Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 29.07.2015, 22:11   #1
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Hallo Trojanerboard und schonmal Danke im Vorraus.

Seit mehreren Wochen ist mein Rechner ständig für kurze Zeit praktisch unbenutzbar. Der Browser, Word oder Spieler frieren minutenlang ein und es geht gar nichts mehr. Eventuell switchen auch noch das laufende Programm und der Desktop ständig hin und her. Dazu muss ich noch erwähnen das mein Rechner dabei auchschonmal Dinge macht die ich nicht angeklickt haben. Z.B. ist dann plötzlich eine neue Website offen oder eine andere geschlossen. Ein Programm ist geschlossen etc.

Gmer funktioniert leider nich bei mir (habe alle eure Anweisungen dazu korrekt befolgt). Ein Screenshot von der Fehlermeldung ist unten verlinkt.

FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
durchgeführt von Tim (Administrator) auf TIM-PC (29-07-2015 21:28:27)
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_45\bin\jusched.exe"
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Google Update] => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-12] (Google Inc.)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll Datei nicht gefunden
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" Datei nicht gefunden
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.)
CHR HKU\S-1-5-21-4254080380-16762214-4038314476-1001\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49847;https=127.0.0.1:49847
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = 
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: 0.0.0.1	mssplus.mcafee.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466
FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF user.js: detected! => C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\user.js [2015-07-21]
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05]
FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23]
FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08]
CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08]
CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Services (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 HPSLPSVC; C:\Users\Tim\AppData\Local\Temp\7zS7CBE\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-29] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-29 21:28 - 2015-07-29 21:30 - 00027711 _____ C:\Users\Tim\Desktop\FRST.txt
2015-07-29 21:26 - 2015-07-29 21:29 - 00000000 ____D C:\FRST
2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log
2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable
2015-07-29 21:24 - 2015-07-29 21:24 - 02169856 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe
2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe
2015-07-29 18:44 - 2015-07-29 18:45 - 39651088 _____ C:\Users\Tim\Desktop\Pianura.psd
2015-07-29 18:27 - 2015-07-29 18:27 - 00000086 ____H C:\Users\Tim\Desktop\.~lock.Essays Lipinsky.odt#
2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 04:53 - 2015-07-27 04:53 - 00000000 _____ C:\Windows\SysWOW64\sho4F88.tmp
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-27 02:25 - 2015-07-29 15:53 - 00019422 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt
2015-07-26 16:00 - 2015-07-26 16:01 - 33696586 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip
2015-07-23 16:32 - 2015-07-23 16:32 - 00015872 _____ C:\Users\Tim\Desktop\Wirtschaft_Nach-Con-Auswertung(1)(1).xls
2015-07-23 16:24 - 2015-07-23 16:24 - 00009260 _____ C:\Users\Tim\Desktop\Handel-Aquillien.xlsx
2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-22 20:09 - 2015-07-22 20:09 - 01198368 _____ C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe
2015-07-22 20:06 - 2015-07-22 20:07 - 01260832 _____ C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt
2015-07-21 16:05 - 2015-07-29 20:32 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-21 16:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA
2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield
2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls
2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls
2015-07-19 18:41 - 2015-07-19 18:41 - 00000000 _____ C:\Windows\SysWOW64\sho54F7.tmp
2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k
2015-07-16 10:46 - 2015-07-16 10:46 - 00000000 _____ C:\Windows\SysWOW64\sho4D75.tmp
2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 20:51 - 2015-07-14 20:51 - 00000000 _____ C:\Windows\SysWOW64\shoC7A4.tmp
2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Users\Tim\AppData\Local\YSearchUtil
2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe
2015-07-08 19:52 - 2015-07-08 19:52 - 00000000 _____ C:\Windows\SysWOW64\shoB75.tmp
2015-07-08 19:02 - 2015-07-08 19:02 - 00000000 _____ C:\Windows\SysWOW64\shoCD55.tmp
2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-07 01:32 - 2015-07-07 01:32 - 00000000 _____ C:\Windows\SysWOW64\sho5153.tmp
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini
2015-07-01 11:04 - 2015-07-01 11:04 - 00000000 ____D C:\Users\Tim\Desktop\Alte Firefox-Daten

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-07-29 21:29 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim
2015-07-29 21:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-29 21:15 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-29 20:48 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-29 20:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
2015-07-29 20:13 - 2012-08-07 19:28 - 01702022 _____ C:\Windows\WindowsUpdate.log
2015-07-29 18:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 18:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 18:08 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-29 18:06 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-29 18:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 18:06 - 2009-07-14 06:51 - 00460032 _____ C:\Windows\setupact.log
2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni
2015-07-28 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
2015-07-28 14:43 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-26 16:01 - 2015-05-20 13:24 - 16941101 _____ C:\Users\Tim\Desktop\Emilia-Ligurina.psd
2015-07-23 16:31 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien
2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-22 13:27 - 2010-11-21 05:47 - 00540630 _____ C:\Windows\PFRO.log
2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-21 17:17 - 2015-03-15 21:27 - 00000000 ____D C:\ProgramData\APN
2015-07-21 17:17 - 2015-01-12 22:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InetStat
2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-21 17:17 - 2013-01-04 21:10 - 00000000 ____D C:\Users\Tim\AppData\Local\iLivid
2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log
2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log
2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA
2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core
2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt
2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-09 22:05 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle
2015-07-09 21:53 - 2011-11-10 16:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-09 21:49 - 2014-07-01 01:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-01 12:53 - 2011-03-11 11:20 - 00699884 _____ C:\Windows\system32\perfh007.dat
2015-07-01 12:53 - 2011-03-11 11:20 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-07-01 12:53 - 2009-07-14 07:13 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-01 11:01 - 2015-02-09 20:33 - 00000000 ____D C:\Program Files (x86)\CDex
2015-06-30 10:27 - 2013-04-01 23:58 - 00017283 _____ C:\Users\Tim\Documents\Bewerbung.odt
2015-06-30 10:25 - 2014-11-20 02:13 - 00017109 _____ C:\Users\Tim\Documents\Lebenslauf.odt
2015-06-30 10:12 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel
2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262}
2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log
2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini

Einige Dateien in TEMP:
====================
C:\Users\Tim\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Tim\AppData\Local\Temp\drm_dyndata_7330017.dll
C:\Users\Tim\AppData\Local\Temp\drm_dyndata_7350007.dll
C:\Users\Tim\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Tim\AppData\Local\Temp\nvStInst.exe
C:\Users\Tim\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tim\AppData\Local\Temp\ytb.exe
C:\Users\Tim\AppData\Local\Temp\_is39E1.exe
C:\Users\Tim\AppData\Local\Temp\_is512A.exe
C:\Users\Tim\AppData\Local\Temp\_is616E.exe
C:\Users\Tim\AppData\Local\Temp\_is7E81.exe
C:\Users\Tim\AppData\Local\Temp\_isA4A4.exe
C:\Users\Tim\AppData\Local\Temp\_isAABE.exe


==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-06-27 16:49

==================== Ende von log ============================
         

Alt 29.07.2015, 22:14   #2
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Addition
Code:
ATTFilter
zusätzliches untersuchungsergebnis von farbar recovery scan tool (x64) version:28-07-2015
durchgeführt von tim (2015-07-29 21:31:01)
gestartet von c:\users\tim\desktop
start-modus: Normal
==========================================================


==================== konten: =============================

administrator (s-1-5-21-4254080380-16762214-4038314476-500 - administrator - disabled)
gast (s-1-5-21-4254080380-16762214-4038314476-501 - limited - disabled)
homegroupuser$ (s-1-5-21-4254080380-16762214-4038314476-1515 - limited - enabled)
mcx1-tim-pc (s-1-5-21-4254080380-16762214-4038314476-1516 - limited - enabled) => c:\users\mcx1-tim-pc
tim (s-1-5-21-4254080380-16762214-4038314476-1001 - administrator - enabled) => c:\users\tim

==================== sicherheits-center ========================

(wenn ein eintrag in die fixlist aufgenommen wird, wird er entfernt.)

av: Avast! Antivirus (enabled - up to date) {17ad7d40-ba12-9c46-7131-94903a54ad8b}
as: Windows defender (disabled - up to date) {d68ddc3a-831f-4fae-9e44-da132c1acf46}
as: Avast! Antivirus (enabled - up to date) {accc9ca4-9c28-93c8-4b81-afe241d3e736}

==================== installierte programme ======================

(nur adware-programme mit dem zusatz "hidden" können in die fixlist aufgenommen werden, um sie sichtbar zu machen. Die adware-programme sollten manuell deinstalliert werden.)

64 bit hp cio components installer (version: 7.2.4 - hewlett-packard) hidden
adobe air (hklm-x32\...\adobe air) (version: 3.0.0.4080 - adobe systems incorporated)
adobe flash player 18 activex (hklm-x32\...\adobe flash player activex) (version: 18.0.0.209 - adobe systems incorporated)
adobe flash player 18 npapi (hklm-x32\...\adobe flash player npapi) (version: 18.0.0.209 - adobe systems incorporated)
adobe reader x (10.1.1) mui (hklm-x32\...\{ac76ba86-7ad7-ffff-7b44-aa0000000001}) (version: 10.1.1 - adobe systems incorporated)
adobe reader x (10.1.6) - deutsch (hklm-x32\...\{ac76ba86-7ad7-1031-7b44-aa1000000001}) (version: 10.1.6 - adobe systems incorporated)
anstoss 3 (hklm-x32\...\anstoss 3_is1) (version:  - )
apple application support (hklm-x32\...\{83caf0de-8d3b-4c37-a631-2b8f16ec3031}) (version: 3.1 - apple inc.)
apple mobile device support (hklm\...\{bdd99690-3541-4619-9d2a-3cddb3e15f9e}) (version: 8.0.5.6 - apple inc.)
apple software update (hklm-x32\...\{789a5b64-9dd9-4ba5-915a-f0fc0a1b7bfe}) (version: 2.1.3.127 - apple inc.)
arsenal of democracy (hklm-x32\...\{ba8a4718-d307-4647-a87a-305980d685fd}_is1) (version:  - gamersgate)
asmedia asm104x usb 3.0 host controller driver (hklm-x32\...\{e4fb0b39-c991-4ee7-95dd-1a1a7857d33d}) (version: 1.12.9.0 - asmedia technology)
audacity 2.0.2 (hklm-x32\...\audacity_is1) (version: 2.0.2 - audacity team)
audiblemanager (hklm-x32\...\audiblemanager) (version: 1997815022.48.56.43584746 - audible, inc.)
avast free antivirus (hklm-x32\...\avast) (version: 10.2.2215 - avast software)
b010 (x32 version: 140.0.344.000 - hewlett-packard) hidden
battlefield 3™ (hklm-x32\...\{76285c16-411a-488a-bce3-c83cb933d8cf}) (version: 1.6.0.0 - electronic arts)
battlelog web plugins (hklm-x32\...\battlelog web plugins) (version: 2.6.2 - ea digital illusions ce ab)
bufferchm (x32 version: 140.0.212.000 - hewlett-packard) hidden
citavi 4 (hklm-x32\...\{cc0a85b2-734a-45b3-b678-05f6a6499ac7}) (version: 4.3.0.15 - swiss academic software)
command & conquer 3 (hklm-x32\...\{ddedaf6c-488e-4cda-8276-1ccf5f3c5c32}) (version: 1.00.0000 - ihr firmenname)
command & conquer™ 3 tiberium wars and kane's wrath (hklm-x32\...\{35a2fe53-cc80-4d17-941f-3a7c82824fc7}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ 4 tiberian twilight (hklm-x32\...\{ba4c8f9f-d81b-4afe-ae5a-3837830f5b89}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ and the covert operations™ (hklm-x32\...\{050e298d-c9b8-4582-a332-26201268a297}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ red alert, counterstrike and the aftermath (hklm-x32\...\{b9a7ccbe-48f7-4b3e-bd20-76addd4dc69f}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ red alert™ 3 and uprising (hklm-x32\...\{3c315bf7-4b64-4024-8102-174a197437fa}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ renegade (hklm-x32\...\{24dfbe4c-fd7f-48f2-a7d9-d1a0929b2113}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ the ultimate collection additional content (hklm-x32\...\{ac663f85-a421-4127-a507-8e24f64d4523}) (version: 1.0.0.0 - electronic arts)
command & conquer™ tiberian sun™ and firestorm™ (hklm-x32\...\{78f60bdd-1923-4cf7-b6bd-087d06d7b5bb}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™: Generals and zero hour (hklm-x32\...\{8f0f5689-6900-425b-a8c2-0dbd10dab694}) (version: 1.0.0.0 - electronic arts, inc.)
company of heroes 2 – open beta (hklm-x32\...\steam app 231430) (version:  - relic entertainment)
computerbild vorteil-center (hklm-x32\...\{b7e68a6d-1c9b-4f18-b021-949115021714}) (version: 1.1.23 - j3s)
control activex de windows live mesh para conexiones remotas (hklm-x32\...\{04668df2-d32f-4555-9c7e-35523dcd6544}) (version: 15.4.5722.2 - microsoft corporation)
contrôle activex windows live mesh pour connexions à distance (hklm-x32\...\{55d003f4-9599-44bf-ba9e-95d060730dd3}) (version: 15.4.5722.2 - microsoft corporation)
controlo activex do windows live mesh para ligações remotas (hklm-x32\...\{e54eeb5d-41ed-40fe-b4a8-8565db81469b}) (version: 15.4.5722.2 - microsoft corporation)
cyberlink labelprint (hklm-x32\...\installshield_{c59c179c-668d-49a9-b6ea-0121ccfc1243}) (version: 2.5.3624 - cyberlink corp.)
cyberlink power2go (hklm-x32\...\installshield_{40bf1e83-20eb-11d8-97c5-0009c5020658}) (version: 7.0.0.1327 - cyberlink corp.)
cyberlink powerdvd copy (hklm-x32\...\installshield_{e3d04529-6edb-11d8-a372-0050bae317e1}) (version: 1.5.1306 - cyberlink corp.)
cyberlink powerrecover (hklm-x32\...\installshield_{44b2a0ab-412e-4f8c-b058-d1e8aeccdff5}) (version: 5.5.4125 - cyberlink corp.)
cyberlink waveeditor (hklm-x32\...\installshield_{324f76cc-d8dd-4d87-b77d-d4af5e1aa7b3}) (version: 1.0.1.2821 - cyberlink corp.)
d3dx10 (x32 version: 15.4.2368.0902 - microsoft) hidden
dawn of war - soulstorm (hklm-x32\...\{20533183-d42d-4261-a125-956736fbea8c}) (version: 1.00.0000 - thq)
dawn of war - soulstorm (x32 version: 1.00.0000 - thq) hidden
destinations (x32 version: 140.0.167.000 - hewlett-packard) hidden
devicediscovery (x32 version: 140.0.212.000 - hewlett-packard) hidden
edna & harvey: The breakout (hklm-x32\...\steam app 255320) (version:  - daedalic entertainment)
ee-zde (hklm-x32\...\{b49c924c-a651-4378-94f6-5d9bf44a959f}) (version:  - )
elsterformular (hklm-x32\...\elsterformular) (version: 16.1.16835 - landesfinanzdirektion thüringen)
empire earth (hklm-x32\...\{2447500b-22d7-47bd-9b13-1a927f43a267}) (version:  - )
empire: Total war (hklm-x32\...\steam app 10500) (version:  - the creative assembly)
endnote x7 (hklm-x32\...\{86b3f2d6-ac2b-0017-8ae1-f2f77f781b0c}) (version: 17.0.2.7390 - thomson reuters)
fallout2 (hklm-x32\...\fallout2) (version:  - )
formant activex programu windows live mesh odpowiedzialny za obsługę połączeń zdalnych (hklm-x32\...\{b04a0e2f-1e4c-4e61-b18e-3b2bd6779ca7}) (version: 15.4.5722.2 - microsoft corporation)
fotogalerija windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
free youtube download version 3.2.44.922 (hklm-x32\...\free youtube download_is1) (version: 3.2.44.922 - dvdvideosoft ltd.)
galeria de fotografias do windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
galería fotográfica de windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
galeria fotografii usługi windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
galerie de photos windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
gimp 2.8.4 (hklm\...\gimp-2_is1) (version: 2.8.4 - the gimp team)
google chrome (hklm-x32\...\google chrome) (version: 44.0.2403.125 - google inc.)
google earth plug-in (hklm-x32\...\{4ab54f11-2f8c-11e3-b09f-b8ac6f97b88e}) (version: 7.1.2.2041 - google)
google talk plugin (hklm-x32\...\{ca3dd97d-1fd7-37a7-bd5c-fc4430c8b8e6}) (version: 5.41.2.0 - google)
google update helper (x32 version: 1.3.25.11 - google inc.) hidden
google update helper (x32 version: 1.3.28.1 - google inc.) hidden
gpbaseservice2 (x32 version: 140.0.211.000 - hewlett-packard) hidden
hp customer participation program 14.0 (hklm\...\hpextendedcapabilities) (version: 14.0 - hp)
hp imaging device functions 14.0 (hklm\...\hp imaging device functions) (version: 14.0 - hp)
hp photosmart b010 all-in-one driver software 14.0 rel. 7 (hklm\...\{81830fef-866c-4dc0-9435-b6287b1edd8a}) (version: 14.0 - hp)
hp smart web printing 4.60 (hklm\...\hp smart web printing) (version: 4.60 - hp)
hp solution center 14.0 (hklm\...\hp solution center & imaging support tools) (version: 14.0 - hp)
hp update (hklm-x32\...\{74dc0593-6bc6-4001-ad5f-d810afb68d86}) (version: 5.002.002.002 - hewlett-packard)
hpphotogadget (x32 version: 140.0.524.000 - hewlett-packard) hidden
hpproductassistant (x32 version: 140.0.212.000 - hewlett-packard) hidden
hpssupply (x32 version: 140.0.211.000 - hewlett-packard) hidden
intel(r) control center (hklm-x32\...\{f8a9085d-4c7a-41a9-8a77-c8998a96c421}) (version: 1.2.1.1007 - intel corporation)
intel(r) management engine components (hklm-x32\...\{65153ea5-8b6e-43b6-857b-c6e4fc25798a}) (version: 7.0.0.1144 - intel corporation)
intel(r) rapid storage technology (hklm-x32\...\{3e29ee6c-963a-4aae-86c1-dc237c4a49fc}) (version: 10.6.0.1002 - intel corporation)
itunes (hklm\...\{2abbbd91-91e5-4ad7-929a-fe15d1dc0576}) (version: 12.0.1.26 - apple inc.)
java 8 update 45 (hklm-x32\...\{26a24ae4-039d-4ca4-87b4-2f83218045f0}) (version: 8.0.450 - oracle corporation)
junk mail filter update (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
kontrolnik windows live mesh activex za oddaljene povezave (hklm-x32\...\{ca227a9d-09be-4bfb-9764-48fed2da5454}) (version: 15.4.5722.2 - microsoft corporation)
lame v3.99.3 (for windows) (hklm-x32\...\lame_is1) (version:  - )
left 4 dead 2 (hklm-x32\...\steam app 550) (version:  - valve)
malwarebytes Anti-Malware version 2.1.8.1057 (hklm-x32\...\malwarebytes anti-malware_is1) (version: 2.1.8.1057 - malwarebytes corporation)
marketresearch (x32 version: 140.0.212.000 - hewlett-packard) hidden
mcafee security scan plus (hklm\...\mcafee security scan) (version: 3.11.149.2 - mcafee, inc.)
medieval ii total war (hklm-x32\...\{c0698bda-0d29-40ee-8570-a31106df9ab1}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Americas (hklm-x32\...\{75983b66-804c-40d1-ba13-64daf652a6f1}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Britannia (hklm-x32\...\{ceddee73-3d36-41c2-aa40-29355d9fbd63}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Crusades (hklm-x32\...\{02a10468-2f1c-447c-ad8e-4deddea25ae2}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Teutonic (hklm-x32\...\{7aee1963-7001-4c37-bc20-2faeb74aa41c}) (version: 1.03.000 - sega)
medion home cinema (hklm-x32\...\installshield_{1fbf6c24-c1fd-4101-a42b-0c564f9e8e79}) (version: 8.0.3216 - cyberlink corp.)
medion home cinema (x32 version: 8.0.3216 - cyberlink corp.) hidden
memeo instant backup (hklm-x32\...\{8e666407-ac41-46a2-9692-6c7bfcbfdd37}) (version: 4.60.0.7943 - memeo inc.)
mesh runtime (x32 version: 15.4.5722.2 - microsoft corporation) hidden
microsoft .net framework 4.5.1 (hklm\...\{92fb6c44-e685-45ad-9b20-cadf4caba132} - 1033) (version: 4.5.50938 - microsoft corporation)
microsoft office 2010 (hklm-x32\...\{95140000-0070-0000-0000-0000000ff1ce}) (version: 14.0.4763.1000 - microsoft corporation)
microsoft office klick-und-los 2010 (hklm-x32\...\office14.click2run) (version: 14.0.4763.1000 - microsoft corporation)
microsoft office starter 2010 - deutsch (hklm-x32\...\{90140011-0066-0407-0000-0000000ff1ce}) (version: 14.0.4763.1000 - microsoft corporation)
microsoft silverlight (hklm\...\{89f4137d-6c26-4a84-bdb8-2e5a4bb71e00}) (version: 5.1.40416.0 - microsoft corporation)
microsoft sql server 2005 compact edition [enu] (hklm-x32\...\{f0b430d1-b6aa-473d-9b06-aa3dd01fd0b8}) (version: 3.1.0000 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (version: 8.0.61001 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (version: 8.0.56336 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (version: 8.0.59193 - microsoft corporation)
microsoft visual c++ 2005 redistributable (x64) (hklm\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (version: 8.0.61000 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x64 9.0.30729.6161 (hklm\...\{5fce6d76-f5dc-37ab-b2b8-22ab8cedb1d4}) (version: 9.0.30729.6161 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.21022 (hklm-x32\...\{ff66e9f6-83e7-3a3e-af14-8de9a809a6a4}) (version: 9.0.21022 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.17 (hklm-x32\...\{9a25302d-30c0-39d9-bd6f-21e6ec160475}) (version: 9.0.30729 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148 (hklm-x32\...\{1f1c2dfc-2d24-3e06-bcb8-725134adf989}) (version: 9.0.30729.4148 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.6161 (hklm-x32\...\{9be518e6-ecc6-35a9-88e4-87755c07200f}) (version: 9.0.30729.6161 - microsoft corporation)
microsoft visual c++ 2010  x64 redistributable - 10.0.40219 (hklm\...\{1d8e6291-b0d5-35ec-8441-6616f567a0f7}) (version: 10.0.40219 - microsoft corporation)
microsoft visual c++ 2010  x86 redistributable - 10.0.40219 (hklm-x32\...\{f0c3e5d1-1ade-321e-8167-68ef0de699a5}) (version: 10.0.40219 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x64) - 11.0.61030 (hklm-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (version: 11.0.61030.0 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x86) - 11.0.61030 (hklm-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (version: 11.0.61030.0 - microsoft corporation)
microsoft visual c++ 2013 redistributable (x86) - 12.0.30501 (hklm-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (version: 12.0.30501.0 - microsoft corporation)
mozilla firefox 39.0 (x86 de) (hklm-x32\...\mozilla firefox 39.0 (x86 de)) (version: 39.0 - mozilla)
mozilla maintenance service (hklm-x32\...\mozillamaintenanceservice) (version: 30.0 - mozilla)
msn toolbar (hklm-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (version: 4.0.0357.1 - microsoft corporation)
msn toolbar platform (x32 version: 4.0.0357.1 - microsoft corporation) hidden
msxml 4.0 sp2 (kb973688) (hklm-x32\...\{f662a8e6-f4dc-41a2-901e-8c11f044bdec}) (version: 4.20.9876.0 - microsoft corporation)
mumble 1.2.5 (hklm-x32\...\{871f39a1-1671-4161-a012-1d4820346a69}) (version: 1.2.5 - thorvald natvig)
napoleon: Total war (hklm-x32\...\steam app 34030) (version:  - the creative assembly)
nvidia 3d vision controller-treiber 352.65 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.nvirusb) (version: 352.65 - nvidia corporation)
nvidia 3d vision treiber 353.30 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.3dvision) (version: 353.30 - nvidia corporation)
nvidia geforce experience 2.4.5.44 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.gfexperience) (version: 2.4.5.44 - nvidia corporation)
nvidia grafiktreiber 353.30 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.driver) (version: 353.30 - nvidia corporation)
nvidia hd-audiotreiber 1.3.34.3 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_hdaudio.driver) (version: 1.3.34.3 - nvidia corporation)
nvidia physx-systemsoftware 9.15.0428 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.physx) (version: 9.15.0428 - nvidia corporation)
openoffice 4.1.1 (hklm-x32\...\{acd0fff9-6b35-43c1-82db-9ff6990e8602}) (version: 4.11.9775 - apache software foundation)
origin (hklm-x32\...\origin) (version: 9.4.7.2799 - electronic arts, inc.)
pdf24 creator 6.3.2 (hklm-x32\...\{81a6f461-0dba-4f12-b56f-0e977ec10576}_is1) (version:  - pdf24.org)
plagiarismfinder 2.1 (hklm-x32\...\plagiarismfinder 2.1) (version: 2.1.20 - mediaphor ag)
playready pc runtime amd64 (hklm\...\{bca9334f-b6c9-4f65-9a73-ac5a329a4d04}) (version: 1.3.0 - microsoft corporation)
poczta usługi windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
podstawowe programy windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
pošta windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
ps_aio_07_b010_sw_min (x32 version: 140.0.224.000 - hewlett-packard) hidden
raccolta foto di windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
realtek ethernet controller driver (hklm-x32\...\{8833ffb6-5b0c-4764-81aa-06dfeed9a476}) (version: 7.46.610.2011 - realtek)
realtek high definition audio driver (hklm-x32\...\{f132af7f-7bca-4ede-8a7c-958108fe7dbc}) (version: 6.0.1.6438 - realtek semiconductor corp.)
researchsoft direct export helper (hklm-x32\...\researchsoft direct export helper) (version:  - thomson reuters)
scan (x32 version: 140.0.80.000 - hewlett-packard) hidden
shield streaming (version: 4.1.2000 - nvidia corporation) hidden
shield wireless controller driver (version: 2.4.5.44 - nvidia corporation) hidden
shop for hp supplies (hklm\...\shop for hp supplies) (version: 14.0 - hp)
skype click to call (hklm-x32\...\{6d1221a9-17bf-4ec0-81f2-27d30ec30701}) (version: 7.4.0.9058 - microsoft corporation)
skype™ 7.6 (hklm-x32\...\{24991ba0-f0ee-44ad-9cc8-5ec50aecf6b7}) (version: 7.6.105 - skype technologies s.a.)
smartwebprinting (x32 version: 140.0.186.000 - hewlett-packard) hidden
solutioncenter (x32 version: 140.0.214.000 - hewlett-packard) hidden
stadtplan generator 5.40 (hklm-x32\...\{53328244-e005-46a3-b39f-a15f005feceb}) (version: 5.4.0.0 - )
status (x32 version: 140.0.256.000 - hewlett-packard) hidden
steam (hklm-x32\...\{048298c9-a4d3-490b-9ff9-ab023a9238f3}) (version: 1.0.0.0 - valve)
teamspeak 3 client (hklm\...\teamspeak 3 client) (version: 3.0.16 - teamspeak systems gmbh)
teamspeak 3 client (hklm-x32\...\teamspeak 3 client) (version: 3.0.6 - teamspeak systems gmbh)
toolbox (x32 version: 140.0.428.000 - hewlett-packard) hidden
total war: Rome ii (hklm-x32\...\steam app 214950) (version:  - creative assembly)
total war: Shogun 2 (hklm-x32\...\steam app 34330) (version:  - the creative assembly)
trayapp (x32 version: 140.0.212.000 - hewlett-packard) hidden
tropico (hklm-x32\...\{818fb39b-1a57-4f1b-a54d-391c33d6c596}) (version:  - )
uzak bağlantılar İçin windows live mesh activex denetimi (hklm-x32\...\{241e7104-937a-4366-ad57-8fdddb003939}) (version: 15.4.5722.2 - microsoft corporation)
vlc media player (hklm-x32\...\vlc media player) (version: 2.1.5 - videolan)
webreg (x32 version: 140.0.212.017 - hewlett-packard) hidden
westwoodchat (hklm-x32\...\{7cae6a67-af7b-4a6a-8705-8afaca45bb60}) (version: 1.0.0.0 - westwoodchat)
westwoodonline (hklm-x32\...\{bbcd6d56-8a26-4dde-9482-dbc9c7b7341d}) (version: 1.0.0.0 - westwoodonline)
windows live essentials (hklm-x32\...\winlivesuite) (version: 15.4.3555.0308 - microsoft corporation)
windows live mesh - activex-besturingselement voor externe verbindingen (hklm-x32\...\{c32ce55c-12ba-4951-8797-0967fdef556f}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex control for remote connections (hklm-x32\...\{2902f983-b4c1-44ba-b85d-5c6d52e2c441}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex control for remote connections (hklm-x32\...\{c5398a89-516c-4daf-ba07-ee7949090e56}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex control for remote connections (hklm-x32\...\{c63a1e60-b6a4-440b-89a5-1fc6e4ac1c94}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex-objekt til fjernforbindelser (hklm-x32\...\{57220148-3b2b-412a-a2e0-82b9df423696}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex-vezérlő távoli kapcsolatokhoz (hklm-x32\...\{6e29c4f7-c2c2-4b18-a15c-e09b92065f15}) (version: 15.4.5722.2 - microsoft corporation)
yahoo search set (hklm-x32\...\yahoo! Searchset) (version:  - yahoo inc.)
zero-buchhaltung (hklm-x32\...\zero) (version:  - )
Στοιχείο ελέγχου activex του windows live mesh για απομακρυσμένες συνδέσεις (hklm-x32\...\{f665f3b8-01b4-46a9-8e47-ff8dc2208c9f}) (version: 15.4.5722.2 - microsoft corporation)
Συλλογή φωτογραφιών του windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden

==================== benutzerdefinierte clsid (nicht auf der ausnahmeliste): ==========================

(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Die datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{005a3a96-bac4-4b0a-94ea-c0ce100ea736}\localserver32 -> c:\users\tim\appdata\roaming\dropbox\bin\dropbox.exe /autoplay keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{0f22a205-cfb0-4679-8499-a6f44a80a208}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.25.5\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{1423f872-3f7f-4e57-b621-8b1a9d49b448}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.27.5\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{355ec88a-02e2-4547-9dee-f87426484bd1}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.23.9\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{5c8c2a98-6133-4eba-bbcc-34d9ea01fc2e}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.28.1\psuser_64.dll (google inc.)
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{90b3dfbf-af6a-4ea0-8899-f332194690f8}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.24.15\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{c3bc25c0-fcd3-4f01-afdd-41373f017c9a}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.26.9\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{d0336c0b-7919-4c04-8cce-2ebae2ece8c9}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.25.11\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{e8cf3e55-f919-49d9-abc0-948e6cb34b9f}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.28.1\psuser_64.dll (google inc.)
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{fe498bab-cb4c-4f88-ac3f-3641aaaf5e9e}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.24.7\psuser_64.dll keine datei

==================== wiederherstellungspunkte =========================

22-02-2015 20:00:46 windows-sicherung
25-02-2015 16:40:53 windows update
26-02-2015 04:01:09 windows update
01-03-2015 20:00:54 windows-sicherung
15-03-2015 11:47:41 windows-sicherung
15-03-2015 20:00:34 windows-sicherung
15-03-2015 20:14:14 windows update
22-03-2015 22:19:47 windows-sicherung
29-03-2015 19:02:00 windows-sicherung
31-03-2015 01:18:26 entfernt tropico
31-03-2015 01:23:01 removed Bonjour
31-03-2015 01:24:57 characthulhu wird entfernt
01-04-2015 16:09:19 installiert dawn of war - soulstorm
01-04-2015 16:25:08 directx wurde installiert
05-04-2015 03:00:16 windows update
06-04-2015 13:49:04 windows-sicherung
12-04-2015 19:00:37 windows-sicherung
15-04-2015 21:18:25 avast! Antivirus system restore point
16-04-2015 13:20:05 windows update
19-04-2015 19:01:16 windows-sicherung
26-04-2015 19:00:57 windows-sicherung
03-05-2015 19:01:34 windows-sicherung
11-05-2015 00:46:19 windows-sicherung
13-05-2015 12:34:30 windows update
17-05-2015 23:45:19 windows-sicherung
20-05-2015 12:29:41 windows update
21-05-2015 00:39:36 removed java(tm) 6 update 7
21-05-2015 00:42:16 installed java(tm) 6 update 7
24-05-2015 22:14:11 windows-sicherung
28-05-2015 19:24:15 microsoft visual c++ 2013 redistributable (x86) - 12.0.30501
28-05-2015 19:26:34 microsoft visual c++ 2013 redistributable (x86) - 12.0.21005
31-05-2015 19:01:12 windows-sicherung
08-06-2015 00:28:15 windows-sicherung
11-06-2015 00:41:13 windows update
11-06-2015 10:10:32 windows update
14-06-2015 23:30:13 windows-sicherung
21-06-2015 19:01:05 windows-sicherung
28-06-2015 23:44:47 windows-sicherung
05-07-2015 21:19:56 windows-sicherung
09-07-2015 21:44:56 removed java 8 update 40
12-07-2015 22:21:18 windows-sicherung
15-07-2015 08:11:35 windows update
15-07-2015 15:41:24 windows update
19-07-2015 02:26:59 nvidia physx wird entfernt
20-07-2015 01:47:24 windows-sicherung
21-07-2015 00:33:53 installiert medieval ii total war
21-07-2015 00:54:55 directx wurde installiert
21-07-2015 00:58:16 installiert medieval ii total war : Kingdoms : Americas
21-07-2015 02:22:27 installiert medieval ii total war : Kingdoms : Britannia
21-07-2015 02:33:02 installiert medieval ii total war : Kingdoms : Crusades
21-07-2015 02:37:44 installiert medieval ii total war : Kingdoms : Teutonic
22-07-2015 01:53:40 windows update
26-07-2015 19:08:25 windows-sicherung
29-07-2015 03:00:42 windows update

==================== hosts inhalt: ===============================

(wenn benötigt kann der hosts: Schalter in die fixlist aufgenommen werden um die hosts datei zurückzusetzen.)

2009-07-14 04:34 - 2015-07-27 02:47 - 00000854 ____a c:\windows\system32\drivers\etc\hosts
0.0.0.1	mssplus.mcafee.com

==================== geplante aufgaben (nicht auf der ausnahmeliste) =============

(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Die datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

task: {0f32673d-cf80-4d76-8b12-1c789d5fdc31} - system32\tasks\googleupdatetaskmachinecore => c:\program files (x86)\google\update\googleupdate.exe [2014-10-20] (google inc.)
task: {17d13859-861b-4d50-909a-5b47154595a7} - system32\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001core => c:\users\tim\appdata\local\google\update\googleupdate.exe [2014-01-12] (google inc.)
task: {36473548-5287-4ef2-b699-8d7c93436e4d} - system32\tasks\microsoft\windows\media center\extender\update media permissions for mcx1-tim-pc => c:\windows\ehome\mcxtask.exe [2009-07-14] (microsoft corporation)
task: {9e01355c-611f-4dbc-8147-1f3398372bc0} - system32\tasks\avast! Emergency update => c:\program files\avast software\avast\avastemupdate.exe [2015-04-15] (avast software s.r.o.)
task: {abbd3668-5b14-4ae6-87b5-d971859fea4f} - system32\tasks\adobe flash player updater => c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2015-07-15] (adobe systems incorporated)
task: {b671691e-10dc-40f2-b996-eaaaeb75af34} - system32\tasks\avastbclrestarts-1-5-21-4254080380-16762214-4038314476-1001 => firefox.exe 
task: {ba093cab-4d65-444e-be91-53492b0d1456} - system32\tasks\{7a8f8793-0e09-4147-b7a1-be9fcebd3830} => pcalua.exe -a "c:\users\tim\desktop\transkriptprogramm f4.exe" -d c:\users\tim\desktop
task: {dedfa1c6-490b-4179-bacb-4928c30811e4} - system32\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001ua => c:\users\tim\appdata\local\google\update\googleupdate.exe [2014-01-12] (google inc.)
task: {f918b5bf-baf0-4deb-af9b-b9699ca7893b} - system32\tasks\googleupdatetaskmachineua => c:\program files (x86)\google\update\googleupdate.exe [2014-10-20] (google inc.)

(wenn ein eintrag in die fixlist aufgenommen wird, wird die aufgabe verschoben. Die datei, die durch die aufgabe gestartet wird, wird nicht verschoben.)

task: C:\windows\tasks\adobe flash player updater.job => c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
task: C:\windows\tasks\googleupdatetaskmachinecore.job => c:\program files (x86)\google\update\googleupdate.exe
task: C:\windows\tasks\googleupdatetaskmachineua.job => c:\program files (x86)\google\update\googleupdate.exe
task: C:\windows\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001core.job => c:\users\tim\appdata\local\google\update\googleupdate.exe
task: C:\windows\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001ua.job => c:\users\tim\appdata\local\google\update\googleupdate.exe

==================== geladene module (nicht auf der ausnahmeliste) ==============

2014-07-01 23:11 - 2015-06-17 08:48 - 00116368 _____ () c:\program files\nvidia corporation\display\nvsmartmax64.dll
2015-04-15 21:20 - 2015-04-15 21:20 - 00104400 _____ () c:\program files\avast software\avast\log.dll
2015-04-15 21:20 - 2015-04-15 21:20 - 00081728 _____ () c:\program files\avast software\avast\jsonrpcserver.dll
2015-07-29 12:43 - 2015-07-29 12:43 - 02960384 _____ () c:\program files\avast software\avast\defs\15072900\algo.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () c:\program files (x86)\common files\apple\apple application support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () c:\program files (x86)\common files\apple\apple application support\libxml2.dll
2014-10-16 19:55 - 2014-10-16 19:55 - 00172544 _____ () c:\windows\assembly\nativeimages_v2.0.50727_32\isdiinterop\b2363cf94faf59386ab4778a39c16e2b\isdiinterop.ni.dll
2011-09-29 17:34 - 2011-05-20 19:05 - 00059904 _____ () c:\program files (x86)\intel\intel(r) rapid storage technology\isdiinterop.dll
2015-07-19 02:28 - 2015-06-17 11:10 - 00011920 _____ () c:\program files (x86)\nvidia corporation\update core\detoured.dll
2013-03-12 18:10 - 2015-07-03 18:12 - 00778240 _____ () c:\program files (x86)\steam\sdl2.dll
2015-01-29 18:22 - 2015-07-03 18:12 - 04962816 _____ () c:\program files (x86)\steam\v8.dll
2015-01-29 18:22 - 2015-07-03 18:12 - 01556992 _____ () c:\program files (x86)\steam\icui18n.dll
2015-01-29 18:22 - 2015-07-03 18:12 - 01187840 _____ () c:\program files (x86)\steam\icuuc.dll
2014-05-23 08:47 - 2015-07-24 01:24 - 02410176 _____ () c:\program files (x86)\steam\video.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 02396672 _____ () c:\program files (x86)\steam\libavcodec-56.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00442880 _____ () c:\program files (x86)\steam\libavutil-54.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00479744 _____ () c:\program files (x86)\steam\libavformat-56.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00332800 _____ () c:\program files (x86)\steam\libavresample-2.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00485888 _____ () c:\program files (x86)\steam\libswscale-3.dll
2012-08-07 20:38 - 2015-07-24 01:23 - 00703168 _____ () c:\program files (x86)\steam\bin\chromehtml.dll
2015-07-23 11:33 - 2015-07-07 22:41 - 00169984 _____ () c:\program files (x86)\steam\bin\openvr_api.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () c:\program files (x86)\cyberlink\power2go\clmedialibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () c:\program files (x86)\cyberlink\power2go\clmlsvcps.dll
2015-03-20 13:40 - 2015-03-20 13:40 - 40540672 _____ () c:\program files\avast software\avast\libcef.dll
2012-08-07 20:38 - 2015-07-03 18:12 - 39553928 _____ () c:\program files (x86)\steam\bin\libcef.dll
2014-08-13 10:27 - 2014-08-13 10:27 - 00988160 _____ () c:\program files (x86)\openoffice 4\program\libxml2.dll
2014-07-29 14:34 - 2014-07-29 14:34 - 00170496 _____ () c:\program files (x86)\openoffice 4\program\libxslt.dll
2012-08-08 03:12 - 2013-03-12 16:22 - 09390592 _____ () c:\users\tim\appdata\local\adobe\acrobat\10.0\cache\rdlang_rdlang32.deu
2012-12-18 16:28 - 2012-12-18 16:28 - 00305880 _____ () c:\program files (x86)\adobe\reader 10.0\reader\sqlite.dll
2014-06-23 20:58 - 2014-01-28 07:47 - 03601408 _____ () c:\program files (x86)\adobe\reader 10.0\reader\plug_ins\citavi picker\citavipicker.api
2012-08-08 03:15 - 2013-03-18 02:43 - 00014336 _____ () c:\users\tim\appdata\local\adobe\acrobat\10.0\cache\rdlang_updater.deu
2015-07-15 15:48 - 2015-07-15 15:48 - 17448624 _____ () c:\windows\syswow64\macromed\flash\npswf32_18_0_0_209.dll

==================== alternate data streams (nicht auf der ausnahmeliste) =========

(wenn ein eintrag in die fixlist aufgenommen wird, wird nur der ads entfernt.)


==================== abgesicherter modus (nicht auf der ausnahmeliste) ===================

(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Der wert "alternateshell" wird wiederhergestellt.)


==================== exe verknüpfungen (nicht auf der ausnahmeliste) ===============

(wenn ein eintrag in die fixlist aufgenommen wird, wird der registryeintrag auf den standardwert zurückgesetzt oder entfernt.)


==================== internet explorer trusted/restricted ===============

(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt.)


==================== andere bereiche ============================

(aktuell gibt es keinen automatisierten fix für diesen bereich.)

hku\s-1-5-21-4254080380-16762214-4038314476-1001\control panel\desktop\\wallpaper -> c:\users\tim\appdata\roaming\microsoft\windows\themes\transcodedwallpaper.jpg
dns servers: 192.168.178.1
hklm\software\microsoft\windows\currentversion\policies\system => (consentpromptbehavioradmin: 5) (consentpromptbehavioruser: 3) (enablelua: 1)
windows firewall ist aktiviert.

==================== msconfig/task manager deaktivierte einträge ==

(aktuell gibt es keinen automatisierten fix für diesen bereich.)

msconfig\services: Bonjour service => 2
msconfig\startupreg: Apntbmon => "c:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe"
msconfig\startupreg: Inetstat => c:\users\tim\appdata\roaming\inetstat\inetstat.exe
msconfig\startupreg: Ituneshelper => "c:\program files (x86)\itunes\ituneshelper.exe"

==================== firewall regeln (nicht auf der ausnahmeliste) ===============

(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Die datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

firewallrules: [{cc7a9a93-3447-4089-a681-63ff7930f637}] => (allow) c:\program files (x86)\windows live\contacts\wlcomm.exe
firewallrules: [{f9560ef2-fee6-4329-9b99-7509b9a25f30}] => (allow) lport=2869
firewallrules: [{12243fb8-90cc-4f7a-8728-940856db8b1c}] => (allow) lport=1900
firewallrules: [{308d8a43-d7b5-4672-99b9-bb7709bff146}] => (allow) c:\program files (x86)\windows live\messenger\msnmsgr.exe
firewallrules: [{1bbb2c33-0580-4f9a-befb-af28d84aa65a}] => (allow) c:\program files (x86)\windows live\mesh\moe.exe
firewallrules: [{86167796-edfe-4251-be30-cd8629b0f3cb}] => (allow) c:\program files (x86)\skype\phone\skype.exe
firewallrules: [{f0731bcf-c829-495d-9eb8-b89f5c29d253}] => (allow) c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe
firewallrules: [{25fe5c3e-5ede-49ad-9776-11165788eb50}] => (allow) c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe
firewallrules: [{631d1eb1-6e90-4c6e-86bc-b6a2547c0e1c}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe
firewallrules: [{4265681f-dc2c-4986-8088-a44260e633a4}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe
firewallrules: [{b18188d9-1c43-4739-b53d-3f018645dc69}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe
firewallrules: [tcp query user{3ed0d92f-027a-455f-a4fc-5db56f4139e7}c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe] => (allow) c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe
firewallrules: [udp query user{6cb343f6-28a2-4dca-92cb-859782ff62b8}c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe] => (allow) c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe
firewallrules: [tcp query user{38432cdd-26b3-4d83-8d10-663670042ff3}c:\program files (x86)\steam\steam.exe] => (block) c:\program files (x86)\steam\steam.exe
firewallrules: [udp query user{416d66c7-a52a-4d6c-b9d9-b3c8dd0392ff}c:\program files (x86)\steam\steam.exe] => (block) c:\program files (x86)\steam\steam.exe
firewallrules: [{3fcc2945-32a4-4714-8f1c-756a9e332d3e}] => (allow) c:\program files (x86)\ventrilo\ventrilo.exe
firewallrules: [{2c7bad4c-5526-4e46-b639-8aeece07c991}] => (allow) c:\program files (x86)\ventrilo\ventrilo.exe
firewallrules: [{712bc95e-a76e-4587-8e08-4a65468d9d09}] => (allow) c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe
firewallrules: [{a4a0780a-579f-438c-8fef-7148bcb16eb4}] => (allow) c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe
firewallrules: [{46284e4e-881d-4812-8782-5e99e3817183}] => (allow) c:\users\tim\appdata\local\temp\7zs7ca7\hppiw.exe
firewallrules: [{b25df979-4410-4b3b-bdf0-624ede30446e}] => (allow) c:\users\tim\appdata\local\temp\7zs7ca7\hppiw.exe
firewallrules: [{7be1f68e-1a3b-49c5-8830-ef7cd01f6ef6}] => (allow) c:\users\tim\appdata\local\temp\7zs7cbe\hppiw.exe
firewallrules: [{587a2946-224d-4589-9c78-15daac2fcb8d}] => (allow) c:\users\tim\appdata\local\temp\7zs7cbe\hppiw.exe
firewallrules: [{a0be0301-46d1-4127-9d16-19a060fc13e1}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [{7c194689-863d-4cb4-94e5-956eac6ed7c1}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [tcp query user{ade217ac-e5cd-4983-8129-ac9fbd8e6eb1}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [udp query user{6c589530-1b17-4a80-9c7f-209401568bb5}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [{ff761814-6783-4a06-ac4f-aff5364daba9}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [{dfe86eb1-2995-46b5-a157-9af60d67cc3e}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [{7acd9b6f-7dde-4398-9403-099ad60ba551}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [{52ba9ede-bcf4-4e8f-bc1d-d840b5d16bd1}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [tcp query user{5a59c77a-8316-4d98-84b8-e892e08e2804}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [udp query user{a817c938-0f16-48e5-ba38-534e920d308c}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [tcp query user{c8e5ef8c-ce20-4a97-abe2-644adb56988a}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [udp query user{9f2e2cb6-6486-43b9-8e4a-94f76bb7ec9a}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [tcp query user{1b2d14f7-cca4-4a8f-bff3-5655cd5a05ca}c:\program files (x86)\steam\steam.exe] => (allow) c:\program files (x86)\steam\steam.exe
firewallrules: [udp query user{4ba7b1c7-4288-4f38-9b32-d3946a705f18}c:\program files (x86)\steam\steam.exe] => (allow) c:\program files (x86)\steam\steam.exe
firewallrules: [{3d06d572-36fb-477b-928c-26bd8b728d7b}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [{ca3b09bc-c2dc-4947-b185-b9fac0502cb2}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [{899ef5d6-0a31-49db-ba81-baa6283db83a}] => (allow) c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat
firewallrules: [tcp query user{8896d19e-24be-4c44-b3dd-b32c04a83481}c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe] => (allow) c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe
firewallrules: [udp query user{21320bd9-0160-45cf-a010-c3f7a8f2cd16}c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe] => (allow) c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe
firewallrules: [tcp query user{6a15a47d-9fa3-4116-9a37-add76e5ed1c8}c:\sierra\ee-zde\ee-aoc.exe] => (allow) c:\sierra\ee-zde\ee-aoc.exe
firewallrules: [udp query user{962c1b9d-512e-49a8-9380-5a0d99ad81d2}c:\sierra\ee-zde\ee-aoc.exe] => (allow) c:\sierra\ee-zde\ee-aoc.exe
firewallrules: [{8adfa03b-d0a6-4c29-99b2-6334abafb4aa}] => (allow) c:\program files (x86)\origin games\command and conquer red alert 3\ra3launcher.exe
firewallrules: [{54061174-aab4-4849-8284-77a905ec0545}] => (allow) c:\program files (x86)\origin games\command and conquer red alert 3\ra3launcher.exe
firewallrules: [{39ddb74f-be4f-46b8-a06a-cbfca33d8a7c}] => (allow) c:\program files (x86)\origin games\command and conquer generals zero hour\generals.exe
firewallrules: [{badf87b6-6138-431f-9595-496f68431c23}] => (allow) c:\program files (x86)\origin games\command and conquer generals zero hour\generals.exe
firewallrules: [{9401c300-852b-41df-9b3f-7d35bbf3218b}] => (allow) c:\program files (x86)\origin games\command and conquer the ultimate collection additional content\launcher.exe
firewallrules: [{6eeacca2-a831-4613-92dd-250c14e38caf}] => (allow) c:\program files (x86)\origin games\command and conquer the ultimate collection additional content\launcher.exe
firewallrules: [{22c8a69b-ddaf-4c4b-b952-20a06c77e7ed}] => (allow) c:\program files (x86)\origin games\cnc and the covert operations\cnc95launcher.exe
firewallrules: [{949aabc7-6c1c-464c-a75f-d6c62f31156f}] => (allow) c:\program files (x86)\origin games\cnc and the covert operations\cnc95launcher.exe
firewallrules: [{2fad198f-e49e-4fd7-8c0f-08db2f8e2127}] => (allow) c:\program files (x86)\origin games\renegade\renegadelauncher.exe
firewallrules: [{0ec7f6e5-b891-4aa1-a2c0-f1e5cfeddd28}] => (allow) c:\program files (x86)\origin games\renegade\renegadelauncher.exe
firewallrules: [{9542b3d3-b0c8-40a3-8f6e-fa01ebdb7121}] => (allow) c:\program files (x86)\origin games\command and conquer red alert\ra95launcher.exe
firewallrules: [{bae02649-ce40-4b0e-af98-7b43dfc15a74}] => (allow) c:\program files (x86)\origin games\command and conquer red alert\ra95launcher.exe
firewallrules: [{1b220b61-dd7e-4bc5-8314-fe3ebe6a50aa}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{5b1aaca3-dead-49a4-ae1f-4897b44a36b3}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{a4d71bd9-4a5f-4d1b-b878-a1a9dcfe6f1d}] => (allow) c:\program files (x86)\origin games\command and conquer tiberian sun\tslauncher.exe
firewallrules: [{c20ef644-ae05-4979-8f0f-52a65833cbc4}] => (allow) c:\program files (x86)\origin games\command and conquer tiberian sun\tslauncher.exe
firewallrules: [{8bd01ce9-d9ab-4011-b1cd-87833c1110ec}] => (allow) c:\program files (x86)\origin games\command and conquer 3\cnc3launcher.exe
firewallrules: [{f5d021be-507f-4d97-9e4f-f89249aa9404}] => (allow) c:\program files (x86)\origin games\command and conquer 3\cnc3launcher.exe
firewallrules: [{7aedd126-0fa4-4234-a5ab-128350ca4919}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe
firewallrules: [{a0483b24-2413-4297-9fac-95b751f01a5e}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe
firewallrules: [{7d363b00-50e2-4291-a1b5-7b8fdc0d8dcb}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hposid01.exe
firewallrules: [{a7266062-78ab-46bb-9e5a-568d67a2dab2}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe
firewallrules: [{742554f6-b53e-4ad1-a9c2-2778a1fd2450}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe
firewallrules: [{4638f46d-7219-443a-bea1-3855417e8d37}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe
firewallrules: [{2d5e5670-f7ed-46aa-beb9-74e113bfbbed}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe
firewallrules: [{a0dd209f-1ab7-4889-8768-0903b85a7555}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe
firewallrules: [{73c515ab-01b5-4691-a6e0-1009b0c73362}] => (allow) c:\program files (x86)\hp\hp software update\hpwucli.exe
firewallrules: [{2f067bec-a02b-498c-bbbe-ed3cdf480687}] => (allow) c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe
firewallrules: [{2a317d99-a40b-4eb5-aeb1-77c155d8b96d}] => (allow) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\cnc4.exe
firewallrules: [{a518821c-536a-4587-9c26-477a0c07e8c5}] => (allow) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\cnc4.exe
firewallrules: [tcp query user{ff5639b8-aac6-4d46-8dc4-855a6482787d}c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (block) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
firewallrules: [udp query user{8fc6a088-0323-44cd-99f6-8ed716b3cc13}c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (block) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
firewallrules: [{f9ce33e9-cc12-45c6-97b5-240bb5635749}] => (allow) c:\program files (x86)\origin games\battlefield 3\bf3.exe
firewallrules: [{355855b1-a131-41a2-b1bf-1023cb645dfa}] => (allow) c:\program files (x86)\origin games\battlefield 3\bf3.exe
firewallrules: [{0edd78e9-8710-4d81-b52b-da77b8230dbe}] => (allow) c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
firewallrules: [{8bf43e1a-90d9-4e9f-b51f-9c4dccb44a58}] => (allow) c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
firewallrules: [{df010dc7-4c4d-477f-8f3c-2dfd79749bdb}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe
firewallrules: [{4b030603-6fd2-4541-a020-41ae200b76ad}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe
firewallrules: [{6a102388-49fe-4d0c-8b26-c9e2c457f6c2}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe
firewallrules: [{08cc1427-a878-49a0-9bba-abe55e39f3fe}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe
firewallrules: [{2a30b544-8d34-40b2-b75c-41bd45cccdee}] => (allow) c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe
firewallrules: [{5da24c54-a020-4646-8093-a87d4b8cffea}] => (allow) c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe
firewallrules: [{1badc6de-c2d4-4c6b-a9d2-cec128e72cde}] => (allow) c:\program files (x86)\steam\bin\steamwebhelper.exe
firewallrules: [{a3a54767-b012-4a87-bd6e-94c3918299cc}] => (allow) c:\program files (x86)\steam\bin\steamwebhelper.exe
firewallrules: [{947f9a42-f0ba-4e82-9c6a-52060f02b0f9}] => (allow) c:\program files (x86)\steam\steamapps\common\edna & harvey the breakout\edna.exe
firewallrules: [{d29fc276-658e-42d0-9dfa-4f05e42344dd}] => (allow) c:\program files (x86)\steam\steamapps\common\edna & harvey the breakout\edna.exe
firewallrules: [tcp query user{a8ec35c3-a773-4b54-9915-299aa6988c40}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [udp query user{0ebfea20-0535-4716-952e-1cb932ece926}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [{034bc70f-3484-4e63-ab6d-3a60c3861461}] => (allow) c:\program files (x86)\itunes\itunes.exe
firewallrules: [{374aebfa-34a4-4652-bd73-8523259957ce}] => (allow) c:\program files (x86)\mozilla firefox\firefox.exe
firewallrules: [{16bf8091-510d-4e20-be18-cf2db1608989}] => (allow) c:\program files (x86)\mozilla firefox\firefox.exe
firewallrules: [tcp query user{2f06d9b1-8093-4a12-bd36-328d172f3278}c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (allow) c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
firewallrules: [udp query user{7a8c8a3d-a674-41ad-bc10-72389b07fb1b}c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (allow) c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
firewallrules: [{1a1af9a3-a88a-4c32-9fbf-c8b65aa42966}] => (allow) c:\program files\avast software\avast\ng\vbox\aswfe.exe
firewallrules: [{23e2f8b8-099f-4c7d-8323-e44d6a99d5ec}] => (allow) c:\program files\avast software\avast\ng\vbox\aswfe.exe
firewallrules: [{f0ad814f-01ae-4856-9ec0-af4a22f47789}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{d82bab71-3118-4377-abf6-8691596812f8}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{03f0868d-874a-47b7-9cdd-77d30749859f}] => (allow) c:\program files (x86)\google\chrome\application\chrome.exe

==================== fehlerhafte geräte im gerätemanager =============


==================== fehlereinträge in der ereignisanzeige: =========================

applikationsfehler:
==================
error: (07/29/2015 06:08:39 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
(stream product id=0x0066): Streaming failed

error: (07/29/2015 06:08:08 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
Too many failures while downloading ranges: 2

error: (07/29/2015 06:06:57 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003

error: (07/29/2015 06:06:31 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
   Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
   bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
   bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
   --- ende der internen ausnahmestapelüberwachung ---
   bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
   bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
   bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
   bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
   bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration.   Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
   bei remoteserverservice.memeobackgroundservice.onstart(string[] args)

error: (07/29/2015 12:43:58 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
(stream product id=0x0066): Streaming failed

error: (07/29/2015 12:43:27 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
Too many failures while downloading ranges: 2

error: (07/29/2015 12:42:38 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003

error: (07/29/2015 12:41:46 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
   Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
   bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
   bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
   --- ende der internen ausnahmestapelüberwachung ---
   bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
   bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
   bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
   bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
   bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration.   Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
   bei remoteserverservice.memeobackgroundservice.onstart(string[] args)

error: (07/29/2015 04:33:51 am) (source: Nvstreamsvc) (eventid: 2001) (user: )
description: An error has occurred (nvstreamuseragent restarted too many times in a short period. Aborting. [0]).

Error: (07/28/2015 11:50:42 pm) (source: Application hang) (eventid: 1002) (user: )
description: Programm kingdoms.exe, version 1.3.0.0 kann nicht mehr unter windows ausgeführt werden und wurde beendet. überprüfen sie den problemverlauf in der wartungscenter-systemsteuerung, um nach weiteren informationen zum problem zu suchen.

Prozess-id: 1dac

startzeit: 01d0c975a402d8c3

endzeit: 3246

anwendungspfad: C:\program files (x86)\sega\medieval ii total war\kingdoms.exe

berichts-id:


Systemfehler:
=============
error: (07/29/2015 06:11:40 pm) (source: Service control manager) (eventid: 7022) (user: )
description: Der dienst "windows search" wurde nicht richtig gestartet.

Error: (07/29/2015 12:47:06 pm) (source: Service control manager) (eventid: 7022) (user: )
description: Der dienst "windows search" wurde nicht richtig gestartet.

Error: (07/28/2015 02:44:03 am) (source: Service control manager) (eventid: 7009) (user: )
description: Das zeitlimit (30000 ms) wurde beim verbindungsversuch mit dem dienst windows-fehlerberichterstattungsdienst erreicht.

Error: (07/26/2015 12:12:22 am) (source: Service control manager) (eventid: 7000) (user: )
description: Der dienst "steam client service" wurde aufgrund folgenden fehlers nicht gestartet: 
%%1053

error: (07/26/2015 12:12:22 am) (source: Service control manager) (eventid: 7009) (user: )
description: Das zeitlimit (30000 ms) wurde beim verbindungsversuch mit dem dienst steam client service erreicht.

Error: (07/23/2015 04:40:55 pm) (source: Schannel) (eventid: 4119) (user: Nt-autorität)
description: Es wurde eine schwerwiegende warnung empfangen: 40.

Error: (07/23/2015 04:40:55 pm) (source: Schannel) (eventid: 4119) (user: Nt-autorität)
description: Es wurde eine schwerwiegende warnung empfangen: 40.

Error: (07/23/2015 04:24:57 pm) (source: Service control manager) (eventid: 7000) (user: )
description: Der dienst "hp network devices support" wurde aufgrund folgenden fehlers nicht gestartet: 
%%1053

error: (07/23/2015 04:24:57 pm) (source: Service control manager) (eventid: 7009) (user: )
description: Das zeitlimit (30000 ms) wurde beim verbindungsversuch mit dem dienst hp network devices support erreicht.

Error: (07/23/2015 04:24:57 pm) (source: Dcom) (eventid: 10005) (user: )
description: 1053hpslpsvc{10da4f3c-cc99-4190-be4d-58330754e882}


microsoft office:
=========================
error: (07/29/2015 06:08:39 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: (stream product id=0x0066): Streaming failed

error: (07/29/2015 06:08:08 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Too many failures while downloading ranges: 2

error: (07/29/2015 06:06:57 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003

error: (07/29/2015 06:06:31 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
   Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
   bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
   bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
   --- ende der internen ausnahmestapelüberwachung ---
   bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
   bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
   bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
   bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
   bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration.   Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
   bei remoteserverservice.memeobackgroundservice.onstart(string[] args)

error: (07/29/2015 12:43:58 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: (stream product id=0x0066): Streaming failed

error: (07/29/2015 12:43:27 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Too many failures while downloading ranges: 2

error: (07/29/2015 12:42:38 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003

error: (07/29/2015 12:41:46 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
   Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
   bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
   bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
   --- ende der internen ausnahmestapelüberwachung ---
   bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
   bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
   bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
   bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
   bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration.   Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
   bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
   bei remoteserverservice.memeobackgroundservice.onstart(string[] args)

error: (07/29/2015 04:33:51 am) (source: Nvstreamsvc) (eventid: 2001) (user: )
description: Nvstreamsvcnvstreamuseragent restarted too many times in a short period. Aborting. [0]

error: (07/28/2015 11:50:42 pm) (source: Application hang) (eventid: 1002) (user: )
description: Kingdoms.exe1.3.0.01dac01d0c975a402d8c33246c:\program files (x86)\sega\medieval ii total war\kingdoms.exe


==================== speicherinformationen =========================== 

processor: Intel(r) core(tm) i5-2320 cpu @ 3.00ghz
percentage of memory in use: 52%
total physical ram: 4077.64 mb
available physical ram: 1917.68 mb
total virtual: 8168.49 mb
available virtual: 3484.08 mb

==================== drives ================================

drive c: (boot) (fixed) (total:1811.92 gb) (free:1187.55 gb) ntfs
drive d: (recover) (fixed) (total:50 gb) (free:0 gb) ntfs
drive e: (med2_gold_disk1) (cdrom) (total:6.42 gb) (free:0 gb) udf

==================== mbr & partition table ==================

========================================================
disk: 0 (size: 1863 gb) (disk id: B90c56b0)
partition 1: (active) - (size=100 mb) - (type=07 ntfs)
partition 2: (not active) - (size=1811.9 gb) - (type=07 ntfs)
partition 3: (not active) - (size=50 gb) - (type=07 ntfs)
partition 4: (not active) - (size=1 gb) - (type=12)

==================== ende von log ============================
         
Malwarebytes Anti-Malware Suchverlauf

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 27.07.2015
Suchlaufzeit: 02:06
Protokolldatei: tim.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.07.26.06
Rootkit-Datenbank: v2015.07.22.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 442109
Abgelaufene Zeit: 32 Min., 11 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
GMER Fehlermeldung
__________________


Alt 30.07.2015, 06:22   #3
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 30.07.2015, 13:17   #4
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Das kam am Anfang, ich habe auf Nein geklickt.




Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.30.02
  rootkit: v2015.07.29.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Tim :: TIM-PC [administrator]

30.07.2015 12:30:49
mbar-log-2015-07-30 (12-30-49).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 444200
Time elapsed: 36 minute(s), 35 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
13:10:57.0555 0x0660  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:11:09.0361 0x0660  ============================================================
13:11:09.0361 0x0660  Current date / time: 2015/07/30 13:11:09.0361
13:11:09.0361 0x0660  SystemInfo:
13:11:09.0362 0x0660  
13:11:09.0362 0x0660  OS Version: 6.1.7601 ServicePack: 1.0
13:11:09.0362 0x0660  Product type: Workstation
13:11:09.0362 0x0660  ComputerName: TIM-PC
13:11:09.0362 0x0660  UserName: Tim
13:11:09.0362 0x0660  Windows directory: C:\Windows
13:11:09.0362 0x0660  System windows directory: C:\Windows
13:11:09.0362 0x0660  Running under WOW64
13:11:09.0362 0x0660  Processor architecture: Intel x64
13:11:09.0362 0x0660  Number of processors: 4
13:11:09.0362 0x0660  Page size: 0x1000
13:11:09.0362 0x0660  Boot type: Normal boot
13:11:09.0362 0x0660  ============================================================
13:11:09.0884 0x0660  KLMD registered as C:\Windows\system32\drivers\79900316.sys
13:11:11.0507 0x0660  System UUID: {52D498D7-1D30-193D-DDD4-60F62BFAA7CD}
13:11:12.0916 0x0660  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:12.0932 0x0660  ============================================================
13:11:12.0932 0x0660  \Device\Harddisk0\DR0:
13:11:12.0932 0x0660  MBR partitions:
13:11:12.0932 0x0660  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:11:12.0932 0x0660  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE27D5800
13:11:12.0932 0x0660  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE2808000, BlocksNum 0x6400000
13:11:12.0932 0x0660  ============================================================
13:11:13.0030 0x0660  C: <-> \Device\Harddisk0\DR0\Partition2
13:11:13.0231 0x0660  D: <-> \Device\Harddisk0\DR0\Partition3
13:11:13.0231 0x0660  ============================================================
13:11:13.0231 0x0660  Initialize success
13:11:13.0231 0x0660  ============================================================
13:11:46.0122 0x02d4  ============================================================
13:11:46.0122 0x02d4  Scan started
13:11:46.0122 0x02d4  Mode: Manual; SigCheck; TDLFS; 
13:11:46.0122 0x02d4  ============================================================
13:11:46.0122 0x02d4  KSN ping started
13:11:59.0869 0x02d4  KSN ping finished: true
13:12:00.0939 0x02d4  ================ Scan system memory ========================
13:12:00.0939 0x02d4  System memory - ok
13:12:00.0940 0x02d4  ================ Scan services =============================
13:12:01.0296 0x02d4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:12:01.0454 0x02d4  1394ohci - ok
13:12:01.0608 0x02d4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:12:01.0653 0x02d4  ACPI - ok
13:12:01.0698 0x02d4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:12:01.0750 0x02d4  AcpiPmi - ok
13:12:01.0920 0x02d4  [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:12:01.0938 0x02d4  AdobeARMservice - ok
13:12:02.0123 0x02d4  [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:02.0149 0x02d4  AdobeFlashPlayerUpdateSvc - ok
13:12:02.0266 0x02d4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:12:02.0297 0x02d4  adp94xx - ok
13:12:02.0377 0x02d4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:12:02.0407 0x02d4  adpahci - ok
13:12:02.0467 0x02d4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:12:02.0481 0x02d4  adpu320 - ok
13:12:02.0514 0x02d4  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:12:02.0558 0x02d4  AeLookupSvc - ok
13:12:02.0613 0x02d4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
13:12:02.0669 0x02d4  AFD - ok
13:12:02.0712 0x02d4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
13:12:02.0724 0x02d4  agp440 - ok
13:12:02.0752 0x02d4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:12:02.0805 0x02d4  ALG - ok
13:12:02.0846 0x02d4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:12:02.0862 0x02d4  aliide - ok
13:12:02.0903 0x02d4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
13:12:02.0916 0x02d4  amdide - ok
13:12:02.0958 0x02d4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:12:02.0996 0x02d4  AmdK8 - ok
13:12:03.0031 0x02d4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:12:03.0064 0x02d4  AmdPPM - ok
13:12:03.0090 0x02d4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:12:03.0105 0x02d4  amdsata - ok
13:12:03.0134 0x02d4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:12:03.0153 0x02d4  amdsbs - ok
13:12:03.0179 0x02d4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:12:03.0189 0x02d4  amdxata - ok
13:12:03.0251 0x02d4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
13:12:03.0290 0x02d4  AppID - ok
13:12:03.0332 0x02d4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:12:03.0351 0x02d4  AppIDSvc - ok
13:12:03.0422 0x02d4  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
13:12:03.0488 0x02d4  Appinfo - ok
13:12:03.0556 0x02d4  [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:12:03.0572 0x02d4  Apple Mobile Device - ok
13:12:03.0601 0x02d4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
13:12:03.0620 0x02d4  arc - ok
13:12:03.0655 0x02d4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:12:03.0674 0x02d4  arcsas - ok
13:12:03.0763 0x02d4  [ D6D2BB2F4F5868549DDE75F3146BC84E, FE2965649FF62696D30A4A7C377064EA2A27F03511DAF781913AA055A5FED323 ] asmthub3        C:\Windows\system32\drivers\asmthub3.sys
13:12:03.0825 0x02d4  asmthub3 - ok
13:12:03.0896 0x02d4  [ 1E758172367DC2A3653F16586D62A3F0, 5395781F2B71CD9050F6CF75779D661F98E816A263ABA51153D14E21B73D4BC4 ] asmtxhci        C:\Windows\system32\drivers\asmtxhci.sys
13:12:03.0969 0x02d4  asmtxhci - ok
13:12:04.0086 0x02d4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:12:04.0117 0x02d4  aspnet_state - ok
13:12:04.0180 0x02d4  [ AA0B7720D0CB89DCC3363E5DBDF3EBB6, A00E47DD5D32A3D9652B8C11899D455EA239DA33222AA80F3743BCF8BBC7BE5A ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
13:12:04.0191 0x02d4  aswHwid - ok
13:12:04.0214 0x02d4  [ 3B154DDD747CBAC31E33B276800736B0, AAE2C0F62F510C7183BAEAF762290F8431DCCC8618F80EDC9B6028720F0C1C47 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:12:04.0225 0x02d4  aswMonFlt - ok
13:12:04.0229 0x02d4  [ CF1BFE4B95F0626C10E96A48B9B8EAC6, 99897F005A0AD3DF7AEEAD63C662C6FC4B3BDCA47B6641AD5D12AFD2406282F1 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
13:12:04.0240 0x02d4  aswRdr - ok
13:12:04.0309 0x02d4  [ 67C5C6F9DE8F6B43372EDADEBAD85E67, 4FA16109494681BEF9F84574CF3407BB001A1757CA2CE036B8EAC969AB9D428B ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
13:12:04.0332 0x02d4  aswRvrt - ok
13:12:04.0413 0x02d4  [ BE3D7AC282909F1352742F98DA2C9D18, 15C4A3240CD37531A6A6D406E34B4AAE93DD0FA449D3F37237ECFCB01D2F3BE8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:12:04.0474 0x02d4  aswSnx - ok
13:12:04.0593 0x02d4  [ 2EF2CB17A9C46AE16276A15EF2F3AF74, 7D9CB982ED06BCBCA4A714CB723E54E8DCCCA35D5D11E9E32F5D7CFE99DCA62F ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:12:04.0624 0x02d4  aswSP - ok
13:12:04.0711 0x02d4  [ D4408FE64734D8DA69AB699D8A4AEF0D, F0D04D468DD3CD1F664A5FF5043A4308B539F5465C43DA0994D4D8F84753B831 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
13:12:04.0734 0x02d4  aswStm - ok
13:12:04.0790 0x02d4  [ 8DF6664681FF5ADDBEB0D749B85B6544, BCC2359E9A3F92499EDFD22B497048F6EA51C769D2DC70A5AD821C5AB681844C ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
13:12:04.0814 0x02d4  aswVmm - ok
13:12:04.0842 0x02d4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:12:04.0963 0x02d4  AsyncMac - ok
13:12:05.0039 0x02d4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
13:12:05.0056 0x02d4  atapi - ok
13:12:05.0171 0x02d4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:12:05.0236 0x02d4  AudioEndpointBuilder - ok
13:12:05.0262 0x02d4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:12:05.0288 0x02d4  AudioSrv - ok
13:12:05.0469 0x02d4  [ 210A326658D72D7F2EE2267F3D9C44D4, 25BC620209B5F4BCF5C3F323290E41255F68660F3DFF901FA5A78423A7293D73 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:12:05.0493 0x02d4  avast! Antivirus - ok
13:12:05.0691 0x02d4  [ 986B03BCC7679B181EC540249956B080, 35FD1229DD016B0837A2879E685A830034DD36D5F52ECBAFA358299DCB126989 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
13:12:05.0776 0x02d4  AvastVBoxSvc - ok
13:12:05.0868 0x02d4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:12:05.0950 0x02d4  AxInstSV - ok
13:12:06.0004 0x02d4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:12:06.0068 0x02d4  b06bdrv - ok
13:12:06.0149 0x02d4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:12:06.0211 0x02d4  b57nd60a - ok
13:12:06.0260 0x02d4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:12:06.0335 0x02d4  BDESVC - ok
13:12:06.0383 0x02d4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:12:06.0462 0x02d4  Beep - ok
13:12:06.0687 0x02d4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
13:12:06.0777 0x02d4  BFE - ok
13:12:06.0824 0x02d4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
13:12:06.0954 0x02d4  BITS - ok
13:12:06.0986 0x02d4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
13:12:07.0000 0x02d4  blbdrive - ok
13:12:07.0032 0x02d4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:12:07.0065 0x02d4  bowser - ok
13:12:07.0078 0x02d4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:12:07.0114 0x02d4  BrFiltLo - ok
13:12:07.0123 0x02d4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:12:07.0170 0x02d4  BrFiltUp - ok
13:12:07.0264 0x02d4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
13:12:07.0295 0x02d4  Browser - ok
13:12:07.0373 0x02d4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:12:07.0404 0x02d4  Brserid - ok
13:12:07.0420 0x02d4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:12:07.0451 0x02d4  BrSerWdm - ok
13:12:07.0467 0x02d4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:12:07.0498 0x02d4  BrUsbMdm - ok
13:12:07.0545 0x02d4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:12:07.0576 0x02d4  BrUsbSer - ok
13:12:07.0638 0x02d4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:12:07.0685 0x02d4  BTHMODEM - ok
13:12:07.0763 0x02d4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:12:07.0825 0x02d4  bthserv - ok
13:12:07.0935 0x02d4  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
13:12:07.0981 0x02d4  c2cautoupdatesvc - ok
13:12:08.0106 0x02d4  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc       C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
13:12:08.0215 0x02d4  c2cpnrsvc - ok
13:12:08.0278 0x02d4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:12:08.0325 0x02d4  cdfs - ok
13:12:08.0387 0x02d4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:12:08.0434 0x02d4  cdrom - ok
13:12:08.0481 0x02d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:12:08.0527 0x02d4  CertPropSvc - ok
13:12:08.0605 0x02d4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
13:12:08.0652 0x02d4  circlass - ok
13:12:08.0699 0x02d4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
13:12:08.0730 0x02d4  CLFS - ok
13:12:08.0824 0x02d4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:08.0839 0x02d4  clr_optimization_v2.0.50727_32 - ok
13:12:09.0027 0x02d4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:12:09.0058 0x02d4  clr_optimization_v2.0.50727_64 - ok
13:12:09.0151 0x02d4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:12:09.0167 0x02d4  clr_optimization_v4.0.30319_32 - ok
13:12:09.0183 0x02d4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:12:09.0214 0x02d4  clr_optimization_v4.0.30319_64 - ok
13:12:09.0261 0x02d4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:12:09.0307 0x02d4  CmBatt - ok
13:12:09.0339 0x02d4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:12:09.0354 0x02d4  cmdide - ok
13:12:09.0479 0x02d4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
13:12:09.0541 0x02d4  CNG - ok
13:12:09.0557 0x02d4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:12:09.0573 0x02d4  Compbatt - ok
13:12:09.0619 0x02d4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:12:09.0651 0x02d4  CompositeBus - ok
13:12:09.0666 0x02d4  COMSysApp - ok
13:12:09.0682 0x02d4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:12:09.0697 0x02d4  crcdisk - ok
13:12:09.0744 0x02d4  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:12:09.0807 0x02d4  CryptSvc - ok
13:12:09.0916 0x02d4  [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:12:09.0963 0x02d4  cvhsvc - ok
13:12:10.0025 0x02d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:12:10.0103 0x02d4  DcomLaunch - ok
13:12:10.0259 0x02d4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:12:10.0337 0x02d4  defragsvc - ok
13:12:10.0400 0x02d4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:12:10.0462 0x02d4  DfsC - ok
13:12:10.0524 0x02d4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:12:10.0556 0x02d4  Dhcp - ok
13:12:10.0680 0x02d4  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
13:12:10.0790 0x02d4  DiagTrack - ok
13:12:10.0821 0x02d4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:12:10.0883 0x02d4  discache - ok
13:12:10.0977 0x02d4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
13:12:11.0008 0x02d4  Disk - ok
13:12:11.0024 0x02d4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:12:11.0070 0x02d4  Dnscache - ok
13:12:11.0102 0x02d4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:12:11.0148 0x02d4  dot3svc - ok
13:12:11.0195 0x02d4  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:12:11.0273 0x02d4  Dot4 - ok
13:12:11.0304 0x02d4  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:12:11.0351 0x02d4  Dot4Print - ok
13:12:11.0398 0x02d4  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:12:11.0445 0x02d4  dot4usb - ok
13:12:11.0507 0x02d4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
13:12:11.0570 0x02d4  DPS - ok
13:12:11.0648 0x02d4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:12:11.0710 0x02d4  drmkaud - ok
13:12:11.0850 0x02d4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:12:11.0897 0x02d4  DXGKrnl - ok
13:12:11.0975 0x02d4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:12:12.0053 0x02d4  EapHost - ok
13:12:12.0178 0x02d4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:12:12.0318 0x02d4  ebdrv - ok
13:12:12.0350 0x02d4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
13:12:12.0396 0x02d4  EFS - ok
13:12:12.0474 0x02d4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:12:12.0521 0x02d4  ehRecvr - ok
13:12:12.0537 0x02d4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:12:12.0568 0x02d4  ehSched - ok
13:12:12.0615 0x02d4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:12:12.0630 0x02d4  elxstor - ok
13:12:12.0662 0x02d4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:12:12.0693 0x02d4  ErrDev - ok
13:12:12.0755 0x02d4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:12:12.0802 0x02d4  EventSystem - ok
13:12:12.0849 0x02d4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:12:12.0911 0x02d4  exfat - ok
13:12:12.0974 0x02d4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:12:13.0052 0x02d4  fastfat - ok
13:12:13.0130 0x02d4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
13:12:13.0176 0x02d4  Fax - ok
13:12:13.0192 0x02d4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
13:12:13.0223 0x02d4  fdc - ok
13:12:13.0254 0x02d4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:12:13.0286 0x02d4  fdPHost - ok
13:12:13.0332 0x02d4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:12:13.0379 0x02d4  FDResPub - ok
13:12:13.0410 0x02d4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:12:13.0426 0x02d4  FileInfo - ok
13:12:13.0457 0x02d4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:12:13.0535 0x02d4  Filetrace - ok
13:12:13.0566 0x02d4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:12:13.0582 0x02d4  flpydisk - ok
13:12:13.0629 0x02d4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:12:13.0660 0x02d4  FltMgr - ok
13:12:13.0754 0x02d4  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
13:12:13.0832 0x02d4  FontCache - ok
13:12:13.0894 0x02d4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:12:13.0910 0x02d4  FontCache3.0.0.0 - ok
13:12:13.0925 0x02d4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:12:13.0941 0x02d4  FsDepends - ok
13:12:14.0003 0x02d4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:12:14.0034 0x02d4  Fs_Rec - ok
13:12:14.0097 0x02d4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:12:14.0128 0x02d4  fvevol - ok
13:12:14.0175 0x02d4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:12:14.0190 0x02d4  gagp30kx - ok
13:12:14.0222 0x02d4  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:12:14.0237 0x02d4  GEARAspiWDM - ok
13:12:14.0409 0x02d4  [ 55FC14B287C6FF306C32B42628CE0D8C, F22D7BA248D616A76AFAC5DA21A419FF13BC4346F402685F6FC6671B04528110 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:12:14.0440 0x02d4  GfExperienceService - ok
13:12:14.0596 0x02d4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:12:14.0674 0x02d4  gpsvc - ok
13:12:14.0783 0x02d4  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:12:14.0799 0x02d4  gupdate - ok
13:12:14.0830 0x02d4  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:12:14.0846 0x02d4  gupdatem - ok
13:12:14.0877 0x02d4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:12:14.0939 0x02d4  hcw85cir - ok
13:12:14.0986 0x02d4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:12:15.0017 0x02d4  HdAudAddService - ok
13:12:15.0142 0x02d4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:12:15.0189 0x02d4  HDAudBus - ok
13:12:15.0220 0x02d4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:12:15.0267 0x02d4  HidBatt - ok
13:12:15.0282 0x02d4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:12:15.0314 0x02d4  HidBth - ok
13:12:15.0314 0x02d4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:12:15.0392 0x02d4  HidIr - ok
13:12:15.0454 0x02d4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:12:15.0516 0x02d4  hidserv - ok
13:12:15.0594 0x02d4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:12:15.0626 0x02d4  HidUsb - ok
13:12:15.0672 0x02d4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:12:15.0704 0x02d4  hkmsvc - ok
13:12:15.0797 0x02d4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:12:15.0875 0x02d4  HomeGroupListener - ok
13:12:15.0891 0x02d4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:12:15.0938 0x02d4  HomeGroupProvider - ok
13:12:16.0172 0x02d4  [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:12:16.0218 0x02d4  hpqcxs08 - ok
13:12:16.0265 0x02d4  [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:12:16.0296 0x02d4  hpqddsvc - ok
13:12:16.0328 0x02d4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:12:16.0343 0x02d4  HpSAMD - ok
13:12:16.0671 0x02d4  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Users\Tim\AppData\Local\Temp\7zS7CBE\hpslpsvc64.dll
13:12:16.0733 0x02d4  HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
13:12:19.0198 0x02d4  Detect skipped due to KSN trusted
13:12:19.0198 0x02d4  HPSLPSVC - ok
13:12:19.0292 0x02d4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:12:19.0354 0x02d4  HTTP - ok
13:12:19.0385 0x02d4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:12:19.0385 0x02d4  hwpolicy - ok
13:12:19.0432 0x02d4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:12:19.0463 0x02d4  i8042prt - ok
13:12:19.0510 0x02d4  [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
13:12:19.0541 0x02d4  iaStor - ok
13:12:19.0604 0x02d4  [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:12:19.0619 0x02d4  IAStorDataMgrSvc - ok
13:12:19.0666 0x02d4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:12:19.0697 0x02d4  iaStorV - ok
13:12:19.0822 0x02d4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:12:19.0869 0x02d4  idsvc - ok
13:12:19.0916 0x02d4  IEEtwCollectorService - ok
13:12:20.0150 0x02d4  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:12:20.0399 0x02d4  igfx - ok
13:12:20.0446 0x02d4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:12:20.0462 0x02d4  iirsp - ok
13:12:20.0540 0x02d4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
13:12:20.0633 0x02d4  IKEEXT - ok
13:12:20.0789 0x02d4  [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:12:20.0945 0x02d4  IntcAzAudAddService - ok
13:12:20.0976 0x02d4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
13:12:20.0992 0x02d4  intelide - ok
13:12:21.0008 0x02d4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:12:21.0054 0x02d4  intelppm - ok
13:12:21.0086 0x02d4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:12:21.0148 0x02d4  IPBusEnum - ok
13:12:21.0242 0x02d4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:12:21.0288 0x02d4  IpFilterDriver - ok
13:12:21.0351 0x02d4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:12:21.0429 0x02d4  iphlpsvc - ok
13:12:21.0444 0x02d4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:12:21.0476 0x02d4  IPMIDRV - ok
13:12:21.0491 0x02d4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:12:21.0600 0x02d4  IPNAT - ok
13:12:21.0710 0x02d4  [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:12:21.0756 0x02d4  iPod Service - ok
13:12:21.0803 0x02d4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:12:21.0850 0x02d4  IRENUM - ok
13:12:21.0881 0x02d4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:12:21.0897 0x02d4  isapnp - ok
13:12:21.0944 0x02d4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:12:21.0959 0x02d4  iScsiPrt - ok
13:12:22.0006 0x02d4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:12:22.0022 0x02d4  kbdclass - ok
13:12:22.0037 0x02d4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:12:22.0053 0x02d4  kbdhid - ok
13:12:22.0115 0x02d4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
13:12:22.0146 0x02d4  KeyIso - ok
13:12:22.0193 0x02d4  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:12:22.0209 0x02d4  KSecDD - ok
13:12:22.0240 0x02d4  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:12:22.0271 0x02d4  KSecPkg - ok
13:12:22.0287 0x02d4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:12:22.0334 0x02d4  ksthunk - ok
13:12:22.0427 0x02d4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:12:22.0474 0x02d4  KtmRm - ok
13:12:22.0646 0x02d4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:12:22.0724 0x02d4  LanmanServer - ok
13:12:22.0755 0x02d4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:12:22.0802 0x02d4  LanmanWorkstation - ok
13:12:22.0848 0x02d4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:12:22.0880 0x02d4  lltdio - ok
13:12:22.0926 0x02d4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:12:22.0958 0x02d4  lltdsvc - ok
13:12:22.0973 0x02d4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:12:23.0051 0x02d4  lmhosts - ok
13:12:23.0160 0x02d4  [ 1584DEEAE5AA0E3FB045F3D0EAC585EA, 27DE800E2A609827D9D972F7B9D196870E5875F9A09FB0CC3EBBC593294D7BDD ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:12:23.0192 0x02d4  LMS - ok
13:12:23.0301 0x02d4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:12:23.0316 0x02d4  LSI_FC - ok
13:12:23.0363 0x02d4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:12:23.0379 0x02d4  LSI_SAS - ok
13:12:23.0504 0x02d4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:12:23.0519 0x02d4  LSI_SAS2 - ok
13:12:23.0566 0x02d4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:12:23.0582 0x02d4  LSI_SCSI - ok
13:12:23.0660 0x02d4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:12:23.0722 0x02d4  luafv - ok
13:12:23.0847 0x02d4  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
13:12:23.0862 0x02d4  MBAMProtector - ok
13:12:24.0050 0x02d4  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:12:24.0096 0x02d4  MBAMScheduler - ok
13:12:24.0190 0x02d4  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:12:24.0206 0x02d4  MBAMService - ok
13:12:24.0315 0x02d4  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:12:24.0330 0x02d4  MBAMSwissArmy - ok
13:12:24.0346 0x02d4  [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:12:24.0362 0x02d4  MBAMWebAccessControl - ok
13:12:24.0580 0x02d4  [ 61E27025735991FB61E2B5324357CEE5, 3D145E558625A33336DDE3A9B3A3214D6AC2EBF8E35C19E5CE755C1F97568C0F ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
13:12:24.0611 0x02d4  McComponentHostService - ok
13:12:24.0689 0x02d4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:12:24.0720 0x02d4  Mcx2Svc - ok
13:12:24.0752 0x02d4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:12:24.0767 0x02d4  megasas - ok
13:12:24.0814 0x02d4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:12:24.0845 0x02d4  MegaSR - ok
13:12:24.0876 0x02d4  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\drivers\HECIx64.sys
13:12:24.0908 0x02d4  MEIx64 - ok
13:12:24.0986 0x02d4  [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
13:12:25.0001 0x02d4  MemeoBackgroundService - ok
13:12:25.0001 0x02d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:12:25.0079 0x02d4  MMCSS - ok
13:12:25.0142 0x02d4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:12:25.0204 0x02d4  Modem - ok
13:12:25.0266 0x02d4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:12:25.0282 0x02d4  monitor - ok
13:12:25.0313 0x02d4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:12:25.0329 0x02d4  mouclass - ok
13:12:25.0422 0x02d4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:12:25.0469 0x02d4  mouhid - ok
13:12:25.0516 0x02d4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:12:25.0547 0x02d4  mountmgr - ok
13:12:25.0703 0x02d4  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:12:25.0719 0x02d4  MozillaMaintenance - ok
13:12:25.0750 0x02d4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:12:25.0766 0x02d4  mpio - ok
13:12:25.0781 0x02d4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:12:25.0812 0x02d4  mpsdrv - ok
13:12:25.0906 0x02d4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:12:26.0062 0x02d4  MpsSvc - ok
13:12:26.0093 0x02d4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:12:26.0124 0x02d4  MRxDAV - ok
13:12:26.0156 0x02d4  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:12:26.0187 0x02d4  mrxsmb - ok
13:12:26.0249 0x02d4  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:12:26.0312 0x02d4  mrxsmb10 - ok
13:12:26.0327 0x02d4  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:12:26.0390 0x02d4  mrxsmb20 - ok
13:12:26.0468 0x02d4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:12:26.0483 0x02d4  msahci - ok
13:12:26.0514 0x02d4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:12:26.0530 0x02d4  msdsm - ok
13:12:26.0546 0x02d4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:12:26.0561 0x02d4  MSDTC - ok
13:12:26.0577 0x02d4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:12:26.0639 0x02d4  Msfs - ok
13:12:26.0764 0x02d4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:12:26.0842 0x02d4  mshidkmdf - ok
13:12:26.0858 0x02d4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:12:26.0858 0x02d4  msisadrv - ok
13:12:26.0920 0x02d4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:12:26.0967 0x02d4  MSiSCSI - ok
13:12:26.0967 0x02d4  msiserver - ok
13:12:27.0014 0x02d4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:12:27.0029 0x02d4  MSKSSRV - ok
13:12:27.0060 0x02d4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:12:27.0107 0x02d4  MSPCLOCK - ok
13:12:27.0138 0x02d4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:12:27.0154 0x02d4  MSPQM - ok
13:12:27.0216 0x02d4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:12:27.0263 0x02d4  MsRPC - ok
13:12:27.0279 0x02d4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:12:27.0294 0x02d4  mssmbios - ok
13:12:27.0310 0x02d4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:12:27.0357 0x02d4  MSTEE - ok
13:12:27.0372 0x02d4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:12:27.0388 0x02d4  MTConfig - ok
13:12:27.0388 0x02d4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:12:27.0404 0x02d4  Mup - ok
13:12:27.0450 0x02d4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
13:12:27.0513 0x02d4  napagent - ok
13:12:27.0560 0x02d4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:12:27.0591 0x02d4  NativeWifiP - ok
13:12:27.0716 0x02d4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:12:27.0762 0x02d4  NDIS - ok
13:12:27.0794 0x02d4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:12:27.0856 0x02d4  NdisCap - ok
13:12:27.0887 0x02d4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:12:27.0950 0x02d4  NdisTapi - ok
13:12:27.0996 0x02d4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:12:28.0028 0x02d4  Ndisuio - ok
13:12:28.0059 0x02d4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:12:28.0090 0x02d4  NdisWan - ok
13:12:28.0121 0x02d4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:12:28.0137 0x02d4  NDProxy - ok
13:12:28.0184 0x02d4  [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:12:28.0199 0x02d4  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:12:30.0680 0x02d4  Detect skipped due to KSN trusted
13:12:30.0680 0x02d4  Net Driver HPZ12 - ok
13:12:30.0773 0x02d4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:12:30.0945 0x02d4  NetBIOS - ok
13:12:31.0007 0x02d4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:12:31.0101 0x02d4  NetBT - ok
13:12:31.0132 0x02d4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
13:12:31.0163 0x02d4  Netlogon - ok
13:12:31.0226 0x02d4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:12:31.0304 0x02d4  Netman - ok
13:12:31.0382 0x02d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0397 0x02d4  NetMsmqActivator - ok
13:12:31.0444 0x02d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0460 0x02d4  NetPipeActivator - ok
13:12:31.0491 0x02d4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:12:31.0538 0x02d4  netprofm - ok
13:12:31.0584 0x02d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0600 0x02d4  NetTcpActivator - ok
13:12:31.0600 0x02d4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0616 0x02d4  NetTcpPortSharing - ok
13:12:31.0694 0x02d4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:12:31.0709 0x02d4  nfrd960 - ok
13:12:31.0756 0x02d4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:12:31.0818 0x02d4  NlaSvc - ok
13:12:31.0850 0x02d4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:12:31.0896 0x02d4  Npfs - ok
13:12:31.0928 0x02d4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:12:31.0974 0x02d4  nsi - ok
13:12:32.0021 0x02d4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:12:32.0068 0x02d4  nsiproxy - ok
13:12:32.0177 0x02d4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:12:32.0286 0x02d4  Ntfs - ok
13:12:32.0318 0x02d4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:12:32.0380 0x02d4  Null - ok
13:12:32.0442 0x02d4  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:12:32.0458 0x02d4  NVHDA - ok
13:12:32.0864 0x02d4  [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:12:33.0300 0x02d4  nvlddmkm - ok
13:12:33.0534 0x02d4  [ DCAA93D28D6FC75A4D80AE410008BA90, 7EDB69747C95FB68A4DF1932CF45E078DE94364D7A37D83A29952977A41D1FD7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:12:33.0566 0x02d4  NvNetworkService - ok
13:12:33.0675 0x02d4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:12:33.0706 0x02d4  nvraid - ok
13:12:33.0722 0x02d4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:12:33.0737 0x02d4  nvstor - ok
13:12:33.0878 0x02d4  [ 9408391358F3B9FD0F59E27151383C51, 777A41DE1D8D71833369D1335A083BA8F197317CB62D0E65EFFCC9760D84F2AB ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:12:33.0893 0x02d4  NvStreamKms - ok
13:12:33.0909 0x02d4  NvStreamSvc - ok
13:12:34.0002 0x02d4  [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:12:34.0049 0x02d4  nvsvc - ok
13:12:34.0127 0x02d4  [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:12:34.0143 0x02d4  nvvad_WaveExtensible - ok
13:12:34.0174 0x02d4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:12:34.0205 0x02d4  nv_agp - ok
13:12:34.0236 0x02d4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:12:34.0268 0x02d4  ohci1394 - ok
13:12:34.0424 0x02d4  [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
13:12:34.0548 0x02d4  Origin Client Service - ok
13:12:34.0626 0x02d4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:12:34.0642 0x02d4  ose - ok
13:12:34.0860 0x02d4  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:12:35.0048 0x02d4  osppsvc - ok
13:12:35.0094 0x02d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:12:35.0157 0x02d4  p2pimsvc - ok
13:12:35.0188 0x02d4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:12:35.0266 0x02d4  p2psvc - ok
13:12:35.0297 0x02d4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
13:12:35.0344 0x02d4  Parport - ok
13:12:35.0391 0x02d4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:12:35.0406 0x02d4  partmgr - ok
13:12:35.0469 0x02d4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:12:35.0547 0x02d4  PcaSvc - ok
13:12:35.0578 0x02d4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
13:12:35.0594 0x02d4  pci - ok
13:12:35.0656 0x02d4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
13:12:35.0672 0x02d4  pciide - ok
13:12:35.0703 0x02d4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:12:35.0718 0x02d4  pcmcia - ok
13:12:35.0750 0x02d4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:12:35.0765 0x02d4  pcw - ok
13:12:35.0812 0x02d4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:12:35.0921 0x02d4  PEAUTH - ok
13:12:36.0030 0x02d4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:12:36.0062 0x02d4  PerfHost - ok
13:12:36.0155 0x02d4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
13:12:36.0249 0x02d4  pla - ok
13:12:36.0311 0x02d4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:12:36.0389 0x02d4  PlugPlay - ok
13:12:36.0436 0x02d4  [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:12:36.0467 0x02d4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:12:38.0916 0x02d4  Detect skipped due to KSN trusted
13:12:38.0916 0x02d4  Pml Driver HPZ12 - ok
13:12:38.0932 0x02d4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:12:38.0979 0x02d4  PNRPAutoReg - ok
13:12:39.0010 0x02d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:12:39.0041 0x02d4  PNRPsvc - ok
13:12:39.0104 0x02d4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:12:39.0150 0x02d4  PolicyAgent - ok
13:12:39.0197 0x02d4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:12:39.0244 0x02d4  Power - ok
13:12:39.0291 0x02d4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:12:39.0353 0x02d4  PptpMiniport - ok
13:12:39.0384 0x02d4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
13:12:39.0416 0x02d4  Processor - ok
13:12:39.0447 0x02d4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:12:39.0478 0x02d4  ProfSvc - ok
13:12:39.0494 0x02d4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:12:39.0509 0x02d4  ProtectedStorage - ok
13:12:39.0556 0x02d4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:12:39.0603 0x02d4  Psched - ok
13:12:39.0681 0x02d4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:12:39.0743 0x02d4  ql2300 - ok
13:12:39.0806 0x02d4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:12:39.0821 0x02d4  ql40xx - ok
13:12:39.0884 0x02d4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:12:39.0915 0x02d4  QWAVE - ok
13:12:39.0930 0x02d4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:12:39.0946 0x02d4  QWAVEdrv - ok
13:12:39.0962 0x02d4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:12:39.0993 0x02d4  RasAcd - ok
13:12:40.0071 0x02d4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:12:40.0133 0x02d4  RasAgileVpn - ok
13:12:40.0227 0x02d4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:12:40.0274 0x02d4  RasAuto - ok
13:12:40.0336 0x02d4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:12:40.0398 0x02d4  Rasl2tp - ok
13:12:40.0445 0x02d4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
13:12:40.0508 0x02d4  RasMan - ok
13:12:40.0586 0x02d4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:12:40.0632 0x02d4  RasPppoe - ok
13:12:40.0679 0x02d4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:12:40.0742 0x02d4  RasSstp - ok
13:12:40.0804 0x02d4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:12:40.0913 0x02d4  rdbss - ok
13:12:40.0913 0x02d4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
13:12:40.0944 0x02d4  rdpbus - ok
13:12:40.0960 0x02d4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:12:41.0007 0x02d4  RDPCDD - ok
13:12:41.0054 0x02d4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:12:41.0116 0x02d4  RDPENCDD - ok
13:12:41.0132 0x02d4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:12:41.0163 0x02d4  RDPREFMP - ok
13:12:41.0225 0x02d4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:12:41.0272 0x02d4  RDPWD - ok
13:12:41.0319 0x02d4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:12:41.0334 0x02d4  rdyboost - ok
13:12:41.0350 0x02d4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:12:41.0381 0x02d4  RemoteAccess - ok
13:12:41.0475 0x02d4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:12:41.0522 0x02d4  RemoteRegistry - ok
13:12:41.0522 0x02d4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:12:41.0553 0x02d4  RpcEptMapper - ok
13:12:41.0631 0x02d4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:12:41.0678 0x02d4  RpcLocator - ok
13:12:41.0709 0x02d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
13:12:41.0756 0x02d4  RpcSs - ok
13:12:41.0818 0x02d4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:12:41.0865 0x02d4  rspndr - ok
13:12:42.0005 0x02d4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:12:42.0052 0x02d4  RTL8167 - ok
13:12:42.0130 0x02d4  [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
13:12:42.0146 0x02d4  RTL8192su - ok
13:12:42.0161 0x02d4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
13:12:42.0177 0x02d4  SamSs - ok
13:12:42.0192 0x02d4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:12:42.0208 0x02d4  sbp2port - ok
13:12:42.0239 0x02d4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:12:42.0270 0x02d4  SCardSvr - ok
13:12:42.0286 0x02d4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:12:42.0317 0x02d4  scfilter - ok
13:12:42.0458 0x02d4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
13:12:42.0520 0x02d4  Schedule - ok
13:12:42.0598 0x02d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:12:42.0645 0x02d4  SCPolicySvc - ok
13:12:42.0660 0x02d4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:12:42.0692 0x02d4  SDRSVC - ok
13:12:42.0785 0x02d4  [ 4A5809A1D796E2675AC0332BF7B0CB11, 7EEEC85A397F04A9460DC37A070D115E19114D9A3E5D9D7E8021F60A7986C8C1 ] SeaPort         C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:12:42.0816 0x02d4  SeaPort - ok
13:12:42.0832 0x02d4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:12:42.0863 0x02d4  secdrv - ok
13:12:42.0894 0x02d4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
13:12:42.0941 0x02d4  seclogon - ok
13:12:43.0004 0x02d4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:12:43.0050 0x02d4  SENS - ok
13:12:43.0097 0x02d4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:12:43.0191 0x02d4  SensrSvc - ok
13:12:43.0191 0x02d4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
13:12:43.0238 0x02d4  Serenum - ok
13:12:43.0284 0x02d4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
13:12:43.0316 0x02d4  Serial - ok
13:12:43.0378 0x02d4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:12:43.0440 0x02d4  sermouse - ok
13:12:43.0456 0x02d4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
13:12:43.0487 0x02d4  SessionEnv - ok
13:12:43.0518 0x02d4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:12:43.0565 0x02d4  sffdisk - ok
13:12:43.0581 0x02d4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:12:43.0596 0x02d4  sffp_mmc - ok
13:12:43.0596 0x02d4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:12:43.0612 0x02d4  sffp_sd - ok
13:12:43.0612 0x02d4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:12:43.0659 0x02d4  sfloppy - ok
13:12:43.0752 0x02d4  [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
13:12:43.0799 0x02d4  Sftfs - ok
13:12:43.0862 0x02d4  [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:12:43.0893 0x02d4  sftlist - ok
13:12:43.0955 0x02d4  [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:12:43.0986 0x02d4  Sftplay - ok
13:12:44.0018 0x02d4  [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:12:44.0033 0x02d4  Sftredir - ok
13:12:44.0033 0x02d4  [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
13:12:44.0049 0x02d4  Sftvol - ok
13:12:44.0080 0x02d4  [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:12:44.0096 0x02d4  sftvsa - ok
13:12:44.0189 0x02d4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:12:44.0298 0x02d4  SharedAccess - ok
13:12:44.0330 0x02d4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:12:44.0392 0x02d4  ShellHWDetection - ok
13:12:44.0439 0x02d4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:12:44.0454 0x02d4  SiSRaid2 - ok
13:12:44.0470 0x02d4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:12:44.0486 0x02d4  SiSRaid4 - ok
13:12:44.0595 0x02d4  [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:12:44.0610 0x02d4  SkypeUpdate - ok
13:12:44.0673 0x02d4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:12:44.0720 0x02d4  Smb - ok
13:12:44.0922 0x02d4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:12:44.0954 0x02d4  SNMPTRAP - ok
13:12:44.0985 0x02d4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:12:45.0000 0x02d4  spldr - ok
13:12:45.0063 0x02d4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
13:12:45.0141 0x02d4  Spooler - ok
13:12:45.0266 0x02d4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
13:12:45.0453 0x02d4  sppsvc - ok
13:12:45.0468 0x02d4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:12:45.0531 0x02d4  sppuinotify - ok
13:12:45.0562 0x02d4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:12:45.0624 0x02d4  srv - ok
13:12:45.0656 0x02d4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:12:45.0702 0x02d4  srv2 - ok
13:12:45.0734 0x02d4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:12:45.0780 0x02d4  srvnet - ok
13:12:45.0812 0x02d4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:12:45.0874 0x02d4  SSDPSRV - ok
13:12:45.0936 0x02d4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:12:45.0983 0x02d4  SstpSvc - ok
13:12:46.0124 0x02d4  [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:12:46.0139 0x02d4  Steam Client Service - ok
13:12:46.0248 0x02d4  [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:12:46.0280 0x02d4  Stereo Service - ok
13:12:46.0311 0x02d4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:12:46.0311 0x02d4  stexstor - ok
13:12:46.0358 0x02d4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
13:12:46.0436 0x02d4  stisvc - ok
13:12:46.0467 0x02d4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:12:46.0498 0x02d4  swenum - ok
13:12:46.0592 0x02d4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:12:46.0654 0x02d4  swprv - ok
13:12:46.0779 0x02d4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
13:12:46.0919 0x02d4  SysMain - ok
13:12:46.0950 0x02d4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:12:46.0966 0x02d4  TabletInputService - ok
13:12:46.0982 0x02d4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:12:47.0028 0x02d4  TapiSrv - ok
13:12:47.0044 0x02d4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:12:47.0106 0x02d4  TBS - ok
13:12:47.0200 0x02d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:12:47.0340 0x02d4  Tcpip - ok
13:12:47.0450 0x02d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:12:47.0528 0x02d4  TCPIP6 - ok
13:12:47.0559 0x02d4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:12:47.0590 0x02d4  tcpipreg - ok
13:12:47.0621 0x02d4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:12:47.0668 0x02d4  TDPIPE - ok
13:12:47.0668 0x02d4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:12:47.0699 0x02d4  TDTCP - ok
13:12:47.0730 0x02d4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:12:47.0762 0x02d4  tdx - ok
13:12:47.0793 0x02d4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:12:47.0808 0x02d4  TermDD - ok
13:12:47.0871 0x02d4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
13:12:47.0980 0x02d4  TermService - ok
13:12:47.0980 0x02d4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:12:48.0027 0x02d4  Themes - ok
13:12:48.0058 0x02d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:12:48.0089 0x02d4  THREADORDER - ok
13:12:48.0105 0x02d4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:12:48.0152 0x02d4  TrkWks - ok
13:12:48.0214 0x02d4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:12:48.0276 0x02d4  TrustedInstaller - ok
13:12:48.0386 0x02d4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:12:48.0510 0x02d4  tssecsrv - ok
13:12:48.0526 0x02d4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:12:48.0573 0x02d4  TsUsbFlt - ok
13:12:48.0604 0x02d4  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:12:48.0620 0x02d4  TsUsbGD - ok
13:12:48.0666 0x02d4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:12:48.0744 0x02d4  tunnel - ok
13:12:48.0807 0x02d4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:12:48.0822 0x02d4  uagp35 - ok
13:12:48.0916 0x02d4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:12:48.0978 0x02d4  udfs - ok
13:12:49.0088 0x02d4  [ 88A68DA9B38708A511CEAFEAB0383849, 27F1FD389E9C5FE202D888F89137FA30146CAF9439F0D101F9D7F1D3BA106F56 ] UHSfiltv        C:\Windows\system32\drivers\UHSfiltv.sys
13:12:49.0119 0x02d4  UHSfiltv - ok
13:12:49.0134 0x02d4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:12:49.0166 0x02d4  UI0Detect - ok
13:12:49.0228 0x02d4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:12:49.0244 0x02d4  uliagpkx - ok
13:12:49.0322 0x02d4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:12:49.0353 0x02d4  umbus - ok
13:12:49.0400 0x02d4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:12:49.0446 0x02d4  UmPass - ok
13:12:49.0587 0x02d4  [ FC43877B4625F6EB773C98233EB625C5, 2294E1981A3323606FBD8FC9B35EEC85F47C6E0F6F73C1F6346B5A3492D53F40 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:12:49.0634 0x02d4  UNS - ok
13:12:49.0665 0x02d4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:12:49.0712 0x02d4  upnphost - ok
13:12:49.0774 0x02d4  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:12:49.0805 0x02d4  USBAAPL64 - ok
13:12:49.0852 0x02d4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:12:49.0914 0x02d4  usbaudio - ok
13:12:49.0946 0x02d4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:12:49.0992 0x02d4  usbccgp - ok
13:12:50.0039 0x02d4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:12:50.0086 0x02d4  usbcir - ok
13:12:50.0148 0x02d4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:12:50.0180 0x02d4  usbehci - ok
13:12:50.0289 0x02d4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:12:50.0336 0x02d4  usbhub - ok
13:12:50.0351 0x02d4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:12:50.0398 0x02d4  usbohci - ok
13:12:50.0429 0x02d4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:12:50.0445 0x02d4  usbprint - ok
13:12:50.0460 0x02d4  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:12:50.0492 0x02d4  usbscan - ok
13:12:50.0523 0x02d4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:12:50.0601 0x02d4  USBSTOR - ok
13:12:50.0632 0x02d4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:12:50.0663 0x02d4  usbuhci - ok
13:12:50.0694 0x02d4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:12:50.0772 0x02d4  UxSms - ok
13:12:50.0804 0x02d4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
13:12:50.0835 0x02d4  VaultSvc - ok
13:12:50.0960 0x02d4  [ CD74DB141650A8E131F30250381E5A77, C3F6CC4FA70D73A0453126AD6FB1A8A285A6B66EC2C661D9B4F798F8D9CB3976 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
13:12:50.0975 0x02d4  VBoxAswDrv - ok
13:12:51.0038 0x02d4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:12:51.0069 0x02d4  vdrvroot - ok
13:12:51.0100 0x02d4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
13:12:51.0147 0x02d4  vds - ok
13:12:51.0209 0x02d4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:12:51.0240 0x02d4  vga - ok
13:12:51.0256 0x02d4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:12:51.0334 0x02d4  VgaSave - ok
13:12:51.0350 0x02d4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:12:51.0381 0x02d4  vhdmp - ok
13:12:51.0396 0x02d4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:12:51.0412 0x02d4  viaide - ok
13:12:51.0428 0x02d4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:12:51.0443 0x02d4  volmgr - ok
13:12:51.0490 0x02d4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:12:51.0506 0x02d4  volmgrx - ok
13:12:51.0537 0x02d4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:12:51.0552 0x02d4  volsnap - ok
13:12:51.0584 0x02d4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:12:51.0599 0x02d4  vsmraid - ok
13:12:51.0740 0x02d4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
13:12:51.0880 0x02d4  VSS - ok
13:12:51.0927 0x02d4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:12:51.0958 0x02d4  vwifibus - ok
13:12:51.0989 0x02d4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:12:52.0036 0x02d4  vwififlt - ok
13:12:52.0114 0x02d4  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
13:12:52.0145 0x02d4  vwifimp - ok
13:12:52.0208 0x02d4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:12:52.0270 0x02d4  W32Time - ok
13:12:52.0286 0x02d4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:12:52.0301 0x02d4  WacomPen - ok
13:12:52.0348 0x02d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:12:52.0395 0x02d4  WANARP - ok
13:12:52.0457 0x02d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:12:52.0488 0x02d4  Wanarpv6 - ok
13:12:52.0613 0x02d4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:12:52.0644 0x02d4  WatAdminSvc - ok
13:12:52.0754 0x02d4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
13:12:52.0847 0x02d4  wbengine - ok
13:12:52.0878 0x02d4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:12:52.0910 0x02d4  WbioSrvc - ok
13:12:52.0956 0x02d4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:12:52.0972 0x02d4  wcncsvc - ok
13:12:53.0003 0x02d4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:12:53.0034 0x02d4  WcsPlugInService - ok
13:12:53.0066 0x02d4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
13:12:53.0066 0x02d4  Wd - ok
13:12:53.0144 0x02d4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:12:53.0190 0x02d4  Wdf01000 - ok
13:12:53.0268 0x02d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:12:53.0315 0x02d4  WdiServiceHost - ok
13:12:53.0315 0x02d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:12:53.0346 0x02d4  WdiSystemHost - ok
13:12:53.0393 0x02d4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
13:12:53.0456 0x02d4  WebClient - ok
13:12:53.0487 0x02d4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:12:53.0534 0x02d4  Wecsvc - ok
13:12:53.0596 0x02d4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:12:53.0643 0x02d4  wercplsupport - ok
13:12:53.0705 0x02d4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:12:53.0736 0x02d4  WerSvc - ok
13:12:53.0799 0x02d4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:12:53.0830 0x02d4  WfpLwf - ok
13:12:53.0861 0x02d4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:12:53.0861 0x02d4  WIMMount - ok
13:12:53.0877 0x02d4  WinDefend - ok
13:12:53.0892 0x02d4  WinHttpAutoProxySvc - ok
13:12:53.0955 0x02d4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:12:54.0033 0x02d4  Winmgmt - ok
13:12:54.0142 0x02d4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
13:12:54.0376 0x02d4  WinRM - ok
13:12:54.0438 0x02d4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
13:12:54.0470 0x02d4  WinUsb - ok
13:12:54.0516 0x02d4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:12:54.0626 0x02d4  Wlansvc - ok
13:12:54.0735 0x02d4  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:12:54.0750 0x02d4  wlcrasvc - ok
13:12:54.0906 0x02d4  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:12:54.0953 0x02d4  wlidsvc - ok
13:12:54.0984 0x02d4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:12:55.0016 0x02d4  WmiAcpi - ok
13:12:55.0047 0x02d4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:12:55.0094 0x02d4  wmiApSrv - ok
13:12:55.0125 0x02d4  WMPNetworkSvc - ok
13:12:55.0172 0x02d4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:12:55.0234 0x02d4  WPCSvc - ok
13:12:55.0265 0x02d4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:12:55.0296 0x02d4  WPDBusEnum - ok
13:12:55.0328 0x02d4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:12:55.0359 0x02d4  ws2ifsl - ok
13:12:55.0374 0x02d4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
13:12:55.0437 0x02d4  wscsvc - ok
13:12:55.0437 0x02d4  WSearch - ok
13:12:55.0530 0x02d4  [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd            C:\Windows\system32\DRIVERS\wsvd.sys
13:12:55.0546 0x02d4  wsvd - ok
13:12:55.0686 0x02d4  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:12:55.0796 0x02d4  wuauserv - ok
13:12:55.0827 0x02d4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:12:55.0858 0x02d4  WudfPf - ok
13:12:55.0936 0x02d4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
13:12:55.0967 0x02d4  WUDFRd - ok
13:12:55.0983 0x02d4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:12:55.0998 0x02d4  wudfsvc - ok
13:12:56.0030 0x02d4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:12:56.0108 0x02d4  WwanSvc - ok
13:12:56.0139 0x02d4  ================ Scan global ===============================
13:12:56.0170 0x02d4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:12:56.0217 0x02d4  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:12:56.0232 0x02d4  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:12:56.0279 0x02d4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:12:56.0326 0x02d4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:12:56.0342 0x02d4  [ Global ] - ok
13:12:56.0342 0x02d4  ================ Scan MBR ==================================
13:12:56.0357 0x02d4  [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
13:12:58.0869 0x02d4  \Device\Harddisk0\DR0 - ok
13:12:58.0869 0x02d4  ================ Scan VBR ==================================
13:12:58.0931 0x02d4  [ 619A03A875D85497D559FA3E19E9DE27 ] \Device\Harddisk0\DR0\Partition1
13:12:59.0056 0x02d4  \Device\Harddisk0\DR0\Partition1 - ok
13:12:59.0087 0x02d4  [ DC8E50B44761646F6E2907248AD0737C ] \Device\Harddisk0\DR0\Partition2
13:12:59.0181 0x02d4  \Device\Harddisk0\DR0\Partition2 - ok
13:12:59.0228 0x02d4  [ E690196DF433B7303FFF50578E9387AE ] \Device\Harddisk0\DR0\Partition3
13:12:59.0228 0x02d4  \Device\Harddisk0\DR0\Partition3 - ok
13:12:59.0228 0x02d4  ================ Scan generic autorun ======================
13:12:59.0664 0x02d4  [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:12:59.0898 0x02d4  RTHDVCPL - ok
13:13:00.0008 0x02d4  [ 7E25F1EFFDF50F702DE3D9E8F6B8CC47, F1857D2966D2A31DD067A7E8015842FC2757E4BFFEC961726D3C14947824C5C9 ] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
13:13:00.0023 0x02d4  MedionReminder - ok
13:13:00.0210 0x02d4  [ D9133D4157664B1E2ACFC2CD56CCB599, 0B2B8EE7D45962026A30833D3D7F59FB1FB07085904C2E77A10714F38910E462 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:13:00.0273 0x02d4  NvBackend - ok
13:13:00.0288 0x02d4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
13:13:00.0320 0x02d4  ShadowPlay - ok
13:13:00.0382 0x02d4  [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
13:13:00.0413 0x02d4  IAStorIcon - ok
13:13:00.0476 0x02d4  [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:13:00.0522 0x02d4  Adobe ARM - ok
13:13:00.0678 0x02d4  [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
13:13:00.0694 0x02d4  CLMLServer - ok
13:13:00.0741 0x02d4  [ DDEFF7E98629203E66BB4298FABC5983, 59CBE0A49AAA93898831B1D64FFB1D0809736CABB4D19843DB2E99C2650D1AD9 ] C:\Program Files (x86)\PDF24\pdf24.exe
13:13:00.0756 0x02d4  PDFPrint - ok
13:13:00.0959 0x02d4  [ 06964B7DE858BB6317164BF184E9C766, ADE3D2A7256A8F3F11B6E35979413850EB22B9BBADCE3EC73BE04A1622512126 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:13:01.0068 0x02d4  AvastUI.exe - ok
13:13:01.0146 0x02d4  [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
13:13:01.0162 0x02d4  HP Software Update - ok
13:13:01.0240 0x02d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:13:01.0365 0x02d4  Sidebar - ok
13:13:01.0396 0x02d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:13:01.0427 0x02d4  mctadmin - ok
13:13:01.0458 0x02d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:13:01.0490 0x02d4  Sidebar - ok
13:13:01.0490 0x02d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:13:01.0505 0x02d4  mctadmin - ok
13:13:01.0739 0x02d4  [ 532E8929C8D71E0C4DE405D8995907CF, 2477918259E4D884509FD73948F6783BF696CBF19D18059EE9D44515B196D60A ] C:\Program Files (x86)\Steam\Steam.exe
13:13:01.0817 0x02d4  Steam - ok
13:13:02.0082 0x02d4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
13:13:02.0098 0x02d4  Google Update - ok
13:13:02.0098 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:03.0112 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:04.0126 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:05.0140 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:06.0154 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:07.0168 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:08.0182 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:09.0196 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:10.0210 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:11.0224 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:12.0238 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:13.0252 0x02d4  Waiting for KSN requests completion. In queue: 121
13:13:14.0391 0x02d4  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2215.880 ), 0x41000 ( enabled : updated )
13:13:14.0438 0x02d4  Win FW state via NFP2: enabled ( trusted )
13:13:16.0934 0x02d4  ============================================================
13:13:16.0934 0x02d4  Scan finished
13:13:16.0934 0x02d4  ============================================================
13:13:16.0934 0x15ec  Detected object count: 0
13:13:16.0934 0x15ec  Actual detected object count: 0
         

Alt 31.07.2015, 09:34   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.07.2015, 14:13   #6
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Es gab beim ersten Installieren ein Problem (frierte ein bei der Installation), weswegen ich es ein zweites mal installieren musste.

Code:
ATTFilter
ComboFix 15-07-31.01 - Tim 31.07.2015  13:15:15.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4078.1736 [GMT 2:00]
ausgeführt von:: c:\users\Tim\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tim\AppData\Local\Temp\7zS7CBE\HPSLPSVC64.DLL
c:\windows\msdownld.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-06-28 bis 2015-07-31  ))))))))))))))))))))))))))))))
.
.
2015-07-31 11:29 . 2015-07-31 11:29	--------	d-----w-	c:\users\Mcx1-TIM-PC\AppData\Local\temp
2015-07-31 11:29 . 2015-07-31 11:29	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-07-30 10:30 . 2015-07-30 11:09	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-29 19:26 . 2015-07-29 19:33	--------	d-----w-	C:\FRST
2015-07-28 12:55 . 2015-07-25 18:04	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-07-28 12:55 . 2015-07-25 18:04	765440	----a-w-	c:\windows\system32\invagent.dll
2015-07-28 12:55 . 2015-07-25 18:03	433664	----a-w-	c:\windows\system32\devinv.dll
2015-07-28 12:55 . 2015-07-25 18:03	1085440	----a-w-	c:\windows\system32\appraiser.dll
2015-07-28 12:55 . 2015-07-25 18:03	67584	----a-w-	c:\windows\system32\acmigration.dll
2015-07-28 12:55 . 2015-07-25 17:55	1145856	----a-w-	c:\windows\system32\aeinv.dll
2015-07-28 12:55 . 2015-07-25 18:07	17856	----a-w-	c:\windows\system32\CompatTelRunner.exe
2015-07-28 12:55 . 2015-07-25 18:03	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-07-27 02:53 . 2015-07-27 02:53	0	----a-w-	c:\windows\SysWow64\sho4F88.tmp
2015-07-27 00:47 . 2015-07-27 00:47	--------	d-----w-	c:\program files\McAfee Security Scan
2015-07-23 14:22 . 2015-07-23 14:22	--------	d-----w-	c:\users\Tim\AppData\Local\CEF
2015-07-22 18:11 . 2015-07-22 18:11	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2015-07-21 14:05 . 2015-07-31 11:38	113880	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-21 14:04 . 2015-07-30 11:18	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-07-21 14:04 . 2015-06-18 06:41	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-07-21 14:04 . 2015-06-18 06:41	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-07-21 14:04 . 2015-07-21 19:26	--------	d-----w-	c:\program files (x86)\ Malwarebytes Anti-Malware 
2015-07-21 14:04 . 2015-07-21 14:04	--------	d-----w-	c:\programdata\Malwarebytes
2015-07-21 11:15 . 2015-07-15 03:19	41984	----a-w-	c:\windows\system32\lpk.dll
2015-07-21 11:15 . 2015-07-15 03:19	100864	----a-w-	c:\windows\system32\fontsub.dll
2015-07-21 11:15 . 2015-07-15 03:19	14336	----a-w-	c:\windows\system32\dciman32.dll
2015-07-21 11:15 . 2015-07-15 03:19	46080	----a-w-	c:\windows\system32\atmlib.dll
2015-07-21 11:15 . 2015-07-15 02:55	70656	----a-w-	c:\windows\SysWow64\fontsub.dll
2015-07-21 11:15 . 2015-07-15 02:55	10240	----a-w-	c:\windows\SysWow64\dciman32.dll
2015-07-21 11:15 . 2015-07-15 02:55	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2015-07-21 11:15 . 2015-07-15 02:54	25600	----a-w-	c:\windows\SysWow64\lpk.dll
2015-07-21 11:15 . 2015-07-15 01:59	372224	----a-w-	c:\windows\system32\atmfd.dll
2015-07-21 11:15 . 2015-07-15 01:52	299008	----a-w-	c:\windows\SysWow64\atmfd.dll
2015-07-20 22:35 . 2015-07-20 22:35	--------	d-----w-	c:\program files (x86)\SEGA
2015-07-20 22:31 . 2015-07-20 22:31	--------	d-----w-	c:\users\Tim\AppData\Roaming\InstallShield
2015-07-19 16:41 . 2015-07-19 16:41	0	----a-w-	c:\windows\SysWow64\sho54F7.tmp
2015-07-19 00:29 . 2015-06-17 09:10	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-07-19 00:29 . 2015-06-17 09:10	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-07-19 00:25 . 2015-06-17 06:03	571024	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2015-07-16 08:46 . 2015-07-16 08:46	0	----a-w-	c:\windows\SysWow64\sho4D75.tmp
2015-07-15 13:48 . 2015-07-15 13:48	18524336	----a-w-	c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-07-15 13:12 . 2015-07-03 05:56	235216	----a-w-	c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-07-15 13:11 . 2015-06-15 21:50	112064	----a-w-	c:\windows\system32\consent.exe
2015-07-15 13:11 . 2015-06-15 21:45	504320	----a-w-	c:\windows\system32\msihnd.dll
2015-07-15 13:11 . 2015-06-15 21:45	3242496	----a-w-	c:\windows\system32\msi.dll
2015-07-15 13:11 . 2015-06-15 21:45	70656	----a-w-	c:\windows\system32\appinfo.dll
2015-07-15 13:11 . 2015-06-15 21:45	1941504	----a-w-	c:\windows\system32\authui.dll
2015-07-15 13:11 . 2015-06-15 21:44	128000	----a-w-	c:\windows\system32\msiexec.exe
2015-07-15 13:11 . 2015-06-15 21:43	337408	----a-w-	c:\windows\SysWow64\msihnd.dll
2015-07-15 13:11 . 2015-06-15 21:43	2364416	----a-w-	c:\windows\SysWow64\msi.dll
2015-07-15 13:11 . 2015-06-15 21:43	1805824	----a-w-	c:\windows\SysWow64\authui.dll
2015-07-15 13:11 . 2015-06-15 21:42	73216	----a-w-	c:\windows\SysWow64\msiexec.exe
2015-07-15 13:11 . 2015-06-15 21:42	25088	----a-w-	c:\windows\system32\msimsg.dll
2015-07-15 13:11 . 2015-06-15 21:37	25088	----a-w-	c:\windows\SysWow64\msimsg.dll
2015-07-14 18:51 . 2015-07-14 18:51	0	----a-w-	c:\windows\SysWow64\shoC7A4.tmp
2015-07-09 19:52 . 2015-07-09 19:52	--------	d-----w-	c:\users\Tim\AppData\Local\YSearchUtil
2015-07-09 19:52 . 2015-07-09 19:52	--------	d-----w-	c:\program files (x86)\Yahoo!
2015-07-08 17:52 . 2015-07-08 17:52	0	----a-w-	c:\windows\SysWow64\shoB75.tmp
2015-07-08 17:02 . 2015-07-08 17:02	0	----a-w-	c:\windows\SysWow64\shoCD55.tmp
2015-07-06 23:32 . 2015-07-06 23:32	0	----a-w-	c:\windows\SysWow64\sho5153.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 13:48 . 2012-08-09 00:47	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 13:48 . 2011-09-29 16:10	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-09 19:49 . 2014-06-30 23:33	97888	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-06-17 09:10 . 2014-07-01 21:12	1571696	----a-w-	c:\windows\system32\nvspcap64.dll
2015-06-17 09:10 . 2014-07-01 21:12	1320304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-06-17 09:10 . 2014-07-01 21:09	1567576	----a-w-	c:\windows\system32\nvhdagenco6420103.dll
2015-06-17 09:10 . 2014-07-01 21:08	61616	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-06-17 06:48 . 2011-09-29 15:56	937616	----a-w-	c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2011-09-29 15:56	62792	----a-w-	c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2011-09-29 15:56	385168	----a-w-	c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2011-09-29 15:56	2558792	----a-w-	c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2011-09-29 15:56	6873232	----a-w-	c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2011-09-29 15:56	3492168	----a-w-	c:\windows\system32\nvsvc64.dll
2015-06-17 01:07 . 2015-06-17 01:07	0	----a-w-	c:\windows\SysWow64\shoAE8F.tmp
2015-06-12 09:42 . 2015-06-12 09:42	0	----a-w-	c:\windows\SysWow64\shoA238.tmp
2015-06-02 14:11 . 2014-07-01 21:11	4421614	----a-w-	c:\windows\system32\nvcoproc.bin
2015-05-31 02:10 . 2015-05-31 02:10	0	----a-w-	c:\windows\SysWow64\sho6186.tmp
2015-05-29 00:04 . 2015-05-29 00:04	0	----a-w-	c:\windows\SysWow64\shoAB5B.tmp
2015-05-25 18:24 . 2015-06-11 08:05	5569984	----a-w-	c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-11 08:05	1728960	----a-w-	c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-11 08:05	362496	----a-w-	c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-11 08:05	243712	----a-w-	c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-11 08:05	13312	----a-w-	c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-11 08:05	215040	----a-w-	c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-11 08:05	1255424	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-11 08:05	879104	----a-w-	c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-11 08:05	503808	----a-w-	c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-11 08:05	50176	----a-w-	c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-11 08:05	113664	----a-w-	c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-11 08:05	16384	----a-w-	c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-11 08:05	424960	----a-w-	c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-11 08:05	1162752	----a-w-	c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-11 08:05	43520	----a-w-	c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-11 08:05	879104	----a-w-	c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-11 08:05	47104	----a-w-	c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-11 08:05	404992	----a-w-	c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-11 08:05	112640	----a-w-	c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-11 08:05	296960	----a-w-	c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-11 08:05	43008	----a-w-	c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-11 08:05	104448	----a-w-	c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-11 08:05	19456	----a-w-	c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-11 08:05	338432	----a-w-	c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-11 08:05	4608	---ha-w-	c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	4608	---ha-w-	c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	6144	---ha-w-	c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	6656	----a-w-	c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	5120	---ha-w-	c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-11 08:05	3989440	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-11 08:05	3934144	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-11 08:05	1310744	----a-w-	c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-11 08:05	635392	----a-w-	c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-11 08:05	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-11 08:05	92160	----a-w-	c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-11 08:05	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-11 08:05	641536	----a-w-	c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-11 08:05	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-11 08:05	40448	----a-w-	c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-11 08:05	364544	----a-w-	c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-11 08:05	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-11 08:05	37888	----a-w-	c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-11 08:05	82944	----a-w-	c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-11 08:05	17408	----a-w-	c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-11 08:05	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-11 08:05	274944	----a-w-	c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-11 08:05	4608	---ha-w-	c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05	6656	----a-w-	c:\windows\SysWow64\apisetschema.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-07-23 2895552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-02-06 189480]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-15 5512912]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"MSN Toolbar"="c:\program files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe" [2009-11-16 240992]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.149\SSScheduler.exe [2015-6-26 330456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 UHSfiltv;UHSfiltv;c:\windows\system32\drivers\UHSfiltv.sys;c:\windows\SYSNATIVE\drivers\UHSfiltv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-28 23:17	995144	----a-w-	c:\program files (x86)\Google\Chrome\Application\44.0.2403.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 13:48]
.
2015-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-07 23:34]
.
2015-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-07 23:34]
.
2015-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-03 14:05]
.
2015-07-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-03 14:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-15 19:20	722400	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-17 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-17 1571696]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
uDefault_Search_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mSearch Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uInternet Settings,ProxyOverride = <-loopback>
IE: &Citavi Picker... - file://c:\program files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\
FF - prefs.js: browser.startup.homepage - hxxps://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre1.8.0_45\bin\jusched.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4254080380-16762214-4038314476-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:92,7e,4b,24,8b,46,33,9b,dc,15,60,7e,dc,e5,a9,37,2c,1b,d4,0c,97,2c,95,
   4c,40,ac,42,26,4a,d2,fd,4b,78,4f,7a,6b,ec,f3,ea,47,de,e2,24,80,c4,6e,5c,19,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-4254080380-16762214-4038314476-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:95,94,32,7d,6a,dc,f4,cf,75,e0,a4,d9,9f,cf,d9,17,72,18,1f,fa,4c,
   b4,40,23,32,d3,18,b8,e3,5b,64,d3,d2,c9,fc,2f,08,51,9e,31,31,e4,91,4b,d6,eb,\
"rkeysecu"=hex:0c,01,85,43,d9,94,1a,d5,71,29,87,48,26,17,d9,45
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-31  13:48:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-07-31 11:48
.
Vor Suchlauf: 10 Verzeichnis(se), 1.271.791.714.304 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 1.275.014.422.528 Bytes frei
.
- - End Of File - - 51D4443DCFEF7CA996C719A1196DC70C
         

Alt 01.08.2015, 13:17   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.08.2015, 20:53   #8
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Anti-Malware:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 01.08.2015
Suchlaufzeit: 20:13
Protokolldatei: 
Administrator: Ja

Version: 0.0.0.0000
Malware-Datenbank: v2015.08.01.06
Rootkit-Datenbank: v2015.07.30.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Tim

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 446440
Abgelaufene Zeit: 28 Min., 36 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ADW-Cleaner

Code:
ATTFilter
# AdwCleaner v4.208 - Bericht erstellt 01/08/2015 um 20:29:31
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Tim - TIM-PC
# Gestarted von : C:\Users\Tim\Desktop\AdwCleaner_4.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
Ordner Gelöscht : C:\Users\Tim\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Tim\AppData\Local\YSearchUtil
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\RHEng
[!] Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\wpe66st4.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\user.js
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\wpe66st4.default\user.js
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.searchnu.com_0.localstorage
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.searchnu.com_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\Kromtech
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\iLividSRTB
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\AIM Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchnu.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49847;hxxps=127.0.0.1:49847
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17909


-\\ Mozilla Firefox v39.0 (x86 de)

[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "istartsurf");
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "istartsurf");
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756&q={searchTerms}");
[wpe66st4.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=9413301700654312&o=APN10645&q=");

-\\ Google Chrome v44.0.2403.125

[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9413301700654312&q={searchTerms}
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M46533BF2-FEED-4930-A7FD-A13C5DB766E6&SearchSource=58&CUI=&UM=6&UP=SP7831373F-6402-492A-B493-D4BD255C436B&q={searchTerms}&SSPV=
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1421094515&from=cvs&uid=ST2000DL003-9VT166_6YD19SSYXXXX6YD19SSY&q={searchTerms}
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=dspp&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756&q={searchTerms}
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.istartsurf.com/?type=hppp&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756

-\\ Chromium v


*************************

AdwCleaner[R0].txt - [7208 Bytes] - [01/08/2015 20:17:07]
AdwCleaner[R1].txt - [7267 Bytes] - [01/08/2015 20:25:43]
AdwCleaner[S0].txt - [6668 Bytes] - [01/08/2015 20:29:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6727  Bytes] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Tim on 01.08.2015 at 20:40:42,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer



~~~ Files

Successfully deleted: [File] C:\Windows\SysWOW64\sho12E0.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho162D.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho1843.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho2CB1.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho2FC8.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho3607.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho3788.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho44DD.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho451E.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho47DB.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4A8C.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4D75.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4E2F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4F88.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5153.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5320.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho54F7.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho59F3.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5A95.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6186.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho627A.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6461.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6483.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho689D.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6B57.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6B70.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho715C.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho7BF2.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho7FCA.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho8372.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho8392.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho8A6A.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho9292.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho95C9.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho9717.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho97DE.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA238.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA267.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA315.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA40F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA56B.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoAB1F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoAB5B.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoAE8F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoB75.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoB9E5.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoC0F8.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoC7A4.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoCB8E.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoCD55.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD00F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD191.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoDAC.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoE0FE.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoE643.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoF126.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoF772.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoFB87.tmp



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{00DCEC11-FC6D-416A-AF73-7CFD79B7F60E}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{09789DAB-F44E-495C-8EC2-3C6286FB4623}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{0C241C1C-C907-4BFE-8352-5B4E45867FCF}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{152EAD4C-1E61-4847-A223-F5DBF11C2EA2}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{1B85D89C-D6AC-40B6-A609-8553A5680B00}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{2005420E-0422-4A58-8E41-27FD692209A3}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{29A7DCB5-3BCA-4B3F-9F09-23CFE4B6ED25}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{2E4B0399-36C6-4F2E-AC16-716F26A57CD4}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{2FC234E4-8DC3-4159-94E1-80ECD01B7936}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{331396FF-B502-4C1E-8319-CBFF39AA70DA}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{42DA2664-F1CC-4909-B1FC-1C62A3B7AD5D}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{4461E600-01F9-495C-9977-C423D0F13869}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{5B9756E3-B07C-45F3-ADAD-EFA05A785606}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{5DF01866-55DE-4D78-AA22-DF97DA64C62A}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{638428FF-F065-45CB-9DD4-29D3D9C8BB72}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{63DAB7D5-7266-4B0A-A43F-22A49AC2B7DD}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{69B1F1F5-9AC6-4D57-95CE-B3421BB05079}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{724B7388-E913-43BE-BAB9-A5CBAD0B465C}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{80E92B4C-576E-4870-99D7-6BBF825879D0}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{82FFD8A1-9362-491D-BAF9-EDBD9E78AB0E}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{88C86DE3-6FF9-4D17-9367-316C5C4666C0}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{8CBC55FE-262A-48D8-B638-B10367F48431}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{9BE3D82C-B519-49BF-A2BD-358FADA2A385}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{9E6060B8-4F89-48E1-A7BB-5EB4E1E70815}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{A0241C2A-205E-406A-B767-33A6B915E9A2}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{A11F28A3-1ECF-408F-B2C5-16554E444260}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{A2AFEEA2-04E4-4376-B2DF-30E41C05B83D}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{B2C96E29-08B0-4CF9-B360-588411E4F417}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{B40DA1A3-5A20-4C47-99D7-35B44397606D}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{BB71535D-B92E-4998-B339-7A948B4D393E}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{BFA97763-EB1E-4789-947B-E974A0F7D834}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{C60D3D90-4809-4DD3-812E-962D3D94F9B1}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{CA80ECA7-58A9-4408-81A7-1E35C5C3E5A7}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{D07F5952-B6CD-4559-B625-151E5A85823F}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{E595534C-60EF-4A36-B30B-BDA403FF2E6B}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{E998C336-786B-4B1C-A966-CD3FFB419170}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{EE33735C-B451-496D-94C8-E428618FD9F9}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{EF3CE935-3381-4C1E-AC8F-1C507C120990}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{FD0B576A-3853-4FF5-9695-C1FA8032F36B}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{FF7BF16A-B40F-46D0-BC27-DB3C0D443B60}
Successfully deleted: [Folder] C:\ProgramData\google



~~~ FireFox

Successfully deleted the following from C:\Users\Tim\AppData\Roaming\mozilla\firefox\profiles\oh9vloy6.default-1435741436466\prefs.js

user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, xtab);
user_pref(browser.search.searchengine.uid, 6D0406E2F7954c35AD9100F84F8CB756);
Emptied folder: C:\Users\Tim\AppData\Roaming\mozilla\firefox\profiles\oh9vloy6.default-1435741436466\minidumps [1 files]



~~~ Chrome


[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.08.2015 at 20:47:57,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Frisches FRST und danke für deine Hilfe nochmals:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
durchgeführt von Tim (Administrator) auf TIM-PC (01-08-2015 20:51:49)
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49847;https=127.0.0.1:49847
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466
FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05]
FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23]
FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08]
CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08]
CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-01 20:51 - 2015-08-01 20:51 - 00000000 ____D C:\Users\Tim\Desktop\FRST-OlderVersion
2015-08-01 20:47 - 2015-08-01 20:47 - 00009546 _____ C:\Users\Tim\Desktop\JRT.txt
2015-08-01 20:17 - 2015-08-01 20:30 - 00000000 ____D C:\AdwCleaner
2015-08-01 19:38 - 2015-08-01 19:38 - 02248704 _____ C:\Users\Tim\Desktop\AdwCleaner_4.208.exe
2015-08-01 19:38 - 2015-08-01 19:38 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Tim\Desktop\JRT.exe
2015-07-31 13:48 - 2015-07-31 13:48 - 00035287 _____ C:\ComboFix.txt
2015-07-31 13:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-31 13:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-31 13:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-31 13:04 - 2015-07-31 13:49 - 00000000 ____D C:\Qoobox
2015-07-31 13:04 - 2015-07-31 13:44 - 00000000 ____D C:\Windows\erdnt
2015-07-31 13:01 - 2015-07-31 13:02 - 05633745 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2015-07-30 12:30 - 2015-07-30 13:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-30 12:29 - 2015-07-30 13:09 - 00000000 ____D C:\Users\Tim\Desktop\mbar
2015-07-30 12:27 - 2015-07-30 12:28 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe
2015-07-30 12:27 - 2015-07-30 12:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2015-07-29 22:09 - 2015-07-29 22:09 - 00005796 _____ C:\Users\Tim\Desktop\timtt.txt
2015-07-29 22:09 - 2015-07-29 22:09 - 00001196 _____ C:\Users\Tim\Desktop\tim.txt
2015-07-29 21:31 - 2015-07-29 21:33 - 00064694 _____ C:\Users\Tim\Desktop\Addition.txt
2015-07-29 21:28 - 2015-08-01 20:51 - 00022711 _____ C:\Users\Tim\Desktop\FRST.txt
2015-07-29 21:26 - 2015-08-01 20:51 - 00000000 ____D C:\FRST
2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log
2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable
2015-07-29 21:24 - 2015-08-01 20:51 - 02168832 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe
2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe
2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-27 02:25 - 2015-08-01 02:16 - 00026047 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt
2015-07-26 16:00 - 2015-07-30 19:57 - 53185442 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip
2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-22 20:09 - 2015-07-22 20:09 - 01198368 _____ C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe
2015-07-22 20:06 - 2015-07-22 20:07 - 01260832 _____ C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt
2015-07-21 16:05 - 2015-08-01 20:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-30 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA
2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield
2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls
2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls
2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k
2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe
2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-01 20:48 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-01 20:41 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-01 20:41 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-01 20:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
2015-08-01 20:33 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-01 20:33 - 2009-07-14 06:51 - 00461432 _____ C:\Windows\setupact.log
2015-08-01 20:32 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 20:32 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-01 20:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-01 20:31 - 2012-08-07 19:28 - 01888763 _____ C:\Windows\WindowsUpdate.log
2015-08-01 20:30 - 2012-08-07 19:33 - 00000955 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-01 20:29 - 2014-04-12 22:22 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-01 20:29 - 2012-08-07 19:30 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2015-08-01 20:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-01 12:23 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-01 02:07 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2015-07-31 23:49 - 2014-05-24 21:10 - 00000000 ____D C:\ProgramData\Origin
2015-07-31 23:47 - 2014-05-24 21:10 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-31 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
2015-07-31 21:02 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien
2015-07-31 13:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-31 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-31 13:37 - 2010-11-21 05:47 - 00541176 _____ C:\Windows\PFRO.log
2015-07-29 21:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim
2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni
2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log
2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log
2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA
2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core
2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt
2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-09 22:05 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle
2015-07-09 21:53 - 2011-11-10 16:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-09 21:49 - 2014-07-01 01:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel
2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262}
2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log
2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-06-27 16:49

==================== Ende von log ============================
         

Geändert von Stannis B. (01.08.2015 um 20:50 Uhr)

Alt 02.08.2015, 12:32   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.08.2015, 02:13   #10
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



EOS:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9572d6a75b5be44f8941a5c542706b16
# end=init
# utc_time=2015-08-03 09:16:52
# local_time=2015-08-03 11:16:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25106
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9572d6a75b5be44f8941a5c542706b16
# end=updated
# utc_time=2015-08-03 09:19:03
# local_time=2015-08-03 11:19:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9572d6a75b5be44f8941a5c542706b16
# engine=25106
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-04 12:04:35
# local_time=2015-08-04 02:04:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 4025851 203067165 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 65090294 190276525 0 0
# scanned=406474
# found=5
# cleaned=0
# scan_time=9931
sh=E13FAB8E570DA5FA5FB6EA4AF92837E624B98211 ft=1 fh=c71c0011a617a106 vn="Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tim\AppData\Local\iLivid\Helper.dll.vir"
sh=A8DA28B546A8041EDF55A731A1C14FE644ECC84F ft=1 fh=f6eb7d106e1da1ce vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
sh=105303FE365ECFF894384ECB9E552069997316C1 ft=1 fh=3d4ecacdb46663a8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe"
sh=0B1B68B5CBA14A1C21CEFAE0EA9B4088450F77C6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip"
sh=F4C85D5D754DB9CAF262D5D2E00751647A536836 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung" ac=I fn="D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip"
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.006  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 45  
 Java version 32-bit out of Date! 
 Adobe Flash Player 18.0.0.209  
 Adobe Reader 10.1.1 Adobe Reader out of Date!  
 Mozilla Firefox (39.0) 
 Google Chrome (44.0.2403.107) 
 Google Chrome (44.0.2403.125) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Tim (Administrator) auf TIM-PC (04-08-2015 02:46:57)
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49847;https=127.0.0.1:49847
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466
FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05]
FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23]
FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08]
CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08]
CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-03 23:14 - 2015-08-03 23:16 - 02870984 _____ (ESET) C:\Users\Tim\Desktop\esetsmartinstaller_deu.exe
2015-08-03 23:14 - 2015-08-03 23:14 - 00852684 _____ C:\Users\Tim\Desktop\SecurityCheck.exe
2015-08-01 20:51 - 2015-08-04 02:46 - 00000000 ____D C:\Users\Tim\Desktop\FRST-OlderVersion
2015-08-01 20:47 - 2015-08-01 20:47 - 00009546 _____ C:\Users\Tim\Desktop\JRT.txt
2015-08-01 20:17 - 2015-08-01 20:30 - 00000000 ____D C:\AdwCleaner
2015-08-01 19:38 - 2015-08-01 19:38 - 02248704 _____ C:\Users\Tim\Desktop\AdwCleaner_4.208.exe
2015-08-01 19:38 - 2015-08-01 19:38 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Tim\Desktop\JRT.exe
2015-07-31 13:48 - 2015-07-31 13:48 - 00035287 _____ C:\ComboFix.txt
2015-07-31 13:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-31 13:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-31 13:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-31 13:04 - 2015-07-31 13:49 - 00000000 ____D C:\Qoobox
2015-07-31 13:04 - 2015-07-31 13:44 - 00000000 ____D C:\Windows\erdnt
2015-07-31 13:01 - 2015-07-31 13:02 - 05633745 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2015-07-30 12:30 - 2015-07-30 13:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-30 12:29 - 2015-07-30 13:09 - 00000000 ____D C:\Users\Tim\Desktop\mbar
2015-07-30 12:27 - 2015-07-30 12:28 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe
2015-07-30 12:27 - 2015-07-30 12:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2015-07-29 22:09 - 2015-07-29 22:09 - 00005796 _____ C:\Users\Tim\Desktop\timtt.txt
2015-07-29 22:09 - 2015-07-29 22:09 - 00001196 _____ C:\Users\Tim\Desktop\tim.txt
2015-07-29 21:31 - 2015-07-29 21:33 - 00064694 _____ C:\Users\Tim\Desktop\Addition.txt
2015-07-29 21:28 - 2015-08-04 02:47 - 00025920 _____ C:\Users\Tim\Desktop\FRST.txt
2015-07-29 21:26 - 2015-08-04 02:47 - 00000000 ____D C:\FRST
2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log
2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable
2015-07-29 21:24 - 2015-08-04 02:46 - 02169856 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe
2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe
2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-27 02:25 - 2015-08-01 02:16 - 00026047 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt
2015-07-26 16:00 - 2015-07-30 19:57 - 53185442 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip
2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-22 20:09 - 2015-07-22 20:09 - 01198368 _____ C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe
2015-07-22 20:06 - 2015-07-22 20:07 - 01260832 _____ C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt
2015-07-21 16:05 - 2015-08-04 00:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-30 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA
2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield
2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls
2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls
2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k
2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe
2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 02:43 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2015-08-04 02:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
2015-08-04 02:34 - 2012-08-07 19:28 - 02011332 _____ C:\Windows\WindowsUpdate.log
2015-08-04 02:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 01:49 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-03 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
2015-08-03 21:15 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-03 21:14 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-03 21:14 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-03 21:08 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-03 21:03 - 2009-07-14 06:51 - 00462496 _____ C:\Windows\setupact.log
2015-08-03 21:02 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-03 21:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-03 12:24 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-01 20:30 - 2012-08-07 19:33 - 00000955 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-01 20:29 - 2014-04-12 22:22 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-01 20:29 - 2012-08-07 19:30 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2015-07-31 23:49 - 2014-05-24 21:10 - 00000000 ____D C:\ProgramData\Origin
2015-07-31 23:47 - 2014-05-24 21:10 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-31 21:02 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien
2015-07-31 13:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-31 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-31 13:37 - 2010-11-21 05:47 - 00541176 _____ C:\Windows\PFRO.log
2015-07-29 21:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim
2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni
2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log
2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log
2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA
2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core
2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt
2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-09 22:05 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle
2015-07-09 21:53 - 2011-11-10 16:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-09 21:49 - 2014-07-01 01:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel
2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262}
2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log
2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-06-27 16:49

==================== Ende von log ============================
         
Ich schau mal ob es jetzt noch zu Problemen kommt

Geändert von Stannis B. (04.08.2015 um 02:49 Uhr)

Alt 04.08.2015, 13:26   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Java und adobe updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe

C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe

D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip

D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip
RemoveProxy:
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Downloadverhalten überdenken:
CHIP-Installer - was ist das? - Anleitungen



Frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.08.2015, 17:26   #12
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Tim (2015-08-04 16:31:08) Run:1
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe

C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe

D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip

D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip
RemoveProxy:
Emptytemp:
*****************

C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe => erfolgreich verschoben.
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip => erfolgreich verschoben.
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip => erfolgreich verschoben.

========= RemoveProxy: =========

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========

EmptyTemp: => 1.4 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 16:33:59 ====
         
FRST

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von Tim (Administrator) auf TIM-PC (04-08-2015 17:08:20)
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{33E8EBC9-D93A-2445-B7A6-C65E2B29A627}\YSearchUtilSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Users\Tim\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ==================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> DefaultScope {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  Keine Datei
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466
FF Homepage: https://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05]
FF Extension: New Tab by Yahoo - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-06-22]
FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23]
FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome: 
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08]
CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08]
CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{33E8EBC9-D93A-2445-B7A6-C65E2B29A627}\YSearchUtilSvc.exe [152344 2015-06-29] (Yahoo Inc.)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 16:28 - 2015-08-04 16:28 - 01825464 _____ (Adobe Systems Incorporated) C:\Users\Tim\Downloads\AcroRd32.exe
2015-08-04 16:28 - 2015-08-04 16:28 - 01825464 _____ (Adobe Systems Incorporated) C:\Users\Tim\Desktop\AcroRd32.exe
2015-08-04 16:27 - 2015-08-04 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-08-04 16:25 - 2015-08-04 16:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-08-04 16:25 - 2015-08-04 16:25 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-08-04 16:19 - 2015-08-04 16:19 - 00000000 ____D C:\Users\Tim\AppData\Local\YSearchUtil
2015-08-04 16:17 - 2015-08-04 16:16 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-04 16:16 - 2015-08-04 16:16 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-04 16:11 - 2015-08-04 16:11 - 00562784 _____ (Oracle Corporation) C:\Users\Tim\Desktop\jxpiinstall(1).exe
2015-08-03 23:14 - 2015-08-03 23:16 - 02870984 _____ (ESET) C:\Users\Tim\Desktop\esetsmartinstaller_deu.exe
2015-08-03 23:14 - 2015-08-03 23:14 - 00852684 _____ C:\Users\Tim\Desktop\SecurityCheck.exe
2015-08-01 20:51 - 2015-08-04 02:46 - 00000000 ____D C:\Users\Tim\Desktop\FRST-OlderVersion
2015-08-01 20:47 - 2015-08-01 20:47 - 00009546 _____ C:\Users\Tim\Desktop\JRT.txt
2015-08-01 20:17 - 2015-08-01 20:30 - 00000000 ____D C:\AdwCleaner
2015-08-01 19:38 - 2015-08-01 19:38 - 02248704 _____ C:\Users\Tim\Desktop\AdwCleaner_4.208.exe
2015-08-01 19:38 - 2015-08-01 19:38 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Tim\Desktop\JRT.exe
2015-07-31 13:48 - 2015-07-31 13:48 - 00035287 _____ C:\ComboFix.txt
2015-07-31 13:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-31 13:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-31 13:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-31 13:04 - 2015-07-31 13:49 - 00000000 ____D C:\Qoobox
2015-07-31 13:04 - 2015-07-31 13:44 - 00000000 ____D C:\Windows\erdnt
2015-07-31 13:01 - 2015-07-31 13:02 - 05633745 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2015-07-30 12:30 - 2015-07-30 13:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-30 12:29 - 2015-07-30 13:09 - 00000000 ____D C:\Users\Tim\Desktop\mbar
2015-07-30 12:27 - 2015-07-30 12:28 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe
2015-07-30 12:27 - 2015-07-30 12:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2015-07-29 22:09 - 2015-07-29 22:09 - 00005796 _____ C:\Users\Tim\Desktop\timtt.txt
2015-07-29 22:09 - 2015-07-29 22:09 - 00001196 _____ C:\Users\Tim\Desktop\tim.txt
2015-07-29 21:31 - 2015-08-04 02:48 - 00066864 _____ C:\Users\Tim\Desktop\Addition.txt
2015-07-29 21:28 - 2015-08-04 17:10 - 00026002 _____ C:\Users\Tim\Desktop\FRST.txt
2015-07-29 21:26 - 2015-08-04 17:08 - 00000000 ____D C:\FRST
2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log
2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable
2015-07-29 21:24 - 2015-08-04 02:46 - 02169856 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe
2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe
2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-27 02:25 - 2015-08-01 02:16 - 00026047 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt
2015-07-26 16:00 - 2015-07-30 19:57 - 53185442 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip
2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt
2015-07-21 16:05 - 2015-08-04 17:06 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-30 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA
2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield
2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls
2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls
2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k
2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe
2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-04 17:06 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-04 17:06 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 17:05 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-04 17:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 17:05 - 2009-07-14 06:51 - 00463056 _____ C:\Windows\setupact.log
2015-08-04 17:04 - 2010-11-21 05:47 - 00543298 _____ C:\Windows\PFRO.log
2015-08-04 17:03 - 2012-08-07 19:28 - 02059718 _____ C:\Windows\WindowsUpdate.log
2015-08-04 16:48 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-04 16:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
2015-08-04 16:28 - 2012-08-08 03:11 - 00000000 ____D C:\Users\Tim\AppData\Local\Adobe
2015-08-04 16:25 - 2011-09-29 18:04 - 00000000 ____D C:\ProgramData\Adobe
2015-08-04 16:25 - 2011-09-29 18:04 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-08-04 16:17 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle
2015-08-04 16:17 - 2013-10-04 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-04 16:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 16:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-04 15:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-04 15:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-04 15:13 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-04 02:53 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2015-08-03 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
2015-08-01 20:30 - 2012-08-07 19:33 - 00000955 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-01 20:29 - 2014-04-12 22:22 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-01 20:29 - 2012-08-07 19:30 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2015-07-31 23:49 - 2014-05-24 21:10 - 00000000 ____D C:\ProgramData\Origin
2015-07-31 23:47 - 2014-05-24 21:10 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-31 21:02 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien
2015-07-31 13:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-31 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-29 21:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim
2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni
2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log
2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log
2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA
2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core
2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt
2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel
2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262}
2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log
2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini

==================== Bamital & volsnap Check =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-04 16:01

==================== Ende von log ============================
         

Alt 05.08.2015, 09:05   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.08.2015, 20:29   #14
Stannis B.
 
Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Ich danke dir schonmal für deine Hilfe. Nur eine Frage noch, ist der untere Teil ein vorgefertigter Text den du immer postest ? Weil ich benutze Firefox und die Windows Firewall ist auch an ?

Gruß,
Tim

Alt 06.08.2015, 07:05   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Standard

Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.



Ja, ein Allround-Absicherungstext. Da kann sich jeder das raus picken was für ihn taugt

wenn ich den Käse jedesmal tippen müsste könnte ich nur noch 3 Usern am Tag helfen, anstatt 100
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.
antivirus, browser, desktop, fehlermeldung, firefox, flash player, google, home, homepage, iexplore.exe, installation, langsam, mozilla, npdicihegicnhaangkdmcgbjceoemeoo, programm, prozesse, realtek, registry, rundll, scan, security, services.exe, software, system, teamspeak, windows



Ähnliche Themen: Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.


  1. PC mit Windows Home Premium, fährt nicht richtig hoch und stützt immer wieder ab.
    Alles rund um Windows - 05.08.2015 (8)
  2. Windows 7 Home Premium startet sehr langsam, problem mit Netzwerkadapter?
    Alles rund um Windows - 18.06.2015 (1)
  3. Windows 7 Home Premium SP1 Langsam
    Log-Analyse und Auswertung - 03.05.2015 (7)
  4. Windows/Desktop läd ganz normal, bleibt dann doch hängen
    Plagegeister aller Art und deren Bekämpfung - 03.03.2015 (33)
  5. Windows 7 64Bit home Premium sehr langsam
    Log-Analyse und Auswertung - 26.10.2014 (11)
  6. Lüfter läuft ständig auf hochtouren obwohl CPU normal läuft unter w7 home premium 32bit serv.pck 1 DANKE!
    Log-Analyse und Auswertung - 09.09.2014 (12)
  7. Windows 8.1 Wird oft ein paar Minuten langsam und dann wieder schnell
    Alles rund um Windows - 01.05.2014 (19)
  8. Win 7 Home Premium mit Pup.Optional.* befallen
    Log-Analyse und Auswertung - 26.03.2014 (17)
  9. Windows 7 Home Premium 64Bit, Internet langsam bzw Downloads
    Alles rund um Windows - 04.01.2014 (1)
  10. W7 Home Pro, Rechner extrem langsam, mind. 8 toolbars installiert, z.B. Iminent
    Log-Analyse und Auswertung - 06.11.2013 (9)
  11. Windows 7 Home Premium startet extrem langsam
    Alles rund um Windows - 05.11.2013 (17)
  12. GVU-Trojaner mit Windows 7 Home Premium
    Log-Analyse und Auswertung - 28.08.2013 (19)
  13. blauer bildschirm, wird heruntergefahren und is dann wieder normal
    Alles rund um Windows - 21.01.2013 (3)
  14. Backdoor.bot auf Windows-7 Home Premium (x64)
    Plagegeister aller Art und deren Bekämpfung - 08.10.2012 (49)
  15. ständiger Systemabsturz Win 7 home premium, 32 Bit
    Plagegeister aller Art und deren Bekämpfung - 03.07.2012 (17)
  16. Internet immer wieder langsam, dann wieder normal usw.
    Log-Analyse und Auswertung - 20.10.2010 (1)
  17. AVIRA Premium Security abgelaufen dann?
    Antiviren-, Firewall- und andere Schutzprogramme - 23.05.2009 (3)

Zum Thema Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. - Hallo Trojanerboard und schonmal Danke im Vorraus. Seit mehreren Wochen ist mein Rechner ständig für kurze Zeit praktisch unbenutzbar. Der Browser, Word oder Spieler frieren minutenlang ein und es geht - Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal....
Archiv
Du betrachtest: Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.