Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: USB-Treiber-Virus

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.06.2015, 08:07   #1
Turtok
 
USB-Treiber-Virus - Standard

USB-Treiber-Virus



Morgen,

siehe Anhang.

Wie hoch ist die Gefahr für meine Daten (Keylogger) und Hardware? Was kann ich tun?

Habe in letzter Zeit Performance-Einbußen erfahren.
Angehängte Grafiken
Dateityp: png möglicher Virus.png (25,6 KB, 158x aufgerufen)

Geändert von Turtok (09.06.2015 um 08:39 Uhr)

Alt 09.06.2015, 08:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 

USB-Treiber-Virus - Standard

USB-Treiber-Virus



Hi.

bitte Bilder direkt im Thema anhängen.
__________________

__________________

Alt 09.06.2015, 08:38   #3
Turtok
 
USB-Treiber-Virus - Standard

USB-Treiber-Virus



Gemacht.
__________________

Alt 09.06.2015, 20:26   #4
schrauber
/// the machine
/// TB-Ausbilder
 

USB-Treiber-Virus - Standard

USB-Treiber-Virus



Naja, so kann man gar nix sagen was das is


Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.06.2015, 03:33   #5
Turtok
 
USB-Treiber-Virus - Standard

USB-Treiber-Virus



Hey, danke für die Hilfe. Ein Komplettscan meines Computers mittels Kaspersky Rescue Disk hat nichts gefunden.

Das dubiose USB-Device wurde mittlerweile von Windows selbst ausgeworfen (Spuren verdecken?). In der Additions-Datei finden sich dazu Daten.

Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:08-06-2015
Ran by XY (administrator) on YX on 10-06-2015 04:05:29
Running from F:\Dateien\Downloads
Loaded Profiles: XY (Available Profiles: XY)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(DEVGURU Co., LTD.) F:\Programme\USB Drivers\25_escape\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Dropbox, Inc.) C:\Users\XY\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(CyberLink) F:\Programme\Blu-Ray CyberLink\Power2Go\CLMLSvc.exe
(CyberLink Corp.) F:\Programme\Blu-Ray CyberLink\PowerDVD\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Corporation) C:\Windows\System32\wsqmcons.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790176 2011-03-31] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-03-31] (Atheros Commnucations)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-27] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [CLMLServer] => F:\Programme\Blu-Ray CyberLink\Power2Go\CLMLSvc.exe [103720 2009-12-15] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => F:\Programme\Blu-Ray CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => F:\Programme\Blu-Ray CyberLink\PowerDVD\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-08-27] (cyberlink)
HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\Run: [Google Update] => C:\Users\XY\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-08] (Google Inc.)
HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\Run: [AVG-Secure-Search-Update_0913b] => C:\Users\XY\AppData\Roaming\AVG 0913b Campaign\AVG-Secure-Search-Update-0913b.exe /PROMPT --mid cc2234742cd847d08ac35dc0e321a6df-683c252bd7092faa513acdc0848dfc6de393d2f1 --CMPID 0913b
HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\XY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-10-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\XY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-2476738138-2934667842-973732832-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2476738138-2934667842-973732832-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-31] (Atheros Commnucations)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\XY\AppData\Roaming\Mozilla\Firefox\Profiles\0b21wbto.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll [2014-10-01] ()
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll [2014-10-01] ()
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2476738138-2934667842-973732832-1000: @tools.google.com/Google Update;version=3 -> C:\Users\XY\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-2476738138-2934667842-973732832-1000: @tools.google.com/Google Update;version=9 -> C:\Users\XY\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-14] (Google Inc.)
FF Extension: Greasemonkey - C:\Users\XY\AppData\Roaming\Mozilla\Firefox\Profiles\0b21wbto.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-05-17]
StartMenuInternet: FIREFOX.EXE - F:\Programme\FireFox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-01-14]
CHR Extension: (HD for YouTube™) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\akjbfncbadcmnkopckegnmjgihagponf [2014-01-14]
CHR Extension: (Google Drive) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-01]
CHR Extension: (AdBlock) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2012-09-08]
CHR Extension: (A Journey through Middle-earth) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2014-12-08]
CHR Extension: (Bookmark Manager) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-12]
CHR Extension: (Google Wallet) - C:\Users\XY\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
StartMenuInternet: Google Chrome.I2LO3Y57J4JZOZWH34PWFMOHHA - C:\Users\XY\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [75936 2011-03-31] (Atheros Commnucations) [File not signed]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1145216 2015-06-05] ()
S2 CLKMSVC10_C6E1E202; F:\Programme\Blu-Ray CyberLink\PowerDVD\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-08-27] (CyberLink)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 Origin Client Service; F:\Spiele\Origin\OriginClientService.exe [1931632 2015-04-26] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-15] ()
S2 SkypeUpdate; F:\Programme\Updater\Updater.exe [315488 2015-01-02] (Skype Technologies)
R2 ss_conn_service; F:\Programme\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253920 2015-05-07] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [220128 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [291296 2015-05-04] (AVG Technologies CZ, s.r.o.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [27456 2012-07-09] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [40104 2014-08-21] (Razer Inc)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [54640 2014-03-24] (Thesycon GmbH, Germany)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [106256 2013-09-06] (Oracle Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 easytether; system32\DRIVERS\easytthr.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 04:04 - 2015-06-10 04:05 - 00000000 ____D C:\FRST
2015-06-09 21:34 - 2015-06-10 06:00 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-06-09 19:02 - 2015-06-09 19:02 - 00000741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2015-06-09 19:02 - 2015-06-09 19:02 - 00000000 ____D C:\Users\XY\AppData\Roaming\Canneverbe Limited
2015-06-09 19:02 - 2015-06-09 19:02 - 00000000 ____D C:\ProgramData\Canneverbe Limited
2015-06-06 18:09 - 2015-06-06 18:13 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-06-05 02:59 - 2015-06-05 02:59 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-04 03:00 - 2015-06-04 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2015-06-03 21:51 - 2015-06-03 21:51 - 00000000 ____D C:\Users\XY\AppData\Local\openvr
2015-06-03 21:48 - 2015-06-03 21:48 - 00000000 ____D C:\Users\XY\AppData\Local\Steam
2015-06-02 16:20 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-02 16:18 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-02 16:18 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-02 16:18 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-02 16:18 - 2015-05-28 09:04 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-02 16:09 - 2015-06-02 16:11 - 00000000 ____D C:\Users\XY\AppData\Local\NVIDIA Corporation
2015-06-02 16:08 - 2015-06-02 16:08 - 00001383 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-02 16:08 - 2015-06-02 16:08 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-02 16:08 - 2015-05-23 03:47 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-02 16:08 - 2015-05-23 03:47 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-02 16:08 - 2015-05-23 03:47 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-02 16:08 - 2015-05-23 03:47 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-02 16:08 - 2015-04-03 15:21 - 00052880 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-02 16:08 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-02 16:08 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-31 02:01 - 2015-05-31 02:08 - 00000000 ____D C:\Users\XY\AppData\Roaming\FontForge
2015-05-31 02:01 - 2015-05-31 02:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontForge
2015-05-30 23:17 - 2015-05-30 23:17 - 00000000 ____D C:\Users\XY\.MCTranscodingSDK
2015-05-28 12:11 - 2015-05-28 12:11 - 00000000 ____D C:\Users\XY\AppData\Local\Avg
2015-05-26 23:02 - 2015-05-26 23:03 - 00000020 _____ C:\Users\XY\Desktop\Aenoxx.txt
2015-05-17 01:19 - 2015-05-17 01:19 - 00001032 _____ C:\Users\XY\Desktop\firefox.exe - Verknüpfung.lnk
2015-05-17 01:17 - 2015-05-17 01:17 - 00000000 ____D C:\Users\XY\AppData\Local\Mozilla
2015-05-14 03:01 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 03:01 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:02 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 13:02 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:02 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 13:02 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 13:02 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 13:02 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 13:02 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 13:02 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 13:02 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 13:02 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 13:02 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 13:02 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 13:02 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 13:02 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 13:02 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 13:02 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 13:02 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 13:02 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 13:02 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 13:02 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 13:02 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 13:02 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 13:02 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 13:02 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 13:02 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 13:02 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 13:02 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 13:02 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 13:02 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 13:02 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 13:02 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:02 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 13:02 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 13:02 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:02 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:02 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 13:02 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 13:02 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 13:02 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:02 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 13:02 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 13:02 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 13:02 - 2015-04-10 18:54 - 17881088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 13:02 - 2015-04-10 18:44 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 13:02 - 2015-04-10 18:43 - 10935808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 13:02 - 2015-04-10 18:43 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 13:02 - 2015-04-10 18:39 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 13:02 - 2015-04-10 18:39 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 13:02 - 2015-04-10 18:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 13:02 - 2015-04-10 18:37 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 13:02 - 2015-04-10 18:37 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 13:02 - 2015-04-10 18:37 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-13 13:02 - 2015-04-10 18:37 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-13 13:02 - 2015-04-10 18:36 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-13 13:02 - 2015-04-10 17:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 13:02 - 2015-04-10 17:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 13:02 - 2015-04-10 17:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 13:02 - 2015-04-10 17:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 13:02 - 2015-04-10 17:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 13:02 - 2015-04-10 17:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 13:02 - 2015-04-10 17:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-05-13 13:02 - 2015-04-10 17:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 13:02 - 2015-04-10 17:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 13:02 - 2015-04-10 17:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 13:02 - 2015-04-10 17:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 13:02 - 2015-04-10 17:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 13:02 - 2015-04-10 17:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 13:02 - 2015-04-10 17:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-05-13 13:02 - 2015-04-10 17:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-05-13 13:02 - 2015-04-10 17:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-05-13 13:00 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 13:00 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 13:00 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 13:00 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 13:00 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 13:00 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 13:00 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 13:00 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 13:00 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 13:00 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 13:00 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 13:00 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 13:00 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 13:00 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-10 04:05 - 2012-09-09 23:59 - 00000000 ____D C:\ProgramData\MFAData
2015-06-10 04:05 - 2012-09-06 20:00 - 01351954 _____ C:\Windows\WindowsUpdate.log
2015-06-10 04:02 - 2012-09-30 16:59 - 00000000 ____D C:\Users\XY\AppData\Roaming\Dropbox
2015-06-10 04:02 - 2009-07-14 06:51 - 00237531 _____ C:\Windows\setupact.log
2015-06-10 04:01 - 2012-09-08 20:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-10 04:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-09 19:16 - 2009-07-14 06:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 19:16 - 2009-07-14 06:45 - 00029120 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 19:14 - 2011-04-12 09:43 - 00700454 _____ C:\Windows\system32\perfh007.dat
2015-06-09 19:14 - 2011-04-12 09:43 - 00150092 _____ C:\Windows\system32\perfc007.dat
2015-06-09 19:14 - 2009-07-14 07:13 - 01624034 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 18:17 - 2012-09-08 22:43 - 00001160 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000UA.job
2015-06-09 13:27 - 2012-09-08 22:43 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000Core.job
2015-06-09 03:05 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-06-06 18:09 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-06-06 18:09 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-06-06 06:16 - 2013-10-25 14:05 - 00000000 ____D C:\Users\XY\AppData\Local\Battle.net
2015-06-05 02:59 - 2014-06-18 23:20 - 00000000 ____D C:\Users\XY\AppData\Local\DayZ
2015-06-04 14:56 - 2012-09-15 00:38 - 00000000 ____D C:\Users\XY\Documents\TrackMania
2015-06-02 16:44 - 2013-06-01 21:37 - 00000000 ____D C:\Users\XY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-02 16:44 - 2012-09-08 20:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-02 16:20 - 2015-01-13 01:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-02 16:20 - 2013-06-14 23:01 - 00000000 ____D C:\Temp
2015-06-02 16:20 - 2012-09-08 20:28 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-02 16:19 - 2012-09-08 20:28 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-02 16:09 - 2015-01-13 01:04 - 00000000 ____D C:\Users\XY\AppData\Local\NVIDIA
2015-06-01 18:02 - 2010-11-21 05:47 - 00181924 _____ C:\Windows\PFRO.log
2015-06-01 18:02 - 2009-07-14 06:45 - 05048544 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-31 03:27 - 2012-09-08 20:31 - 00129728 _____ C:\Users\XY\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-31 03:12 - 2012-09-06 20:00 - 00000000 ____D C:\Users\XY\AppData\Local\VirtualStore
2015-05-31 02:50 - 2014-03-01 16:23 - 00000000 ____D C:\Users\XY\AppData\Local\CrashDumps
2015-05-30 23:17 - 2013-07-18 21:32 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2015-05-30 23:17 - 2013-07-18 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2015-05-30 23:17 - 2012-09-06 20:00 - 00000000 ____D C:\Users\XY
2015-05-28 19:59 - 2012-09-08 22:43 - 00000000 ____D C:\Users\XY\AppData\Local\Deployment
2015-05-28 12:12 - 2014-03-31 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-28 09:04 - 2014-08-19 23:14 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-28 09:04 - 2013-02-26 00:32 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-28 09:04 - 2012-10-10 22:23 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2012-10-10 22:23 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2012-10-10 22:22 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2012-09-08 20:28 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2012-09-08 20:28 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2012-09-08 20:28 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2012-09-08 20:28 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2012-09-08 20:28 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2012-09-08 20:28 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2012-09-08 20:28 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2012-09-08 20:28 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-22 19:29 - 2012-09-09 23:25 - 00007603 _____ C:\Users\XY\AppData\Local\Resmon.ResmonCfg
2015-05-20 02:27 - 2012-12-11 20:37 - 00000000 ____D C:\Users\XY\AppData\Roaming\Audacity
2015-05-17 01:17 - 2012-09-15 18:32 - 00000000 ____D C:\Users\XY\AppData\Roaming\Mozilla
2015-05-14 13:12 - 2012-09-08 22:43 - 00004150 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000UA
2015-05-14 13:12 - 2012-09-08 22:43 - 00003754 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000Core
2015-05-14 03:08 - 2014-09-17 13:01 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 03:08 - 2014-09-17 13:01 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 03:07 - 2011-04-12 09:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 03:07 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 03:05 - 2013-08-21 03:00 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 03:02 - 2012-09-10 20:48 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 03:01 - 2014-09-17 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 02:59 - 2013-10-16 12:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 03:15 - 2012-09-30 17:05 - 00000000 ____D C:\Users\XY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2014-06-16 08:01 - 2014-06-16 04:49 - 0012005 _____ () C:\Users\XY\AppData\Roaming\alsoft.ini
2013-07-12 04:43 - 2013-07-13 18:16 - 0000115 _____ () C:\Users\XY\AppData\Roaming\Camdata.ini
2013-07-12 04:43 - 2013-07-13 18:16 - 0000408 _____ () C:\Users\XY\AppData\Roaming\CamLayout.ini
2013-07-12 04:43 - 2013-07-13 18:16 - 0000408 _____ () C:\Users\XY\AppData\Roaming\CamShapes.ini
2013-07-12 04:43 - 2013-07-13 18:16 - 0004538 _____ () C:\Users\XY\AppData\Roaming\CamStudio.cfg
2012-12-08 19:55 - 2014-01-22 19:33 - 0005632 _____ () C:\Users\XY\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-09-09 23:25 - 2015-05-22 19:29 - 0007603 _____ () C:\Users\XY\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\XY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnuaqvw.dll
C:\Users\XY\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\XY\AppData\Local\Temp\nvStInst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-04 06:26

==================== End of log ============================
         


Alt 10.06.2015, 03:34   #6
Turtok
 
USB-Treiber-Virus - Standard

USB-Treiber-Virus



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:08-06-2015
Ran by XY at 2015-06-10 04:05:54
Running from F:\Dateien\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2476738138-2934667842-973732832-500 - Administrator - Disabled)
Gast (S-1-5-21-2476738138-2934667842-973732832-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2476738138-2934667842-973732832-1004 - Limited - Enabled)
XY (S-1-5-21-2476738138-2934667842-973732832-1000 - Administrator - Enabled) => C:\Users\XY

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Action Replay DSi Code Manager (HKLM\...\Action Replay DSi Code Manager_is1) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4355 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlefield: Bad Company™ 2 (HKLM-x32\...\{3AC8457C-0385-4BEA-A959-E095F05D6D67}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.95 - Atheros Communications)
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5642 - CDBurnerXP)
Curse Client (HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4508.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dropbox (HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.5 - MakeMusic)
FontForge Version 01-05-2015 (HKLM-x32\...\{56748B9C-19AE-4689-B8C5-5A45AE0A993A}_is1) (Version: 01-05-2015 - FontForgeBuilds)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.1.41.1201 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.41.1201 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.11.34.1015 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.34.1015 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.6 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.6 - Gameforge)
GeoGebra 4.2 (HKLM-x32\...\GeoGebra 4.2) (Version: 4.2.58.0 - International GeoGebra Institute)
Google Chrome (HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Guild Wars 2 Personal Assistant Overlay (HKLM-x32\...\{7CEEC405-42EA-4C71-9CAA-3812E0CEF49A}_is1) (Version: 3.1 - Samuel Hurne)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Inkscape 0.46 (HKLM-x32\...\Inkscape) (Version: 0.46 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.6009 - CyberLink Corp.)
LG Burning Tool (x32 Version: 6.2.6009 - CyberLink Corp.) Hidden
LG CyberLink BD Advisor (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.4606 - CyberLink Corp.)
LibreOffice 4.0.4.2 (HKLM-x32\...\{FE88323B-9F0E-4596-8F56-37757C6918E9}) (Version: 4.0.4.2 - The Document Foundation)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.0.2.0 - Lightworks)
Logitech Gaming Software 8.46 (HKLM\...\Logitech Gaming Software) (Version: 8.46.27 - Logitech Inc.)
Metin2 (HKLM-x32\...\Metin2_is1) (Version:  - Gameforge 4D GmbH)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MIDI Converter Studio 8.2 (HKLM-x32\...\MIDI Converter Studio_is1) (Version:  - ManiacTools.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Thunderbird 15.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 15.0.1 (x86 de)) (Version: 15.0.1 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKU\S-1-5-21-2476738138-2934667842-973732832-1000\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neverwinter (HKLM-x32\...\Neverwinter) (Version:  - Cryptic Studios)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.2.18 (HKLM\...\{230C9C86-26A9-437F-8152-34D5F4C3F680}) (Version: 4.2.18 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
S Note (HKLM-x32\...\{4462A25C-1EE5-4701-84A3-ED7BA4672010}) (Version: 4.01.0206 - Samsung)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.6 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
TmUnitedForever (HKLM-x32\...\TmUnitedForever_is1) (Version:  - Nadeo)
UxStyle Core Beta (HKLM\...\{8E363055-15E5-4D8A-9C69-A0A9DE9A3337}) (Version: 0.2.1.1 - The Within Network, LLC)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Datel Design & Development (usbio) USBIOControlledDevices  (05/21/2012 2.40.0.0) (HKLM\...\7BD98A593B77F7A2CC2A9538524495FE39D5962E) (Version: 05/21/2012 2.40.0.0 - Datel Design & Development)
Windows-Treiberpaket - Datel Design & Development USBIOControlledDevices  (05/21/2012 2.40.0.0) (HKLM\...\66D0EA0FEC96AC8BA6F5D30012E2C0BE83D4A67B) (Version: 05/21/2012 2.40.0.0 - Datel Design & Development)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{5696003f-20e5-489a-b5d7-fc5e7362d8aa}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\XY\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2476738138-2934667842-973732832-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\XY\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1BF3EEE9-A437-4F85-A4A1-AB639CCF2A87} - System32\Tasks\{4407AE65-66E9-4C09-BD58-3F3EFC5DC91E} => pcalua.exe -a F:\Spiele\Minecraft\Shaders\INSTALLER.exe -d F:\Spiele\Minecraft\Shaders
Task: {26CA7562-4E9E-48C6-84F0-21F81035413A} - System32\Tasks\{8D556DAB-BC1A-4919-BA95-B46A382B9C92} => pcalua.exe -a "C:\Users\XY\AppData\Local\Temp\Temp3_intel_sct_mb.zip\INTEL SCT\Setup.exe"
Task: {26D14013-CBC5-4C07-BAA9-B1BED8E8266D} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {27D62B5E-8C25-479E-92F5-03467F3EF638} - System32\Tasks\{73BCC4DD-CF97-4CF1-A88F-28135F45DD1E} => F:\Dateien\Dropbox\PokemonFiles\PokemonTools\Gen 3\Enciclopedia Pokemon - Esm.exe [2010-02-07] (Enciclopedia Pokemon)
Task: {2ED4DAD9-7637-49BB-8756-6C81741839DC} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {2F672805-9AD8-4582-9038-BE65B1EDC583} - System32\Tasks\{63365B5D-3ED5-4944-960F-7B0179A67254} => pcalua.exe -a "C:\Users\XY\AppData\Local\Temp\Temp2_intel_sct_mb.zip\INTEL SCT\Setup.exe"
Task: {30ED741D-B2A8-434D-992A-CF1DCE61F1DD} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-11-21] (Microsoft Corporation)
Task: {35670527-9058-46CC-9DE5-EE7E2E5D94AA} - System32\Tasks\{755CF45D-548C-498F-95CE-95EA96482223} => pcalua.exe -a C:\Users\XYTI~1\AppData\Local\Temp\VSD4D1B.tmp\DotNetFx35Client\DotNetFx35ClientSetup.exe -d F:\Dateien\Downloads -c /lang:enu /passive /norestart
Task: {4A00C2B6-1B18-47BA-A775-2AE5BEFFAC2D} - System32\Tasks\{3A3FE845-0FA9-4A27-8FB9-C4511D904CE9} => pcalua.exe -a "C:\Users\XY\AppData\Local\Temp\Temp1_intel_sct_mb.zip\INTEL SCT\Setup.exe"
Task: {4EFA11F5-53E5-453C-81EE-CBBAE8E03F62} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000UA => C:\Users\XY\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-08] (Google Inc.)
Task: {7CBB61EE-0E2A-4FE6-941D-57AE75957AB1} - System32\Tasks\{C3411337-0BED-43DB-8C01-667165D3C5D0} => F:\Dateien\Downloads\NintendoWiFiUSB106\NintendoWFCReg\setup.exe [2007-09-10] ()
Task: {8045B8E0-C905-42B5-9AEC-D5A9FF1119B7} - System32\Tasks\{ACE4B29A-F0E1-44F3-80A4-054462F49054} => F:\Dateien\Downloads\setupgeom1 (2).exe [2013-09-23] ()
Task: {8D21A372-E73F-465D-B2EA-905484B1CD35} - System32\Tasks\{199300DF-03A5-4BA2-9DFC-396E254D037F} => F:\Dateien\Dropbox\PokemonFiles\PokemonTools\Gen 3\Enciclopedia Pokemon - Esm.exe [2010-02-07] (Enciclopedia Pokemon)
Task: {9DBAC059-8336-4BD8-8140-A90E567642B0} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {9F641865-764D-4599-AA16-A45A37ECB8D5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {A1F62BB2-7FB3-4340-8A74-67A85BB30567} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000Core => C:\Users\XY\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-08] (Google Inc.)
Task: {A2EA39ED-10DF-4CA5-A0E4-9F19EBBA4843} - System32\Tasks\{2C6D03FA-3AAB-43BB-80F1-528696E36E03} => F:\Spiele\SWBF2 1.0 - Kopie\BFIIUpdateInt1_1.exe
Task: {B1F54468-E2F0-44D3-93C1-1CBE73DCAC20} - System32\Tasks\{D72B371A-C743-4D73-B002-9A617806C85C} => F:\Dateien\Downloads\setupgeom1 (2).exe [2013-09-23] ()
Task: {CC827B6A-395E-4E89-B999-631F5AFBA773} - System32\Tasks\{B1BEF40F-DC87-48C7-8325-9AA229411242} => F:\Dateien\Downloads\NintendoWiFiUSB106\NintendoWFCReg\setup.exe [2007-09-10] ()
Task: {E09D9B90-9304-4EAE-97CE-82B862A216AB} - System32\Tasks\{13D0585A-C9FB-4111-A635-B4B8CB3F8565} => pcalua.exe -a F:\Dateien\Downloads\NintendoWiFiUSB106\NintendoWFCReg\setup.exe -d F:\Dateien\Downloads\NintendoWiFiUSB106\NintendoWFCReg
Task: {ECA6F1C3-BA86-408A-A99F-83D6DDC4A1C4} - System32\Tasks\{D90B1FE7-30F7-4A83-B596-0F7A7EECF3DF} => C:\Users\XY\Desktop\fraps.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000Core.job => C:\Users\XY\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2476738138-2934667842-973732832-1000UA.job => C:\Users\XY\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-09-08 20:28 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-09-16 11:42 - 2014-08-15 22:03 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-06-02 16:08 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-10 04:02 - 2015-06-10 04:02 - 00043008 _____ () c:\Users\XY\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpnuaqvw.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\XY\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\XY\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\XY\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\XY\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2009-12-15 13:46 - 2009-12-15 13:46 - 00619816 _____ () F:\Programme\Blu-Ray CyberLink\Power2Go\CLMediaLibrary.dll
2009-12-15 13:49 - 2009-12-15 13:49 - 00013096 _____ () F:\Programme\Blu-Ray CyberLink\Power2Go\CLMLSvcPS.dll
2015-05-26 01:19 - 2015-05-22 22:22 - 01281864 _____ () C:\Users\XY\AppData\Local\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 01:19 - 2015-05-22 22:22 - 00080712 _____ () C:\Users\XY\AppData\Local\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-02-22 07:48 - 2015-02-22 07:48 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\fbc9d7031289dfe13319f2e441b1a489\PSIClient.ni.dll
2012-09-08 20:40 - 2012-06-25 10:41 - 01198912 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\XY\Desktop\PokemonFiles - Verknüpfung.lnk:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2476738138-2934667842-973732832-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\XY\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{43741BAC-5D38-4907-9677-3DB8CB37CF46}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{BCB75CC0-6D81-490F-B184-B4823B142048}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{75E5BB77-4CB9-4072-A026-191EC5EF7875}C:\users\mike tim gaebel\appdata\local\temp\gw2.exe] => (Allow) C:\users\mike tim gaebel\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{698449C5-D04F-4DD5-AEA6-C44EE3ECD8D9}C:\users\mike tim gaebel\appdata\local\temp\gw2.exe] => (Allow) C:\users\mike tim gaebel\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{286C3851-887D-442F-8BA3-CF85A513E5B7}F:\spiele\guild wars 2\gw2.exe] => (Allow) F:\spiele\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{9647B394-899E-4800-91DC-53E3846F55C7}F:\spiele\guild wars 2\gw2.exe] => (Allow) F:\spiele\guild wars 2\gw2.exe
FirewallRules: [{8E748F15-6723-45D1-9360-D30FA010DD43}] => (Allow) F:\Programme\Phone\Skype.exe
FirewallRules: [TCP Query User{93445BAA-7640-4C23-A523-90A14F1DA08A}F:\spiele\tmunitedforever\tmforever.exe] => (Allow) F:\spiele\tmunitedforever\tmforever.exe
FirewallRules: [UDP Query User{F2684BF1-9B13-4A27-94B6-AE880A3A93A9}F:\spiele\tmunitedforever\tmforever.exe] => (Allow) F:\spiele\tmunitedforever\tmforever.exe
FirewallRules: [{EF00B639-7897-4840-96A4-481187B5E15D}] => (Allow) F:\Spiele\Steam\Steam.exe
FirewallRules: [{2D293160-ABA2-4B24-9B49-F7E38A6FF8DA}] => (Allow) F:\Spiele\Steam\Steam.exe
FirewallRules: [{42B5548D-057A-40B3-B36A-10E2C7BB2C51}] => (Allow) F:\Spiele\Bad Company 2\BFBC2Updater.exe
FirewallRules: [{CB944D17-70FA-413D-A8F9-0938F4C2C530}] => (Allow) F:\Spiele\Bad Company 2\BFBC2Updater.exe
FirewallRules: [TCP Query User{7203A640-8D32-4E6B-91C3-552A717AEF9B}F:\spiele\bad company 2\bfbc2game.exe] => (Allow) F:\spiele\bad company 2\bfbc2game.exe
FirewallRules: [UDP Query User{D1B2F9AD-55D0-443D-83BC-AC2964075931}F:\spiele\bad company 2\bfbc2game.exe] => (Allow) F:\spiele\bad company 2\bfbc2game.exe
FirewallRules: [{ADAEC469-5548-49E1-99BF-6D46DE270F60}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F2C9C100-0E7D-49C3-88C1-37B01A19F78A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D8533F57-F993-4927-A2BB-A547B2F37D3C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{166E6691-E270-4FDA-979F-4A9883935728}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F5E9C51B-D44D-44BB-96AD-46DCBB10C1E3}] => (Allow) F:\Spiele\Origin Spiele\Battlefield 3\bf3.exe
FirewallRules: [{C82B4DCC-7A2E-4F37-B5B2-CDA5C2364CFE}] => (Allow) F:\Spiele\Origin Spiele\Battlefield 3\bf3.exe
FirewallRules: [{2B536A83-05EB-43C8-A7ED-DC27499B01DD}] => (Allow) C:\Users\XY\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{99ED1D64-DA7E-43B2-AE94-1BE3252EEB87}] => (Allow) C:\Users\XY\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E5D97C3C-E224-486B-AA78-AC40077A3667}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{A5B2A308-45F4-4027-8891-A17A6BC76AEF}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{19D6D21F-A6C8-464F-A713-23D9D2FDD32B}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{9ABD7021-8C77-4383-A778-A82AAA623F45}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{DD1800D3-D765-43AC-A213-1BF7226D9846}F:\spiele\league of legends\lolreplay\lolreplay.exe] => (Allow) F:\spiele\league of legends\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{77816F59-87F4-4D09-9341-8BE58F5378F8}F:\spiele\league of legends\lolreplay\lolreplay.exe] => (Allow) F:\spiele\league of legends\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{6D28A97E-BE36-4A31-A292-9EAE7C66F247}F:\spiele\steam\steamapps\preupgrade\team fortress 2\hl2.exe] => (Allow) F:\spiele\steam\steamapps\preupgrade\team fortress 2\hl2.exe
FirewallRules: [UDP Query User{EB4B3B5B-7478-4C42-B2FA-12FC47BEAA8A}F:\spiele\steam\steamapps\preupgrade\team fortress 2\hl2.exe] => (Allow) F:\spiele\steam\steamapps\preupgrade\team fortress 2\hl2.exe
FirewallRules: [{145ED972-46CC-48E8-8C03-E73448442D1C}] => (Allow) F:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{67F7CF77-7A37-4F99-8206-9098BD698078}] => (Allow) F:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{5E1524FF-C41B-4AD2-B733-CE8F4A918F19}F:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) F:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{B65B20CC-283A-4297-9B0A-CB4BDFE160E1}F:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) F:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{7B79734D-8E51-476C-A775-7F5A678DC5B0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{53360B28-06C0-4211-A62F-0B4D1B4F2135}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1040\Agent.exe
FirewallRules: [{99D95182-DF6E-4222-B5C6-E7380569B9A2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{8902C3AA-B3EF-4A15-A62B-230F67A358E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{4044C657-0FE3-4CC7-A170-C3DFD5CE6579}] => (Allow) F:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{237EEB70-86B9-41BB-9B87-EA7700816D30}] => (Allow) F:\Spiele\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{2ACE85B2-7E7E-4413-8A6E-0D9BD522C9D1}F:\spiele\starcraft ii\versions\base23260\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [UDP Query User{01C3FEF0-F877-445D-8BB3-30DF33E80ADA}F:\spiele\starcraft ii\versions\base23260\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [{1FB1DA87-64EE-4D9D-91DB-4FF4E051A6AA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{9B5896F6-AEE7-45CE-8F37-64E3546D591B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [TCP Query User{090AB3D7-8D50-42A2-95DA-1D88F316D617}F:\spiele\starcraft ii\versions\base24944\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{D4AFEDEC-3230-482E-9093-799CD4DE0483}F:\spiele\starcraft ii\versions\base24944\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{EBA97CAE-4959-4F95-95A3-3C89665B1504}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{E0826629-E0EE-45D3-A4FC-65479AFE5AB6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [TCP Query User{FB6F930F-BFF3-4E51-8607-119EAB67B299}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{74E5C564-176A-48EA-B5F7-43E401DCCB9F}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{654D78A4-49E6-4FD0-A73B-8AB12C359DC3}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{F44A881C-514B-49A9-980D-D0C9034EFDC9}C:\program files\java\jre7\bin\java.exe] => (Allow) C:\program files\java\jre7\bin\java.exe
FirewallRules: [{17CECBE7-7004-4373-A52D-CBF29418061B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{BCC812A2-83B0-450F-AC52-B39ECBDEB3EE}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [TCP Query User{139106C8-B33C-4107-914E-998F506B9A77}F:\spiele\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) F:\spiele\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{4EEB1FB3-F650-4654-BE4D-1ACEE9C85B7D}F:\spiele\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) F:\spiele\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{DB6CEC05-9CB3-478F-9274-2F2844058CE8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{48F83635-BF6B-400C-8DE3-D76FD7161A6D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{709AE015-12DC-465A-A3FE-7EFA2C65A0E3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C4E8ED8B-FFA7-4960-8259-BFA61F99981A}] => (Allow) LPort=2869
FirewallRules: [{89527323-3141-4D0A-BA20-B17A1E3A8B43}] => (Allow) LPort=1900
FirewallRules: [{FE79EC1A-79FB-4624-A2F6-9CFDD2029C7C}] => (Allow) F:\Programme\Blu-Ray CyberLink\PowerDVD\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{0D4F0D56-5329-460C-B874-E72E40D7CC6C}] => (Allow) F:\Programme\Blu-Ray CyberLink\PowerDVD\PowerDVD10\PowerDVD10.EXE
FirewallRules: [TCP Query User{96BDBD15-9CD1-4A1B-9488-2BA62F0130BB}F:\programme\xfire\xfire.exe] => (Allow) F:\programme\xfire\xfire.exe
FirewallRules: [UDP Query User{4B8734EB-39AB-461E-9FCF-15E75D3B859A}F:\programme\xfire\xfire.exe] => (Allow) F:\programme\xfire\xfire.exe
FirewallRules: [{3EDB4D9C-032B-4E2C-A439-9F3DD8A36ABF}] => (Allow) F:\Programme\Lightworks\ntcardvt.exe
FirewallRules: [{D6E14FB7-1625-4EBF-8B2A-BE3D86314D8F}] => (Allow) F:\Programme\Lightworks\ntcardvt.exe
FirewallRules: [TCP Query User{2927CBB5-3325-49DD-8696-D0C98AA368E1}F:\spiele\swbf2\gamedata\battlefrontii.exe] => (Allow) F:\spiele\swbf2\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{F2BF5824-C6D1-41F1-AC15-1A45C07BAE6A}F:\spiele\swbf2\gamedata\battlefrontii.exe] => (Allow) F:\spiele\swbf2\gamedata\battlefrontii.exe
FirewallRules: [TCP Query User{2C792653-0D2F-40B6-91AE-82635DE3F88F}F:\spiele\swbf2 1.1\gamedata\battlefrontii.exe] => (Allow) F:\spiele\swbf2 1.1\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{461DA7CC-6ACC-46F8-8E38-97898B5A9C68}F:\spiele\swbf2 1.1\gamedata\battlefrontii.exe] => (Allow) F:\spiele\swbf2 1.1\gamedata\battlefrontii.exe
FirewallRules: [TCP Query User{54D1192F-7FAF-42A7-B764-81207A389550}F:\spiele\swbf2 1.0\gamedata\battlefrontii.exe] => (Allow) F:\spiele\swbf2 1.0\gamedata\battlefrontii.exe
FirewallRules: [UDP Query User{C65CB7DE-558D-4085-AA00-4146EF8C5428}F:\spiele\swbf2 1.0\gamedata\battlefrontii.exe] => (Allow) F:\spiele\swbf2 1.0\gamedata\battlefrontii.exe
FirewallRules: [{84382E1F-92E6-4A35-A971-C09A77C74CD8}] => (Allow) F:\Spiele\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{1767BB78-35CB-4089-B5CD-49C82A8F9A5E}] => (Allow) F:\Spiele\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{C5C957E0-CE85-4AC6-BA2D-6BAD8953365F}] => (Allow) F:\Spiele\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{B8E0775C-3BD0-4C42-B611-9C5D261A17BC}] => (Allow) F:\Spiele\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{502A2AAA-0550-4699-8834-7B049D424E31}] => (Allow) F:\Spiele\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F5E72C64-9332-4DC4-89D5-76FDBCF1624B}] => (Allow) F:\Spiele\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F262C84C-D589-480B-8A90-F1AB724262B2}] => (Allow) F:\Spiele\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{9BBF549E-27EC-498A-AF83-CA8930B88896}] => (Allow) F:\Spiele\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{BDAE14C8-0705-44B4-BB9E-4CF10482A712}] => (Allow) F:\Spiele\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{087DD5FD-D0CC-48E5-8AC3-354429FCF12E}] => (Allow) F:\Spiele\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [TCP Query User{2AFB692C-5DB2-43DA-A68A-ED20CE8EAA1E}F:\spiele\eve online\bin\exefile.exe] => (Allow) F:\spiele\eve online\bin\exefile.exe
FirewallRules: [UDP Query User{C6923243-8919-48BD-93F5-34DCF8C8A384}F:\spiele\eve online\bin\exefile.exe] => (Allow) F:\spiele\eve online\bin\exefile.exe
FirewallRules: [{E259D095-72F0-4102-AE30-172D1884847F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{35A7CD42-DD4B-48E6-BC39-437E88E3B510}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{B36E913D-82C1-49BC-A357-41597B9465FB}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{DAEDA84E-8788-4D89-A05A-82B2730E289F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{2907A66F-B870-46A9-AFDB-02EAD8C77BC1}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{BC61414F-143C-4F3A-8B5B-8EE2FC0A89BF}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{68FF937C-28F1-488D-8A64-0CEE3E49B5EA}] => (Allow) F:\Spiele\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{8434AED6-7847-4A9F-8A7F-7F59BF06C59C}] => (Allow) F:\Spiele\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9B50CB4F-F4C7-4E4E-B4D4-4349E1D5BD82}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{2DDA5AB8-F0A9-45D5-BCBE-8B4F8E69BEA7}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{56EFFEF9-FB9F-490D-95E9-72195259F810}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{95B689BD-508F-4F00-A5C2-72A0EBCD768A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{FC83B0E4-FF64-47E5-BC7E-246B45F9577F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{569B7216-A368-4923-A0F7-02BB2AC5D1FE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{F06D0F32-2B51-4E41-B79F-2E6985F15488}F:\spiele\starcraft ii\versions\base26490\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [UDP Query User{B4129FE6-55E0-4CBF-8185-D1166136FB5C}F:\spiele\starcraft ii\versions\base26490\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{02EC88B2-F002-4645-B285-F93ED28FE659}] => (Block) F:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{92B5452C-5DCD-444B-B133-8099DAABF4C8}] => (Block) F:\spiele\starcraft ii\versions\base26490\sc2.exe
FirewallRules: [{226C6556-38F1-4E70-AF80-C160B73B2837}] => (Allow) F:\Spiele\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4EA776DD-53C9-488B-A2E1-B180C454D6A7}] => (Allow) F:\Spiele\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5CB6347B-88CB-410C-B55E-0E678114F5D5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2293\Agent.exe
FirewallRules: [{0D81E93D-8323-4917-A0B7-B13E1EA6482B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2293\Agent.exe
FirewallRules: [{4276E71B-A60F-42D7-B19A-BBE2569BA321}] => (Allow) F:\Spiele\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{36FBBB72-FDA6-4C64-B8E2-F4A7A0FE6A43}] => (Allow) F:\Spiele\Hearthstone\Battle.net\Battle.net.exe
FirewallRules: [{5751BB99-0972-442B-B953-CA9BB8000BB7}] => (Allow) F:\Spiele\Hearthstone\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{695B8E66-4D87-4D21-847F-3B3E4DA842F3}] => (Allow) F:\Spiele\Hearthstone\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [TCP Query User{7A8AEC46-36CB-4A5B-9215-975CC5A26E3F}F:\spiele\battle.net\hearthstone\hearthstone\hearthstone.exe] => (Allow) F:\spiele\battle.net\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{11146C29-7DA3-4EBC-ACCE-221FD7B30F26}F:\spiele\battle.net\hearthstone\hearthstone\hearthstone.exe] => (Allow) F:\spiele\battle.net\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{99810F92-E354-4955-8B2F-73256DE1FF02}] => (Block) F:\spiele\battle.net\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{F00B5E80-BECA-405B-87BE-2771E436123D}] => (Block) F:\spiele\battle.net\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [{7F81F2A8-532B-4D03-9168-D40D9A4A686D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{27A7743F-7606-4827-A5DA-57B8AEA61179}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2328\Agent.exe
FirewallRules: [{5204C0A4-C672-4C50-8370-384F2C7EA268}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2359\Agent.exe
FirewallRules: [{5B8F488A-E034-4414-B1A2-59F4C86953D2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2359\Agent.exe
FirewallRules: [{457CFC9B-F997-47F0-A2C0-1C9A93C5806F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{DAEA2A81-70EE-42EB-B222-F78E3B94BC7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{4CCD7A1E-64AD-43E6-AED5-03C692B0CBFC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{7621FFBB-DC09-4DAB-9820-81B48268D07F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{E43F782E-0ABB-4942-BDB1-29C2ACBD351D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{41344120-2472-4F4C-B28F-68D3A0BF7648}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{D1354F43-1164-4D75-B6D4-DEA885266116}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8DC190E6-C2DE-4A09-8636-690793387F1F}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{9B75935C-CFFD-442D-B0AA-75EE316252D5}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{2E870B3D-BF16-4B5D-8D33-3E590D31EF11}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{E38BA8CC-C4CD-4ED9-9BA5-69129CFD553D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{46145F71-1F18-44D8-A9F4-390A2E572F75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{56628514-CF88-4D38-A3A0-B894AD21351A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [{2DBDB84E-DF4A-471C-8C15-1CBAE73E9A0E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2391\Agent.exe
FirewallRules: [TCP Query User{1962649B-57F7-4D58-83A7-C29E20947501}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [UDP Query User{B63C3920-8873-4CD2-A6FB-27FD0231D23C}C:\programdata\battle.net\agent\agent.2689\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2689\agent.exe
FirewallRules: [{1D3D182E-1C98-44DA-BBB8-9CC6A6CA4D1E}] => (Allow) F:\Spiele\Steam\SteamApps\common\terraria\Terraria.exe
FirewallRules: [{0A3B6F8F-8813-4B3F-9435-9F397F05C64E}] => (Allow) F:\Spiele\Steam\SteamApps\common\terraria\Terraria.exe
FirewallRules: [{C42B2001-7C98-4BD6-A771-3F2AEE64AA25}] => (Allow) F:\Spiele\Empire at War\GameData\sweaw.exe
FirewallRules: [{5359A662-9581-4BFF-885A-FFCC521B4F02}] => (Allow) F:\Spiele\Empire at War\GameData\sweaw.exe
FirewallRules: [TCP Query User{D0B5EA16-560E-4594-BDE6-BB074D4DB3FC}F:\spiele\guild wars 2\gw2.exe] => (Allow) F:\spiele\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{53ABFDA1-8B93-434A-B095-4E1791D1CC61}F:\spiele\guild wars 2\gw2.exe] => (Allow) F:\spiele\guild wars 2\gw2.exe
FirewallRules: [{0FDEA665-3C71-403A-944B-8BF66724DA63}] => (Allow) F:\Spiele\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{41376F03-B796-4E03-B073-0DBCA6C67C56}] => (Allow) F:\Spiele\Steam\SteamApps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{4AE04268-F961-40F4-B254-D5B82D06C175}] => (Allow) F:\Spiele\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{7246E811-5B3C-45B3-AEFF-08ADB69FB0D0}] => (Allow) F:\Spiele\Steam\SteamApps\common\FEZ\FEZ.exe
FirewallRules: [{BF45B8E4-4272-4A8A-A2D9-0A744B1DB6DC}] => (Allow) F:\Spiele\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{89BCC916-8612-41F9-8D74-9B7605668ADA}] => (Allow) F:\Spiele\Steam\SteamApps\common\FEZ\FEZ_LaunchOptions.exe
FirewallRules: [{EB3BBA5E-9EC2-40DD-9204-86953E28ACB5}] => (Allow) F:\Spiele\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{93CB9B57-F410-4E25-9893-C84EFC897A67}] => (Allow) F:\Spiele\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{1E5E9CA6-0919-4CA3-801A-1AA6332A1A08}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{3E5B198E-A9C6-4ED3-B667-6686978716DC}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{FB9156FD-539E-43DB-98F9-B356009173E6}] => (Allow) F:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [{46BC88EA-D85B-402C-816E-4F347882610D}] => (Allow) F:\Spiele\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{FB51BFD7-614B-4D54-9F5C-E847D00BF9ED}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [UDP Query User{95E3E198-49F8-4851-A178-0A3D853032C0}C:\programdata\battle.net\agent\agent.3286\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3286\agent.exe
FirewallRules: [TCP Query User{579898F5-BFD1-4770-9F6C-6DAF58D6A48F}F:\spiele\starcraft ii\versions\base28667\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{067AB179-A060-49A9-AE14-3F37AF0BB4C7}F:\spiele\starcraft ii\versions\base28667\sc2.exe] => (Allow) F:\spiele\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [TCP Query User{DBB7573D-F67C-4995-B179-BD8CFAA4D3E6}F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{E4CFD46B-60EF-4792-9009-9D6804504E5F}F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{B7BC19F2-8D0E-4FC3-ACEF-1189B040B7E9}F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{465F68EE-16AC-43ED-A58B-59BE8E16E133}F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) F:\spiele\league of legends\das spiel\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{893E0305-5EDB-48BE-942C-FC8A4832F9BA}] => (Allow) F:\Spiele\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{3A9159A1-8263-4F72-AE00-413E649ED4AB}] => (Allow) F:\Spiele\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{B959CE22-2081-44DC-A176-B6C39994A5D6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4A82842E-C871-4BFF-A3BC-08E9B3DAC14A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{2B938ACD-56C3-4808-B79B-028C995BA8C4}C:\users\mike tim gaebel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mike tim gaebel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{D1BFF5F0-AB93-4A40-979C-04F2B178F0E9}C:\users\mike tim gaebel\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\mike tim gaebel\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{63E210FB-1F6A-4D51-976C-5DE4E130A436}F:\spiele\swbf2 1.0\gamedata\battlefrontii game master.exe] => (Allow) F:\spiele\swbf2 1.0\gamedata\battlefrontii game master.exe
FirewallRules: [UDP Query User{9C28E7D5-61A3-4994-871B-F7DB63C90F8A}F:\spiele\swbf2 1.0\gamedata\battlefrontii game master.exe] => (Allow) F:\spiele\swbf2 1.0\gamedata\battlefrontii game master.exe
FirewallRules: [TCP Query User{0F71BDF7-39F7-4446-B6AD-09F267F18B79}F:\spiele\swbf2 1.1\gamedata\battlefrontii game master.exe] => (Allow) F:\spiele\swbf2 1.1\gamedata\battlefrontii game master.exe
FirewallRules: [UDP Query User{ED438D20-0606-4172-B263-E6F34C6ADAA7}F:\spiele\swbf2 1.1\gamedata\battlefrontii game master.exe] => (Allow) F:\spiele\swbf2 1.1\gamedata\battlefrontii game master.exe
FirewallRules: [{9720D24F-A06F-428C-9F7D-BA0FA0EBAA3A}] => (Allow) F:\Spiele\GameforgeLive\gfl_client.exe
FirewallRules: [TCP Query User{7678FE00-26C8-4F09-9C6F-7DF90290BE4D}F:\spiele\battle.net\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) F:\spiele\battle.net\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{F04566DE-E60C-4F0A-B266-5BBD276BF6F5}F:\spiele\battle.net\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) F:\spiele\battle.net\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{66ACB531-6EE4-4C2A-9182-8DD87CD34DAE}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{FF8D6F06-FFFA-43C9-A73B-CEC508A60955}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{35264FE5-9BFF-49F1-B330-E6B592331E8B}] => (Allow) F:\Programme\FireFox\firefox.exe
FirewallRules: [{1AAD2EF2-B938-4189-834E-E4E3FA9F6C3F}] => (Allow) F:\Programme\FireFox\firefox.exe
FirewallRules: [{AEBAD8A9-66DA-43D1-9997-747E7E689742}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{B4E038C2-9FE9-468B-A913-7E3C288B3255}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{F4031D46-2E5C-4586-AC6E-97D08FB311E6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{5BB4F950-C18E-41B4-BE3D-C2DD387C013B}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{44D0F624-0C7B-4204-950D-E45B7E51CE5A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{652812D7-ADFD-4CB8-99DD-012D8A34C1E4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{C199072B-723D-4EAC-B627-D9E8A50DDAE9}] => (Allow) F:\Programme\Lightworks 2\Lightworks\Lightworks.exe
FirewallRules: [{BCD0A312-2E92-499C-8FA6-3F7761A9A8BB}] => (Allow) F:\Programme\Lightworks 2\Lightworks\Lightworks.exe
FirewallRules: [{3C96FC82-0B93-4FC0-B6DB-400822BB1633}] => (Allow) F:\Programme\Lightworks 2\Lightworks\ntcardvt.exe
FirewallRules: [{616292E3-2359-4785-AD73-29ADEFEAFC93}] => (Allow) F:\Programme\Lightworks 2\Lightworks\ntcardvt.exe
FirewallRules: [TCP Query User{E291BAD5-1994-41DA-8908-807C16390066}F:\programme\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Block) F:\programme\fontforgebuilds\bin\vcxsrv\vcxsrv.exe
FirewallRules: [UDP Query User{E3EF2007-6267-4B00-A15F-4105087B082B}F:\programme\fontforgebuilds\bin\vcxsrv\vcxsrv.exe] => (Block) F:\programme\fontforgebuilds\bin\vcxsrv\vcxsrv.exe
FirewallRules: [{02395EEB-81B5-4F0A-8792-BCF272A616A8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{C41948BD-3FCA-4843-A352-FB3747B264A4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9F762D3F-3EA9-42BA-8F13-5A97598519BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{079611C9-7EBF-41F2-A6C2-4563DA93F8EA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F323D558-7073-43DF-82C3-D1502AC79DED}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3F956156-5F0E-471F-BF6B-F73E0A339C94}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{F96C7966-20A8-427F-BEF6-8F8783B5518F}C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe] => (Allow) C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
FirewallRules: [UDP Query User{8852629F-AEC3-4057-9AF4-E7F68980909C}C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe] => (Allow) C:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/10/2015 04:03:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 07:10:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 07:59:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 03:07:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 08:33:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 06:04:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 02:06:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 08:15:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 08:00:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2015 05:34:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/10/2015 04:03:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/10/2015 04:03:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 07:31:14 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 07:21:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 07:09:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 07:09:31 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 07:59:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 07:59:05 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 03:07:07 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/09/2015 03:06:16 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)


Microsoft Office:
=========================
Error: (06/10/2015 04:03:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 07:10:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 07:59:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/09/2015 03:07:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2015 08:33:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 06:04:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 02:06:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 08:15:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 08:00:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/02/2015 05:34:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-07-09 18:33:45.307
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:33:44.264
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:33:21.929
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:33:20.606
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:32:50.675
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:32:50.624
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:32:40.148
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:32:18.169
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:31:28.861
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-07-09 18:31:28.810
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\MBWrp64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 27%
Total physical RAM: 16337.61 MB
Available physical RAM: 11892.85 MB
Total Pagefile: 18383.82 MB
Available Pagefile: 13843.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:59.53 GB) (Free:8.69 GB) NTFS
Drive d: (KRD10) (CDROM) (Total:0.28 GB) (Free:0 GB) CDFS
Drive f: (Dateien) (Fixed) (Total:1863.01 GB) (Free:546.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: 660BDEC3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=59.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 88E0D236)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---

Alt 10.06.2015, 18:46   #7
schrauber
/// the machine
/// TB-Ausbilder
 

USB-Treiber-Virus - Standard

USB-Treiber-Virus



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.06.2015, 04:21   #8
Turtok
 
USB-Treiber-Virus - Standard

USB-Treiber-Virus



Hat nichts gefunden...

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.10.06
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
XY :: YX [administrator]

11.06.2015 05:11:16
mbar-log-2015-06-11 (05-11-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 363844
Time elapsed: 7 minute(s), 48 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 11.06.2015, 16:27   #9
schrauber
/// the machine
/// TB-Ausbilder
 

USB-Treiber-Virus - Standard

USB-Treiber-Virus



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu USB-Treiber-Virus
daten, gefahr, hardware, https



Ähnliche Themen: USB-Treiber-Virus


  1. Viele nicht signierte Treiber! Anti Bot CD will AVIRA nicht aktuallisieren! Virus im CD Rom Speicher?
    Plagegeister aller Art und deren Bekämpfung - 12.02.2015 (12)
  2. Treiber Netzwerkcontroller
    Netzwerk und Hardware - 12.11.2013 (10)
  3. Alle Treiber Weg
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  4. Technisat BDA Treiber wird als Virus erkannt Trojann
    Log-Analyse und Auswertung - 16.01.2012 (4)
  5. GrafikKarten treiber
    Netzwerk und Hardware - 29.11.2011 (0)
  6. Treiber für Soundkarte
    Alles rund um Windows - 26.04.2010 (7)
  7. WIN ME Treiber??
    Alles rund um Windows - 07.04.2010 (3)
  8. Treiber gesucht...
    Netzwerk und Hardware - 07.03.2010 (1)
  9. Treiber defekt?
    Alles rund um Windows - 01.01.2010 (14)
  10. Suche Treiber
    Netzwerk und Hardware - 21.08.2009 (2)
  11. PC-Treiber-und-sonstiges
    Alles rund um Windows - 10.08.2008 (5)
  12. Treiber-Problem
    Alles rund um Windows - 06.07.2008 (1)
  13. VGA controller (Treiber)
    Alles rund um Windows - 29.12.2007 (2)
  14. treiber Nec
    Alles rund um Windows - 17.03.2007 (1)
  15. ATi Treiber
    Alles rund um Mac OSX & Linux - 25.08.2006 (1)
  16. VGA-treiber
    Netzwerk und Hardware - 18.06.2005 (1)
  17. RTL8139D / Treiber
    Netzwerk und Hardware - 23.12.2004 (4)

Zum Thema USB-Treiber-Virus - Morgen, siehe Anhang. Wie hoch ist die Gefahr für meine Daten (Keylogger) und Hardware? Was kann ich tun? Habe in letzter Zeit Performance-Einbußen erfahren. - USB-Treiber-Virus...
Archiv
Du betrachtest: USB-Treiber-Virus auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.