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 10:59 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 10:59 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 10:58 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 10:58 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 10:58 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 10:58 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 10:58 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 10:58 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 10:58 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 10:58 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 10:58 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 10:58 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 10:58 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 10:58 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 10:58 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 10:58 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 10:58 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 10:58 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 10:58 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 10:58 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 10:58 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 10:58 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 10:58 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 10:58 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 10:58 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 10:58 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 10:58 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 10:58 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 10:58 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 10:58 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 10:58 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 10:57 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 10:57 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 10:57 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 10:57 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 10:57 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 10:57 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 10:57 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 10:57 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 10:57 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 10:57 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 10:57 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 10:57 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-12 17:23 - 2015-05-12 17:23 - 00005710 _____ () C:\Users\Aaron\Downloads\idlesave(1)
2015-05-10 21:09 - 2015-05-10 21:09 - 00003756 _____ () C:\Users\Aaron\Downloads\idlesave
2015-05-08 23:03 - 2015-05-08 23:03 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Steam
2015-05-08 22:57 - 2015-05-08 22:57 - 01142128 _____ () C:\Users\Aaron\Downloads\SteamSetup.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 15:10 - 2015-04-11 08:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-05 14:55 - 2009-07-14 06:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-05 14:55 - 2009-07-14 06:45 - 00020704 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-05 14:28 - 2014-11-01 15:07 - 00000000 ____D () C:\Users\Aaron\Desktop\Neuer Ordner
2015-06-05 14:24 - 2014-11-01 14:00 - 01986732 _____ () C:\Windows\WindowsUpdate.log
2015-06-05 12:55 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-05 12:55 - 2009-07-14 06:51 - 00060707 _____ () C:\Windows\setupact.log
2015-06-04 17:50 - 2014-11-01 14:33 - 01370112 _____ () C:\Windows\PFRO.log
2015-06-03 15:59 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-06-03 15:54 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-06-03 15:53 - 2009-07-14 04:34 - 68681728 _____ () C:\Windows\system32\config\software.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 53215232 _____ () C:\Windows\system32\config\components.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 18350080 _____ () C:\Windows\system32\config\system.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 00524288 _____ () C:\Windows\system32\config\default.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-06-03 15:53 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2015-06-03 15:38 - 2014-11-01 15:06 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-02 19:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2015-06-02 18:14 - 2014-11-07 23:14 - 00000000 ____D () C:\Users\Aaron\Documents\Anki
2015-06-01 18:40 - 2009-07-14 19:58 - 00699092 _____ () C:\Windows\system32\perfh007.dat
2015-06-01 18:40 - 2009-07-14 19:58 - 00149232 _____ () C:\Windows\system32\perfc007.dat
2015-06-01 18:40 - 2009-07-14 07:13 - 01619284 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-29 22:26 - 2014-11-01 18:18 - 00000000 ____D () C:\Users\Aaron\AppData\Roaming\Skype
2015-05-29 22:23 - 2014-11-01 14:02 - 00000000 ____D () C:\Users\Aaron
2015-05-29 22:22 - 2015-05-04 19:03 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-05-29 22:22 - 2015-04-04 15:17 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-29 22:22 - 2015-03-07 14:00 - 00000000 ____D () C:\Program Files\CyberGhost 5
2015-05-29 22:22 - 2014-12-26 22:24 - 00000000 ____D () C:\Users\Aaron\AppData\Local\fabi.me
2015-05-29 22:22 - 2014-11-01 23:20 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Abelssoft
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2015-05-29 22:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-29 22:21 - 2014-11-01 18:18 - 00000000 ____D () C:\ProgramData\Skype
2015-05-29 22:04 - 2009-07-14 20:18 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-05-28 22:56 - 2015-03-07 14:01 - 00000000 ____D () C:\Users\Aaron\AppData\Local\CyberGhost
2015-05-28 22:56 - 2014-11-01 14:02 - 00000000 ____D () C:\Users\Aaron\AppData\Local\VirtualStore
2015-05-26 21:43 - 2015-03-08 17:37 - 00000000 ____D () C:\Users\Aaron\Desktop\Moot
2015-05-26 18:41 - 2014-11-01 14:15 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Adobe
2015-05-26 18:16 - 2015-04-11 08:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-26 18:16 - 2014-11-01 14:17 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-26 18:16 - 2014-11-01 14:17 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-26 16:52 - 2009-07-14 07:08 - 00005166 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-24 22:17 - 2014-11-27 23:41 - 00006360 _____ () C:\Users\Aaron\Documents\SC.txt
2015-05-20 23:50 - 2015-04-04 15:17 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-19 17:21 - 2014-11-01 14:06 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-17 19:56 - 2015-04-14 18:27 - 00000000 ____D () C:\Program Files (x86)\G Data
2015-05-17 19:55 - 2015-04-14 18:17 - 00000000 ____D () C:\ProgramData\G Data
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Setup
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\MUI
2015-05-17 19:55 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\com
2015-05-17 19:42 - 2015-03-13 15:56 - 00000000 ____D () C:\ProgramData\Trend Micro
2015-05-17 19:38 - 2015-03-27 18:33 - 00000000 ____D () C:\Users\Aaron\AppData\Local\Trend Micro
2015-05-14 22:49 - 2015-03-30 19:05 - 00001161 _____ () C:\Users\Aaron\Desktop\VideoCacheView.cfg
2015-05-14 22:40 - 2015-04-26 21:54 - 00000962 _____ () C:\Users\Aaron\Documents\hahah.txt
2015-05-13 17:05 - 2009-07-14 06:45 - 00298248 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 17:02 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 17:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-13 13:24 - 2014-11-01 14:50 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 13:22 - 2009-10-14 07:12 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-11 09:58 - 2015-04-14 18:27 - 00006074 _____ () C:\Windows\DPINST.LOG

==================== Files in the root of some directories =======

2015-04-14 18:27 - 2015-04-14 18:27 - 0000000 _____ () C:\Users\Aaron\AppData\Roaming\gdfw.log
2015-04-14 18:27 - 2015-04-14 18:27 - 0000779 _____ () C:\Users\Aaron\AppData\Roaming\gdscan.log
2015-03-13 15:56 - 2015-03-13 15:56 - 0000036 _____ () C:\Users\Aaron\AppData\Local\housecall.guid.cache

Some files in TEMP:
====================
C:\Users\Aaron\AppData\Local\Temp\Quarantine.exe
C:\Users\Aaron\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-29 19:51

==================== End of log ============================
         
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Aaron at 2015-06-05 15:16:10
Running from C:\Users\Aaron\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Aaron (S-1-5-21-2455565853-2773199953-1460756191-1000 - Administrator - Enabled) => C:\Users\Aaron
Administrator (S-1-5-21-2455565853-2773199953-1460756191-500 - Administrator - Disabled)
Gast (S-1-5-21-2455565853-2773199953-1460756191-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2455565853-2773199953-1460756191-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.4.154 - Adobe Systems, Inc.)
AGEIA PhysX v6.12.02 (HKLM-x32\...\{7032E73F-68A0-48F9-8100-E70E79169BAE}) (Version: 6.12.02 - AGEIA Technologies, Inc.)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Blobby Volley 2 Version 1.0 (HKLM-x32\...\Blobby Volley 2 Version 1.0_is1) (Version:  - )
CHIP Updater (HKLM-x32\...\CHIP Updater_is1) (Version: 2.42 - Abelssoft)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version:  - )
Firefox Developer Edition 38.0a2 (x64 de) (HKLM\...\Firefox Developer Edition 38.0a2 (x64 de)) (Version: 38.0a2 - Mozilla)
Free Audio Converter version 5.0.55.113 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.55.113 - DVDVideoSoft Ltd.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google 日本語入力 (HKLM\...\{6A1E4EFB-3EE0-40A0-9D6D-E865370289DB}) (Version: 1.13.1641.0 - Google Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
iTunes (HKLM\...\{5D239A92-31A4-4FCA-967D-F9EA8E1FDF6A}) (Version: 12.1.2.27 - Apple Inc.)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1020 - Marvell)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MixMeister BPM Analyzer 1.0 (HKLM-x32\...\MixMeister BPM Analyzer_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0a2 - Mozilla)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 2.2.0.2 - NETGEAR)
ON_OFF Charge B12.1025.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Pale Moon 25.3.1 (x86 en-US) (HKLM-x32\...\Pale Moon 25.3.1 (x86 en-US)) (Version: 25.3.1 - Moonchild Productions)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sherlock Holmes jagt Arsene Lupin (HKLM-x32\...\{63686BEF-04CA-461C-B364-53BBC322F7BF}) (Version: 1.00.0777 - Frogwares)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.101 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Unity Web Player (HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-2455565853-2773199953-1460756191-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

==================== Restore Points =========================

26-05-2015 16:59:35 Windows Update
28-05-2015 20:30:45 Removed Skype™ 7.4
28-05-2015 20:33:46 Removed Skype Click to Call
28-05-2015 20:40:16 Removed BlueStacks Notification Center
29-05-2015 22:00:49 Wiederherstellungsvorgang
02-06-2015 17:01:47 Revo Uninstaller's restore point - YTD Video Downloader 4.8.9
02-06-2015 19:02:41 Removed BlueStacks Notification Center

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-06-03 15:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0E3E308E-ABEF-4846-89B8-278B4B018F87} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {0F88D255-2241-4208-8237-E341A4D7A173} - System32\Tasks\{5A57084D-AC5A-4D37-847B-140B7C012D90} => pcalua.exe -a D:\directx\dxsetup.exe -d D:\directx
Task: {1C4CB41F-68B8-4D5A-8A6F-F4C3AE36F657} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)
Task: {2A8FD334-CDAD-405B-9BA8-C3EF09EAAD56} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {37FB0945-E77F-4D35-8BC0-D0235553AB98} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {3A13FA42-EAEA-4644-B7AF-32EB8F334A94} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {55A4219C-07FF-4C29-9BD8-3C619515A305} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe [2015-03-27] (CHIP)
Task: {57F70703-9A44-4723-AB28-AFC48700A0A1} - \{1DFC94E0-EEB0-4BAF-A5B2-1F07400E5341} No Task File <==== ATTENTION
Task: {7C0BC5CD-DA14-4277-B6C1-E8744715E8FA} - \{EEF77C93-E979-49BA-8AA0-17E886F1EAEB} No Task File <==== ATTENTION
Task: {8820FE82-E598-4326-954A-39452D194616} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-23] (Google Inc.)
Task: {9BEE7F76-659C-4C46-8456-C3F4C8407328} - \User_Feed_Synchronization-{600F234B-E5B6-4B2D-9EB7-84B30C9F11A3} No Task File <==== ATTENTION
Task: {AB5D7CAF-DA83-41D8-9EE4-F11403BFC8CE} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {B7FD4B15-9BA8-468C-A210-B505DCC89E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {C713F4D1-F331-4653-B26A-F95CBFCB07D1} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2015-05-20] (Microsoft Corporation)
Task: {F99D18BE-4F1D-43A0-BD32-CC74BD35149D} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-03-12 19:25 - 2015-03-12 19:25 - 08266456 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2015-03-07 14:00 - 2015-05-21 14:48 - 01427424 _____ () C:\Program Files\CyberGhost 5\Geckofx-Core.dll
2014-12-04 21:34 - 2013-11-01 18:31 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-11-01 14:09 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-04-20 01:42 - 2015-05-17 21:23 - 00642344 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00347328 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2015-05-26 18:16 - 2015-05-26 18:16 - 16867504 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2455565853-2773199953-1460756191-1000\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 95.169.183.219 - 89.41.60.38

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{F910D0C9-262F-4427-9587-0E6D623BE027}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{A7CBF020-E154-4520-82A5-F40CD5A5B7F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{652FE1B6-04A6-4AB5-A263-EAA23ED5AF39}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{302EDD12-0AC8-4F32-8EC4-E7D89E05A27B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{48181101-7CA1-47FF-92C4-661EC8D8CC94}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{CFA596B3-FE44-4054-8514-A491E93A548B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{5203D9A2-92C6-4216-A0EA-872EF81D838F}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{2F8E4ABE-8813-41DD-8D11-B5B91F771C53}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{3E0A475E-F79E-4A19-8FC4-E6C041642D44}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{9B6DD1C2-563B-40A3-ACEE-ABC35DBF0A16}] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{A1AC3D49-DA7E-4405-A0A8-0CB37F6567D6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{0A163EAF-70F4-49F4-AF3A-F3F0E347D685}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{844A7132-5511-45ED-B0D3-A6A2CC5613A1}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6F80F7CA-4A0C-463F-998A-AEA71EFF8C3F}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{3BC87F6A-8C1F-4599-B2B0-2061EAB55569}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{C99151BB-774A-443B-A1DB-14A54D9B3201}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{F34A9EC6-DD46-4BE9-91D3-081674BC78CF}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{243C2F74-B1BD-4240-9D59-722D40F618E9}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [TCP Query User{BCA82D7E-E09E-4282-9713-9D5476F446F4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{90985EBA-FDA7-4896-BABE-94A5AB81DFB3}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{227CD673-EFE0-4C39-95B8-CDC817BB04C7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{7C632050-24B5-4D37-9BB9-0A8281082923}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{725EF301-0470-4F66-B155-EA5A4BAF23B3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{92FDDB1F-16DB-4943-B6A6-A9B59D6C8EE2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{77118A62-B07D-473F-8425-8026BDA0D373}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719D0DC3-7F9C-4DF8-A244-1029DB8C5602}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E3349BEC-5E4E-4AF9-87A3-EEC5AEA7F02D}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [{CE52468E-665F-4C3F-9DC6-79F6AEF8553A}] => (Allow) C:\Program Files\Firefox Developer Edition\firefox.exe
FirewallRules: [TCP Query User{7D882834-5CE4-4B78-969E-3EE357EEC731}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{940AFD68-2716-4CD4-8E11-505371C53FC0}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{BA9A4195-2E37-460B-8CDD-DAADF45FD634}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4BDA4317-797A-4D13-91A9-3862BCE7E88C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BFBDE6A1-CDF0-4FCC-9785-46D364151161}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{1E7CF97D-0B95-47BE-98C8-F2C5A31996FF}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F55D7FA2-0F23-40CC-AC52-B93B705654C9}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{E9098807-5655-4DBD-B013-AB2A0FA29E2D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2015 03:07:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (06/05/2015 02:00:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (06/05/2015 02:00:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Fehler bei der Erfassung des authentischen Tickets (hr=0xC004C4AB) für die Vorlagen-ID 66c92734-d682-4d71-983e-d6ec3f16059f.

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: Der Authentizitätsstatus ist auf nicht-authentisch (0x00000000) gesetzt für die Anwendungs-ID 55c92734-d682-4d71-983e-d6ec3f16059f.

Error: (05/29/2015 10:28:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Skype.exe, Version 7.5.0.101 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: d68

Startzeit: 01d09a4d6d5b3213

Endzeit: 5

Anwendungspfad: C:\Program Files (x86)\Skype\Phone\Skype.exe

Berichts-ID: 2867a548-0641-11e5-8dd8-94de80a96248


System errors:
=============
Error: (06/05/2015 02:05:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/05/2015 02:05:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Aaron\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/05/2015 02:05:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/05/2015 02:05:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Aaron\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/05/2015 02:05:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/05/2015 02:05:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Aaron\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/05/2015 02:02:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/05/2015 02:02:14 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Aaron\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (06/05/2015 02:02:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1275

Error: (06/05/2015 02:02:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Aaron\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


Microsoft Office:
=========================
Error: (06/05/2015 03:07:24 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (06/05/2015 02:00:41 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Aaron\Downloads\esetsmartinstaller_deu.exe

Error: (06/05/2015 02:00:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestC:\Users\Aaron\Downloads\esetsmartinstaller_deu.exe

Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:13:00 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:59 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: hr=0xC004C4AB66c92734-d682-4d71-983e-d6ec3f16059f

Error: (06/02/2015 06:12:58 PM) (Source: Software Protection Platform Service) (EventID: 8209) (User: )
Description: 0x0000000055c92734-d682-4d71-983e-d6ec3f16059f

Error: (05/29/2015 10:28:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe7.5.0.101d6801d09a4d6d5b32135C:\Program Files (x86)\Skype\Phone\Skype.exe2867a548-0641-11e5-8dd8-94de80a96248


CodeIntegrity Errors:
===================================
  Date: 2015-06-03 15:52:21.962
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-06-03 15:52:21.946
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-01 13:48:42.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\AVG\AVG2015\avghooka.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz
Percentage of memory in use: 46%
Total physical RAM: 7653.8 MB
Available physical RAM: 4083.63 MB
Total Pagefile: 15305.82 MB
Available Pagefile: 10995.43 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:119.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SHERLOCKHOLMES4) (CDROM) (Total:6.84 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: F22B4E44)
Partition 1: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---


Trotz Neustart leider keine sichtbare Veränderung

Alt 06.06.2015, 15:35   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Aaron\Desktop\Neuer Ordner\Downloads\Integrated_CT2325506.exe

C:\Users\Aaron\Downloads\64bit_Win7_Win8_Win81_R275 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Blobby Volley 2 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\BPM Analyzer - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Firefox 38 Developer Edition 64 Bit - CHIP-Installer.exe

C:\Users\Aaron\Downloads\FREEAV1504(1).exe

C:\Users\Aaron\Downloads\FREEAV1504.exe

C:\Users\Aaron\Downloads\G Data Internet Security 2015 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Origin EA Download Manager - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer(1).exe

C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Titanium Internet Security 2015 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\VideoCacheView - CHIP-Installer.exe

C:\Users\Aaron\Downloads\YTDSetup.exe
Task: {57F70703-9A44-4723-AB28-AFC48700A0A1} - \{1DFC94E0-EEB0-4BAF-A5B2-1F07400E5341} No Task File <==== ATTENTION

Task: {7C0BC5CD-DA14-4277-B6C1-E8744715E8FA} - \{EEF77C93-E979-49BA-8AA0-17E886F1EAEB} No Task File <==== ATTENTION

Task: {9BEE7F76-659C-4C46-8456-C3F4C8407328} - \User_Feed_Synchronization-{600F234B-E5B6-4B2D-9EB7-84B30C9F11A3} No Task File <==== ATTENTION

Task: {F99D18BE-4F1D-43A0-BD32-CC74BD35149D} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen



Hast Du den Windows Key schon neu eingebeben?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.06.2015, 16:21   #13
Ratchigka
 
Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Code:
ATTFilter
Fix result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Aaron at 2015-06-06 17:01:28 Run:1
Running from C:\Users\Aaron\Desktop
Loaded Profiles: Aaron (Available Profiles: Aaron)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\Users\Aaron\Desktop\Neuer Ordner\Downloads\Integrated_CT2325506.exe

C:\Users\Aaron\Downloads\64bit_Win7_Win8_Win81_R275 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Blobby Volley 2 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\BPM Analyzer - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Firefox 38 Developer Edition 64 Bit - CHIP-Installer.exe

C:\Users\Aaron\Downloads\FREEAV1504(1).exe

C:\Users\Aaron\Downloads\FREEAV1504.exe

C:\Users\Aaron\Downloads\G Data Internet Security 2015 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Origin EA Download Manager - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer(1).exe

C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer.exe

C:\Users\Aaron\Downloads\Titanium Internet Security 2015 - CHIP-Installer.exe

C:\Users\Aaron\Downloads\VideoCacheView - CHIP-Installer.exe

C:\Users\Aaron\Downloads\YTDSetup.exe
Task: {57F70703-9A44-4723-AB28-AFC48700A0A1} - \{1DFC94E0-EEB0-4BAF-A5B2-1F07400E5341} No Task File <==== ATTENTION

Task: {7C0BC5CD-DA14-4277-B6C1-E8744715E8FA} - \{EEF77C93-E979-49BA-8AA0-17E886F1EAEB} No Task File <==== ATTENTION

Task: {9BEE7F76-659C-4C46-8456-C3F4C8407328} - \User_Feed_Synchronization-{600F234B-E5B6-4B2D-9EB7-84B30C9F11A3} No Task File <==== ATTENTION

Task: {F99D18BE-4F1D-43A0-BD32-CC74BD35149D} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Emptytemp:
         
*****************

C:\Users\Aaron\Desktop\Neuer Ordner\Downloads\Integrated_CT2325506.exe => moved successfully.
C:\Users\Aaron\Downloads\64bit_Win7_Win8_Win81_R275 - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\Blobby Volley 2 - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\BPM Analyzer - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\Firefox 38 Developer Edition 64 Bit - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\FREEAV1504(1).exe => moved successfully.
C:\Users\Aaron\Downloads\FREEAV1504.exe => moved successfully.
C:\Users\Aaron\Downloads\G Data Internet Security 2015 - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\Origin EA Download Manager - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer(1).exe => moved successfully.
C:\Users\Aaron\Downloads\Pale Moon - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\Titanium Internet Security 2015 - CHIP-Installer.exe => moved successfully.
C:\Users\Aaron\Downloads\VideoCacheView - CHIP-Installer.exe => moved successfully.
"C:\Users\Aaron\Downloads\YTDSetup.exe" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57F70703-9A44-4723-AB28-AFC48700A0A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57F70703-9A44-4723-AB28-AFC48700A0A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{1DFC94E0-EEB0-4BAF-A5B2-1F07400E5341}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7C0BC5CD-DA14-4277-B6C1-E8744715E8FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C0BC5CD-DA14-4277-B6C1-E8744715E8FA}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EEF77C93-E979-49BA-8AA0-17E886F1EAEB}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9BEE7F76-659C-4C46-8456-C3F4C8407328}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9BEE7F76-659C-4C46-8456-C3F4C8407328}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\User_Feed_Synchronization-{600F234B-E5B6-4B2D-9EB7-84B30C9F11A3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F99D18BE-4F1D-43A0-BD32-CC74BD35149D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F99D18BE-4F1D-43A0-BD32-CC74BD35149D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CreateChoiceProcessTask" => key removed successfully
EmptyTemp: => 562 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 17:02:04 ====
         
Den Windows Key habe ich noch nicht neu eingegeben

Alt 07.06.2015, 15:07   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows-kein-Originalprodukt-Meldung - Standard

Windows-kein-Originalprodukt-Meldung



Mach das mal bitte und berichte
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows-kein-Originalprodukt-Meldung
anhang, anleitung, beheben, bli, blink, cmd, fehlfunktion, forums, führte, innerhalb, jegliche, konnte, leitung, logfile, lösung, meldung, recht, scan, skype, stand, tagen, versuche, windows, woche, wochen



Ähnliche Themen: Windows-kein-Originalprodukt-Meldung


  1. Win 7: Virus? Kein Internet und Meldung: Windows-Sicherheitscenter" aktivieren
    Plagegeister aller Art und deren Bekämpfung - 21.07.2015 (52)
  2. Windows 7 32 Bit: Kein abgesicherter Modus, Kein Avast möglich, WIN-Update streikt USW.
    Plagegeister aller Art und deren Bekämpfung - 30.06.2015 (16)
  3. Win32 Dropper Gen Meldung von Avast, aber kein Fund durch Malwarebytes Anti-Rootkit
    Antiviren-, Firewall- und andere Schutzprogramme - 01.06.2014 (14)
  4. NVIDIA gelöscht! Kein Treiber für Windows vista, kein Internet!
    Alles rund um Windows - 13.06.2013 (17)
  5. Meldung"Konsistenz überprüfen" und kein hochfahren mehr möglich
    Alles rund um Windows - 07.06.2013 (5)
  6. Bundespolizei, Trojaner, Windows XP, Kein Taskmanager, kein abgesicherter Modus
    Log-Analyse und Auswertung - 14.04.2013 (20)
  7. Windows Verschlüsselungs-Trojaner...kein Systemzugriff...kein abgesichter Modus
    Log-Analyse und Auswertung - 05.07.2012 (7)
  8. Windows-Verschlüsselungs Trojaner lässt nichts anderes zu, KEIN Desktop, KEIN Windwos
    Plagegeister aller Art und deren Bekämpfung - 13.06.2012 (9)
  9. Meldung im Vollbild "Webseite kann nicht angezeigt werden" kein Zugriff auf Desktop
    Plagegeister aller Art und deren Bekämpfung - 31.03.2012 (1)
  10. Keine Anmeldung bei Windows mehr möglich. Passwort feld fehlt. Kein Internet mehr. Kein Admin mehr.
    Plagegeister aller Art und deren Bekämpfung - 15.02.2012 (5)
  11. windows 7, weißer Bildschirm, Meldung: windows security center, Achtung! Ihr Computer wurde gesperrt
    Log-Analyse und Auswertung - 06.02.2012 (11)
  12. BKA-Trojaner - Windows XP - kein eloxor.exe und jashla.exe gefunden - Kein Experte / Angst
    Plagegeister aller Art und deren Bekämpfung - 14.01.2012 (44)
  13. Kein Zugriff auf meinen Laptop, Meldung von der "Bundespolizei"
    Log-Analyse und Auswertung - 23.11.2011 (8)
  14. Kein update für Antivir und Windows, kein Virusscan möglich
    Plagegeister aller Art und deren Bekämpfung - 22.12.2010 (0)
  15. JS/FakeAlert.btq, kein Hintergrundbild mehr, englische Meldung, dass Pc infiziert...
    Plagegeister aller Art und deren Bekämpfung - 31.01.2010 (1)
  16. Fehler Meldung: Windows kein Datenträger "exeption processing..."
    Plagegeister aller Art und deren Bekämpfung - 11.05.2009 (1)
  17. kaspersky neu +trotzdem Meldung: Kein Virusschutzprog installiert
    Antiviren-, Firewall- und andere Schutzprogramme - 23.11.2008 (5)

Zum Thema Windows-kein-Originalprodukt-Meldung - Hallo, vor einigen Tagen begann Windows eine Meldung mit der Aussage "Windows [sei] kein Originalprodukt" zu öffnen. Alles begann mit einer Fehlfunktion von Skype, die ich seit Wochen zu beheben - Windows-kein-Originalprodukt-Meldung...
Archiv
Du betrachtest: Windows-kein-Originalprodukt-Meldung auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.