| |
| |||||||
Log-Analyse und Auswertung: Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
29.07.2015, 21:11
| #1 |
| |  Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Hallo Trojanerboard und schonmal Danke im Vorraus. Seit mehreren Wochen ist mein Rechner ständig für kurze Zeit praktisch unbenutzbar. Der Browser, Word oder Spieler frieren minutenlang ein und es geht gar nichts mehr. Eventuell switchen auch noch das laufende Programm und der Desktop ständig hin und her. Dazu muss ich noch erwähnen das mein Rechner dabei auchschonmal Dinge macht die ich nicht angeklickt haben. Z.B. ist dann plötzlich eine neue Website offen oder eine andere geschlossen. Ein Programm ist geschlossen etc. Gmer funktioniert leider nich bei mir (habe alle eure Anweisungen dazu korrekt befolgt). Ein Screenshot von der Fehlermeldung ist unten verlinkt. FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015 durchgeführt von Tim (Administrator) auf TIM-PC (29-07-2015 21:28:27) Gestartet von C:\Users\Tim\Desktop Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe (Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\prevhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.) HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => "C:\Program Files (x86)\Java\jre1.8.0_45\bin\jusched.exe" HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation) HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Google Update] => C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-01-12] (Google Inc.) AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll Datei nicht gefunden AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC32Loader.dll" Datei nicht gefunden Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.) CHR HKU\S-1-5-21-4254080380-16762214-4038314476-1001\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:49847;https=127.0.0.1:49847 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-09] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-09] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Hosts: 0.0.0.1 mssplus.mcafee.com Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1 StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466 FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF user.js: detected! => C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\user.js [2015-07-21] FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05] FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10] FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20] FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23] FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08] CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08] CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30] CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04] CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07] ==================== Services (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation) R2 HPSLPSVC; C:\Users\Tim\AppData\Local\Temp\7zS7CBE\hpslpsvc64.dll [1039360 2013-02-06] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ==================== Drivers (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-29] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation) R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-07-29 21:28 - 2015-07-29 21:30 - 00027711 _____ C:\Users\Tim\Desktop\FRST.txt 2015-07-29 21:26 - 2015-07-29 21:29 - 00000000 ____D C:\FRST 2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log 2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable 2015-07-29 21:24 - 2015-07-29 21:24 - 02169856 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe 2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe 2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe 2015-07-29 18:44 - 2015-07-29 18:45 - 39651088 _____ C:\Users\Tim\Desktop\Pianura.psd 2015-07-29 18:27 - 2015-07-29 18:27 - 00000086 ____H C:\Users\Tim\Desktop\.~lock.Essays Lipinsky.odt# 2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-27 04:53 - 2015-07-27 04:53 - 00000000 _____ C:\Windows\SysWOW64\sho4F88.tmp 2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-07-27 02:25 - 2015-07-29 15:53 - 00019422 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt 2015-07-26 16:00 - 2015-07-26 16:01 - 33696586 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip 2015-07-23 16:32 - 2015-07-23 16:32 - 00015872 _____ C:\Users\Tim\Desktop\Wirtschaft_Nach-Con-Auswertung(1)(1).xls 2015-07-23 16:24 - 2015-07-23 16:24 - 00009260 _____ C:\Users\Tim\Desktop\Handel-Aquillien.xlsx 2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF 2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-07-22 20:09 - 2015-07-22 20:09 - 01198368 _____ C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe 2015-07-22 20:06 - 2015-07-22 20:07 - 01260832 _____ C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe 2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt 2015-07-21 16:05 - 2015-07-29 20:32 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-21 16:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe 2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA 2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA 2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield 2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls 2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls 2015-07-19 18:41 - 2015-07-19 18:41 - 00000000 _____ C:\Windows\SysWOW64\sho54F7.tmp 2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe 2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k 2015-07-16 10:46 - 2015-07-16 10:46 - 00000000 _____ C:\Windows\SysWOW64\sho4D75.tmp 2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2015-07-14 20:51 - 2015-07-14 20:51 - 00000000 _____ C:\Windows\SysWOW64\shoC7A4.tmp 2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Users\Tim\AppData\Local\YSearchUtil 2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe 2015-07-08 19:52 - 2015-07-08 19:52 - 00000000 _____ C:\Windows\SysWOW64\shoB75.tmp 2015-07-08 19:02 - 2015-07-08 19:02 - 00000000 _____ C:\Windows\SysWOW64\shoCD55.tmp 2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-07 01:32 - 2015-07-07 01:32 - 00000000 _____ C:\Windows\SysWOW64\sho5153.tmp 2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini 2015-07-01 11:04 - 2015-07-01 11:04 - 00000000 ____D C:\Users\Tim\Desktop\Alte Firefox-Daten ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-07-29 21:29 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype 2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim 2015-07-29 21:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-29 21:15 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-29 20:48 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-07-29 20:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job 2015-07-29 20:13 - 2012-08-07 19:28 - 01702022 _____ C:\Windows\WindowsUpdate.log 2015-07-29 18:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-07-29 18:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-07-29 18:08 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam 2015-07-29 18:06 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA 2015-07-29 18:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-07-29 18:06 - 2009-07-14 06:51 - 00460032 _____ C:\Windows\setupact.log 2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni 2015-07-28 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job 2015-07-28 14:43 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2015-07-26 16:01 - 2015-05-20 13:24 - 16941101 _____ C:\Users\Tim\Desktop\Emilia-Ligurina.psd 2015-07-23 16:31 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien 2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-22 13:27 - 2010-11-21 05:47 - 00540630 _____ C:\Windows\PFRO.log 2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache 2015-07-21 17:17 - 2015-03-15 21:27 - 00000000 ____D C:\ProgramData\APN 2015-07-21 17:17 - 2015-01-12 22:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InetStat 2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-07-21 17:17 - 2013-01-04 21:10 - 00000000 ____D C:\Users\Tim\AppData\Local\iLivid 2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log 2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log 2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA 2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core 2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt 2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype 2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-09 22:05 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle 2015-07-09 21:53 - 2011-11-10 16:59 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-09 21:49 - 2014-07-01 01:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-07-01 12:53 - 2011-03-11 11:20 - 00699884 _____ C:\Windows\system32\perfh007.dat 2015-07-01 12:53 - 2011-03-11 11:20 - 00149766 _____ C:\Windows\system32\perfc007.dat 2015-07-01 12:53 - 2009-07-14 07:13 - 01622236 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-01 11:01 - 2015-02-09 20:33 - 00000000 ____D C:\Program Files (x86)\CDex 2015-06-30 10:27 - 2013-04-01 23:58 - 00017283 _____ C:\Users\Tim\Documents\Bewerbung.odt 2015-06-30 10:25 - 2014-11-20 02:13 - 00017109 _____ C:\Users\Tim\Documents\Lebenslauf.odt 2015-06-30 10:12 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt 2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel 2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262} 2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log 2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini Einige Dateien in TEMP: ==================== C:\Users\Tim\AppData\Local\Temp\drm_dialogs.dll C:\Users\Tim\AppData\Local\Temp\drm_dyndata_7330017.dll C:\Users\Tim\AppData\Local\Temp\drm_dyndata_7350007.dll C:\Users\Tim\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Tim\AppData\Local\Temp\nvStInst.exe C:\Users\Tim\AppData\Local\Temp\SkypeSetup.exe C:\Users\Tim\AppData\Local\Temp\ytb.exe C:\Users\Tim\AppData\Local\Temp\_is39E1.exe C:\Users\Tim\AppData\Local\Temp\_is512A.exe C:\Users\Tim\AppData\Local\Temp\_is616E.exe C:\Users\Tim\AppData\Local\Temp\_is7E81.exe C:\Users\Tim\AppData\Local\Temp\_isA4A4.exe C:\Users\Tim\AppData\Local\Temp\_isAABE.exe ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\System32\winlogon.exe => Datei ist digital signiert C:\Windows\System32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\System32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\System32\services.exe => Datei ist digital signiert C:\Windows\System32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\System32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\System32\rpcss.dll => Datei ist digital signiert C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-06-27 16:49 ==================== Ende von log ============================ |
|
29.07.2015, 21:14
| #2 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Addition
__________________Code:
ATTFilter zusätzliches untersuchungsergebnis von farbar recovery scan tool (x64) version:28-07-2015
durchgeführt von tim (2015-07-29 21:31:01)
gestartet von c:\users\tim\desktop
start-modus: Normal
==========================================================
==================== konten: =============================
administrator (s-1-5-21-4254080380-16762214-4038314476-500 - administrator - disabled)
gast (s-1-5-21-4254080380-16762214-4038314476-501 - limited - disabled)
homegroupuser$ (s-1-5-21-4254080380-16762214-4038314476-1515 - limited - enabled)
mcx1-tim-pc (s-1-5-21-4254080380-16762214-4038314476-1516 - limited - enabled) => c:\users\mcx1-tim-pc
tim (s-1-5-21-4254080380-16762214-4038314476-1001 - administrator - enabled) => c:\users\tim
==================== sicherheits-center ========================
(wenn ein eintrag in die fixlist aufgenommen wird, wird er entfernt.)
av: Avast! Antivirus (enabled - up to date) {17ad7d40-ba12-9c46-7131-94903a54ad8b}
as: Windows defender (disabled - up to date) {d68ddc3a-831f-4fae-9e44-da132c1acf46}
as: Avast! Antivirus (enabled - up to date) {accc9ca4-9c28-93c8-4b81-afe241d3e736}
==================== installierte programme ======================
(nur adware-programme mit dem zusatz "hidden" können in die fixlist aufgenommen werden, um sie sichtbar zu machen. Die adware-programme sollten manuell deinstalliert werden.)
64 bit hp cio components installer (version: 7.2.4 - hewlett-packard) hidden
adobe air (hklm-x32\...\adobe air) (version: 3.0.0.4080 - adobe systems incorporated)
adobe flash player 18 activex (hklm-x32\...\adobe flash player activex) (version: 18.0.0.209 - adobe systems incorporated)
adobe flash player 18 npapi (hklm-x32\...\adobe flash player npapi) (version: 18.0.0.209 - adobe systems incorporated)
adobe reader x (10.1.1) mui (hklm-x32\...\{ac76ba86-7ad7-ffff-7b44-aa0000000001}) (version: 10.1.1 - adobe systems incorporated)
adobe reader x (10.1.6) - deutsch (hklm-x32\...\{ac76ba86-7ad7-1031-7b44-aa1000000001}) (version: 10.1.6 - adobe systems incorporated)
anstoss 3 (hklm-x32\...\anstoss 3_is1) (version: - )
apple application support (hklm-x32\...\{83caf0de-8d3b-4c37-a631-2b8f16ec3031}) (version: 3.1 - apple inc.)
apple mobile device support (hklm\...\{bdd99690-3541-4619-9d2a-3cddb3e15f9e}) (version: 8.0.5.6 - apple inc.)
apple software update (hklm-x32\...\{789a5b64-9dd9-4ba5-915a-f0fc0a1b7bfe}) (version: 2.1.3.127 - apple inc.)
arsenal of democracy (hklm-x32\...\{ba8a4718-d307-4647-a87a-305980d685fd}_is1) (version: - gamersgate)
asmedia asm104x usb 3.0 host controller driver (hklm-x32\...\{e4fb0b39-c991-4ee7-95dd-1a1a7857d33d}) (version: 1.12.9.0 - asmedia technology)
audacity 2.0.2 (hklm-x32\...\audacity_is1) (version: 2.0.2 - audacity team)
audiblemanager (hklm-x32\...\audiblemanager) (version: 1997815022.48.56.43584746 - audible, inc.)
avast free antivirus (hklm-x32\...\avast) (version: 10.2.2215 - avast software)
b010 (x32 version: 140.0.344.000 - hewlett-packard) hidden
battlefield 3™ (hklm-x32\...\{76285c16-411a-488a-bce3-c83cb933d8cf}) (version: 1.6.0.0 - electronic arts)
battlelog web plugins (hklm-x32\...\battlelog web plugins) (version: 2.6.2 - ea digital illusions ce ab)
bufferchm (x32 version: 140.0.212.000 - hewlett-packard) hidden
citavi 4 (hklm-x32\...\{cc0a85b2-734a-45b3-b678-05f6a6499ac7}) (version: 4.3.0.15 - swiss academic software)
command & conquer 3 (hklm-x32\...\{ddedaf6c-488e-4cda-8276-1ccf5f3c5c32}) (version: 1.00.0000 - ihr firmenname)
command & conquer™ 3 tiberium wars and kane's wrath (hklm-x32\...\{35a2fe53-cc80-4d17-941f-3a7c82824fc7}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ 4 tiberian twilight (hklm-x32\...\{ba4c8f9f-d81b-4afe-ae5a-3837830f5b89}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ and the covert operations™ (hklm-x32\...\{050e298d-c9b8-4582-a332-26201268a297}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ red alert, counterstrike and the aftermath (hklm-x32\...\{b9a7ccbe-48f7-4b3e-bd20-76addd4dc69f}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ red alert™ 3 and uprising (hklm-x32\...\{3c315bf7-4b64-4024-8102-174a197437fa}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ renegade (hklm-x32\...\{24dfbe4c-fd7f-48f2-a7d9-d1a0929b2113}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™ the ultimate collection additional content (hklm-x32\...\{ac663f85-a421-4127-a507-8e24f64d4523}) (version: 1.0.0.0 - electronic arts)
command & conquer™ tiberian sun™ and firestorm™ (hklm-x32\...\{78f60bdd-1923-4cf7-b6bd-087d06d7b5bb}) (version: 1.0.0.0 - electronic arts, inc.)
command & conquer™: Generals and zero hour (hklm-x32\...\{8f0f5689-6900-425b-a8c2-0dbd10dab694}) (version: 1.0.0.0 - electronic arts, inc.)
company of heroes 2 – open beta (hklm-x32\...\steam app 231430) (version: - relic entertainment)
computerbild vorteil-center (hklm-x32\...\{b7e68a6d-1c9b-4f18-b021-949115021714}) (version: 1.1.23 - j3s)
control activex de windows live mesh para conexiones remotas (hklm-x32\...\{04668df2-d32f-4555-9c7e-35523dcd6544}) (version: 15.4.5722.2 - microsoft corporation)
contrôle activex windows live mesh pour connexions à distance (hklm-x32\...\{55d003f4-9599-44bf-ba9e-95d060730dd3}) (version: 15.4.5722.2 - microsoft corporation)
controlo activex do windows live mesh para ligações remotas (hklm-x32\...\{e54eeb5d-41ed-40fe-b4a8-8565db81469b}) (version: 15.4.5722.2 - microsoft corporation)
cyberlink labelprint (hklm-x32\...\installshield_{c59c179c-668d-49a9-b6ea-0121ccfc1243}) (version: 2.5.3624 - cyberlink corp.)
cyberlink power2go (hklm-x32\...\installshield_{40bf1e83-20eb-11d8-97c5-0009c5020658}) (version: 7.0.0.1327 - cyberlink corp.)
cyberlink powerdvd copy (hklm-x32\...\installshield_{e3d04529-6edb-11d8-a372-0050bae317e1}) (version: 1.5.1306 - cyberlink corp.)
cyberlink powerrecover (hklm-x32\...\installshield_{44b2a0ab-412e-4f8c-b058-d1e8aeccdff5}) (version: 5.5.4125 - cyberlink corp.)
cyberlink waveeditor (hklm-x32\...\installshield_{324f76cc-d8dd-4d87-b77d-d4af5e1aa7b3}) (version: 1.0.1.2821 - cyberlink corp.)
d3dx10 (x32 version: 15.4.2368.0902 - microsoft) hidden
dawn of war - soulstorm (hklm-x32\...\{20533183-d42d-4261-a125-956736fbea8c}) (version: 1.00.0000 - thq)
dawn of war - soulstorm (x32 version: 1.00.0000 - thq) hidden
destinations (x32 version: 140.0.167.000 - hewlett-packard) hidden
devicediscovery (x32 version: 140.0.212.000 - hewlett-packard) hidden
edna & harvey: The breakout (hklm-x32\...\steam app 255320) (version: - daedalic entertainment)
ee-zde (hklm-x32\...\{b49c924c-a651-4378-94f6-5d9bf44a959f}) (version: - )
elsterformular (hklm-x32\...\elsterformular) (version: 16.1.16835 - landesfinanzdirektion thüringen)
empire earth (hklm-x32\...\{2447500b-22d7-47bd-9b13-1a927f43a267}) (version: - )
empire: Total war (hklm-x32\...\steam app 10500) (version: - the creative assembly)
endnote x7 (hklm-x32\...\{86b3f2d6-ac2b-0017-8ae1-f2f77f781b0c}) (version: 17.0.2.7390 - thomson reuters)
fallout2 (hklm-x32\...\fallout2) (version: - )
formant activex programu windows live mesh odpowiedzialny za obsługę połączeń zdalnych (hklm-x32\...\{b04a0e2f-1e4c-4e61-b18e-3b2bd6779ca7}) (version: 15.4.5722.2 - microsoft corporation)
fotogalerija windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
free youtube download version 3.2.44.922 (hklm-x32\...\free youtube download_is1) (version: 3.2.44.922 - dvdvideosoft ltd.)
galeria de fotografias do windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
galería fotográfica de windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
galeria fotografii usługi windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
galerie de photos windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
gimp 2.8.4 (hklm\...\gimp-2_is1) (version: 2.8.4 - the gimp team)
google chrome (hklm-x32\...\google chrome) (version: 44.0.2403.125 - google inc.)
google earth plug-in (hklm-x32\...\{4ab54f11-2f8c-11e3-b09f-b8ac6f97b88e}) (version: 7.1.2.2041 - google)
google talk plugin (hklm-x32\...\{ca3dd97d-1fd7-37a7-bd5c-fc4430c8b8e6}) (version: 5.41.2.0 - google)
google update helper (x32 version: 1.3.25.11 - google inc.) hidden
google update helper (x32 version: 1.3.28.1 - google inc.) hidden
gpbaseservice2 (x32 version: 140.0.211.000 - hewlett-packard) hidden
hp customer participation program 14.0 (hklm\...\hpextendedcapabilities) (version: 14.0 - hp)
hp imaging device functions 14.0 (hklm\...\hp imaging device functions) (version: 14.0 - hp)
hp photosmart b010 all-in-one driver software 14.0 rel. 7 (hklm\...\{81830fef-866c-4dc0-9435-b6287b1edd8a}) (version: 14.0 - hp)
hp smart web printing 4.60 (hklm\...\hp smart web printing) (version: 4.60 - hp)
hp solution center 14.0 (hklm\...\hp solution center & imaging support tools) (version: 14.0 - hp)
hp update (hklm-x32\...\{74dc0593-6bc6-4001-ad5f-d810afb68d86}) (version: 5.002.002.002 - hewlett-packard)
hpphotogadget (x32 version: 140.0.524.000 - hewlett-packard) hidden
hpproductassistant (x32 version: 140.0.212.000 - hewlett-packard) hidden
hpssupply (x32 version: 140.0.211.000 - hewlett-packard) hidden
intel(r) control center (hklm-x32\...\{f8a9085d-4c7a-41a9-8a77-c8998a96c421}) (version: 1.2.1.1007 - intel corporation)
intel(r) management engine components (hklm-x32\...\{65153ea5-8b6e-43b6-857b-c6e4fc25798a}) (version: 7.0.0.1144 - intel corporation)
intel(r) rapid storage technology (hklm-x32\...\{3e29ee6c-963a-4aae-86c1-dc237c4a49fc}) (version: 10.6.0.1002 - intel corporation)
itunes (hklm\...\{2abbbd91-91e5-4ad7-929a-fe15d1dc0576}) (version: 12.0.1.26 - apple inc.)
java 8 update 45 (hklm-x32\...\{26a24ae4-039d-4ca4-87b4-2f83218045f0}) (version: 8.0.450 - oracle corporation)
junk mail filter update (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
kontrolnik windows live mesh activex za oddaljene povezave (hklm-x32\...\{ca227a9d-09be-4bfb-9764-48fed2da5454}) (version: 15.4.5722.2 - microsoft corporation)
lame v3.99.3 (for windows) (hklm-x32\...\lame_is1) (version: - )
left 4 dead 2 (hklm-x32\...\steam app 550) (version: - valve)
malwarebytes Anti-Malware version 2.1.8.1057 (hklm-x32\...\malwarebytes anti-malware_is1) (version: 2.1.8.1057 - malwarebytes corporation)
marketresearch (x32 version: 140.0.212.000 - hewlett-packard) hidden
mcafee security scan plus (hklm\...\mcafee security scan) (version: 3.11.149.2 - mcafee, inc.)
medieval ii total war (hklm-x32\...\{c0698bda-0d29-40ee-8570-a31106df9ab1}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Americas (hklm-x32\...\{75983b66-804c-40d1-ba13-64daf652a6f1}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Britannia (hklm-x32\...\{ceddee73-3d36-41c2-aa40-29355d9fbd63}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Crusades (hklm-x32\...\{02a10468-2f1c-447c-ad8e-4deddea25ae2}) (version: 1.03.000 - sega)
medieval ii total war : Kingdoms : Teutonic (hklm-x32\...\{7aee1963-7001-4c37-bc20-2faeb74aa41c}) (version: 1.03.000 - sega)
medion home cinema (hklm-x32\...\installshield_{1fbf6c24-c1fd-4101-a42b-0c564f9e8e79}) (version: 8.0.3216 - cyberlink corp.)
medion home cinema (x32 version: 8.0.3216 - cyberlink corp.) hidden
memeo instant backup (hklm-x32\...\{8e666407-ac41-46a2-9692-6c7bfcbfdd37}) (version: 4.60.0.7943 - memeo inc.)
mesh runtime (x32 version: 15.4.5722.2 - microsoft corporation) hidden
microsoft .net framework 4.5.1 (hklm\...\{92fb6c44-e685-45ad-9b20-cadf4caba132} - 1033) (version: 4.5.50938 - microsoft corporation)
microsoft office 2010 (hklm-x32\...\{95140000-0070-0000-0000-0000000ff1ce}) (version: 14.0.4763.1000 - microsoft corporation)
microsoft office klick-und-los 2010 (hklm-x32\...\office14.click2run) (version: 14.0.4763.1000 - microsoft corporation)
microsoft office starter 2010 - deutsch (hklm-x32\...\{90140011-0066-0407-0000-0000000ff1ce}) (version: 14.0.4763.1000 - microsoft corporation)
microsoft silverlight (hklm\...\{89f4137d-6c26-4a84-bdb8-2e5a4bb71e00}) (version: 5.1.40416.0 - microsoft corporation)
microsoft sql server 2005 compact edition [enu] (hklm-x32\...\{f0b430d1-b6aa-473d-9b06-aa3dd01fd0b8}) (version: 3.1.0000 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (version: 8.0.61001 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (version: 8.0.56336 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (version: 8.0.59193 - microsoft corporation)
microsoft visual c++ 2005 redistributable (x64) (hklm\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (version: 8.0.61000 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x64 9.0.30729.6161 (hklm\...\{5fce6d76-f5dc-37ab-b2b8-22ab8cedb1d4}) (version: 9.0.30729.6161 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.21022 (hklm-x32\...\{ff66e9f6-83e7-3a3e-af14-8de9a809a6a4}) (version: 9.0.21022 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.17 (hklm-x32\...\{9a25302d-30c0-39d9-bd6f-21e6ec160475}) (version: 9.0.30729 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148 (hklm-x32\...\{1f1c2dfc-2d24-3e06-bcb8-725134adf989}) (version: 9.0.30729.4148 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.6161 (hklm-x32\...\{9be518e6-ecc6-35a9-88e4-87755c07200f}) (version: 9.0.30729.6161 - microsoft corporation)
microsoft visual c++ 2010 x64 redistributable - 10.0.40219 (hklm\...\{1d8e6291-b0d5-35ec-8441-6616f567a0f7}) (version: 10.0.40219 - microsoft corporation)
microsoft visual c++ 2010 x86 redistributable - 10.0.40219 (hklm-x32\...\{f0c3e5d1-1ade-321e-8167-68ef0de699a5}) (version: 10.0.40219 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x64) - 11.0.61030 (hklm-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (version: 11.0.61030.0 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x86) - 11.0.61030 (hklm-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (version: 11.0.61030.0 - microsoft corporation)
microsoft visual c++ 2013 redistributable (x86) - 12.0.30501 (hklm-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (version: 12.0.30501.0 - microsoft corporation)
mozilla firefox 39.0 (x86 de) (hklm-x32\...\mozilla firefox 39.0 (x86 de)) (version: 39.0 - mozilla)
mozilla maintenance service (hklm-x32\...\mozillamaintenanceservice) (version: 30.0 - mozilla)
msn toolbar (hklm-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (version: 4.0.0357.1 - microsoft corporation)
msn toolbar platform (x32 version: 4.0.0357.1 - microsoft corporation) hidden
msxml 4.0 sp2 (kb973688) (hklm-x32\...\{f662a8e6-f4dc-41a2-901e-8c11f044bdec}) (version: 4.20.9876.0 - microsoft corporation)
mumble 1.2.5 (hklm-x32\...\{871f39a1-1671-4161-a012-1d4820346a69}) (version: 1.2.5 - thorvald natvig)
napoleon: Total war (hklm-x32\...\steam app 34030) (version: - the creative assembly)
nvidia 3d vision controller-treiber 352.65 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.nvirusb) (version: 352.65 - nvidia corporation)
nvidia 3d vision treiber 353.30 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.3dvision) (version: 353.30 - nvidia corporation)
nvidia geforce experience 2.4.5.44 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.gfexperience) (version: 2.4.5.44 - nvidia corporation)
nvidia grafiktreiber 353.30 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.driver) (version: 353.30 - nvidia corporation)
nvidia hd-audiotreiber 1.3.34.3 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_hdaudio.driver) (version: 1.3.34.3 - nvidia corporation)
nvidia physx-systemsoftware 9.15.0428 (hklm\...\{b2fe1952-0186-46c3-baec-a80aa35ac5b8}_display.physx) (version: 9.15.0428 - nvidia corporation)
openoffice 4.1.1 (hklm-x32\...\{acd0fff9-6b35-43c1-82db-9ff6990e8602}) (version: 4.11.9775 - apache software foundation)
origin (hklm-x32\...\origin) (version: 9.4.7.2799 - electronic arts, inc.)
pdf24 creator 6.3.2 (hklm-x32\...\{81a6f461-0dba-4f12-b56f-0e977ec10576}_is1) (version: - pdf24.org)
plagiarismfinder 2.1 (hklm-x32\...\plagiarismfinder 2.1) (version: 2.1.20 - mediaphor ag)
playready pc runtime amd64 (hklm\...\{bca9334f-b6c9-4f65-9a73-ac5a329a4d04}) (version: 1.3.0 - microsoft corporation)
poczta usługi windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
podstawowe programy windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
pošta windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
ps_aio_07_b010_sw_min (x32 version: 140.0.224.000 - hewlett-packard) hidden
raccolta foto di windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
realtek ethernet controller driver (hklm-x32\...\{8833ffb6-5b0c-4764-81aa-06dfeed9a476}) (version: 7.46.610.2011 - realtek)
realtek high definition audio driver (hklm-x32\...\{f132af7f-7bca-4ede-8a7c-958108fe7dbc}) (version: 6.0.1.6438 - realtek semiconductor corp.)
researchsoft direct export helper (hklm-x32\...\researchsoft direct export helper) (version: - thomson reuters)
scan (x32 version: 140.0.80.000 - hewlett-packard) hidden
shield streaming (version: 4.1.2000 - nvidia corporation) hidden
shield wireless controller driver (version: 2.4.5.44 - nvidia corporation) hidden
shop for hp supplies (hklm\...\shop for hp supplies) (version: 14.0 - hp)
skype click to call (hklm-x32\...\{6d1221a9-17bf-4ec0-81f2-27d30ec30701}) (version: 7.4.0.9058 - microsoft corporation)
skype™ 7.6 (hklm-x32\...\{24991ba0-f0ee-44ad-9cc8-5ec50aecf6b7}) (version: 7.6.105 - skype technologies s.a.)
smartwebprinting (x32 version: 140.0.186.000 - hewlett-packard) hidden
solutioncenter (x32 version: 140.0.214.000 - hewlett-packard) hidden
stadtplan generator 5.40 (hklm-x32\...\{53328244-e005-46a3-b39f-a15f005feceb}) (version: 5.4.0.0 - )
status (x32 version: 140.0.256.000 - hewlett-packard) hidden
steam (hklm-x32\...\{048298c9-a4d3-490b-9ff9-ab023a9238f3}) (version: 1.0.0.0 - valve)
teamspeak 3 client (hklm\...\teamspeak 3 client) (version: 3.0.16 - teamspeak systems gmbh)
teamspeak 3 client (hklm-x32\...\teamspeak 3 client) (version: 3.0.6 - teamspeak systems gmbh)
toolbox (x32 version: 140.0.428.000 - hewlett-packard) hidden
total war: Rome ii (hklm-x32\...\steam app 214950) (version: - creative assembly)
total war: Shogun 2 (hklm-x32\...\steam app 34330) (version: - the creative assembly)
trayapp (x32 version: 140.0.212.000 - hewlett-packard) hidden
tropico (hklm-x32\...\{818fb39b-1a57-4f1b-a54d-391c33d6c596}) (version: - )
uzak bağlantılar İçin windows live mesh activex denetimi (hklm-x32\...\{241e7104-937a-4366-ad57-8fdddb003939}) (version: 15.4.5722.2 - microsoft corporation)
vlc media player (hklm-x32\...\vlc media player) (version: 2.1.5 - videolan)
webreg (x32 version: 140.0.212.017 - hewlett-packard) hidden
westwoodchat (hklm-x32\...\{7cae6a67-af7b-4a6a-8705-8afaca45bb60}) (version: 1.0.0.0 - westwoodchat)
westwoodonline (hklm-x32\...\{bbcd6d56-8a26-4dde-9482-dbc9c7b7341d}) (version: 1.0.0.0 - westwoodonline)
windows live essentials (hklm-x32\...\winlivesuite) (version: 15.4.3555.0308 - microsoft corporation)
windows live mesh - activex-besturingselement voor externe verbindingen (hklm-x32\...\{c32ce55c-12ba-4951-8797-0967fdef556f}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex control for remote connections (hklm-x32\...\{2902f983-b4c1-44ba-b85d-5c6d52e2c441}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex control for remote connections (hklm-x32\...\{c5398a89-516c-4daf-ba07-ee7949090e56}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex control for remote connections (hklm-x32\...\{c63a1e60-b6a4-440b-89a5-1fc6e4ac1c94}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex-objekt til fjernforbindelser (hklm-x32\...\{57220148-3b2b-412a-a2e0-82b9df423696}) (version: 15.4.5722.2 - microsoft corporation)
windows live mesh activex-vezérlő távoli kapcsolatokhoz (hklm-x32\...\{6e29c4f7-c2c2-4b18-a15c-e09b92065f15}) (version: 15.4.5722.2 - microsoft corporation)
yahoo search set (hklm-x32\...\yahoo! Searchset) (version: - yahoo inc.)
zero-buchhaltung (hklm-x32\...\zero) (version: - )
Στοιχείο ελέγχου activex του windows live mesh για απομακρυσμένες συνδέσεις (hklm-x32\...\{f665f3b8-01b4-46a9-8e47-ff8dc2208c9f}) (version: 15.4.5722.2 - microsoft corporation)
Συλλογή φωτογραφιών του windows live (x32 version: 15.4.3502.0922 - microsoft corporation) hidden
==================== benutzerdefinierte clsid (nicht auf der ausnahmeliste): ==========================
(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Die datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{005a3a96-bac4-4b0a-94ea-c0ce100ea736}\localserver32 -> c:\users\tim\appdata\roaming\dropbox\bin\dropbox.exe /autoplay keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{0f22a205-cfb0-4679-8499-a6f44a80a208}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.25.5\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{1423f872-3f7f-4e57-b621-8b1a9d49b448}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.27.5\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{355ec88a-02e2-4547-9dee-f87426484bd1}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.23.9\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{5c8c2a98-6133-4eba-bbcc-34d9ea01fc2e}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.28.1\psuser_64.dll (google inc.)
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{90b3dfbf-af6a-4ea0-8899-f332194690f8}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.24.15\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{c3bc25c0-fcd3-4f01-afdd-41373f017c9a}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.26.9\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{d0336c0b-7919-4c04-8cce-2ebae2ece8c9}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.25.11\psuser_64.dll keine datei
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{e8cf3e55-f919-49d9-abc0-948e6cb34b9f}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.28.1\psuser_64.dll (google inc.)
customclsid: Hku\s-1-5-21-4254080380-16762214-4038314476-1001_classes\clsid\{fe498bab-cb4c-4f88-ac3f-3641aaaf5e9e}\inprocserver32 -> c:\users\tim\appdata\local\google\update\1.3.24.7\psuser_64.dll keine datei
==================== wiederherstellungspunkte =========================
22-02-2015 20:00:46 windows-sicherung
25-02-2015 16:40:53 windows update
26-02-2015 04:01:09 windows update
01-03-2015 20:00:54 windows-sicherung
15-03-2015 11:47:41 windows-sicherung
15-03-2015 20:00:34 windows-sicherung
15-03-2015 20:14:14 windows update
22-03-2015 22:19:47 windows-sicherung
29-03-2015 19:02:00 windows-sicherung
31-03-2015 01:18:26 entfernt tropico
31-03-2015 01:23:01 removed Bonjour
31-03-2015 01:24:57 characthulhu wird entfernt
01-04-2015 16:09:19 installiert dawn of war - soulstorm
01-04-2015 16:25:08 directx wurde installiert
05-04-2015 03:00:16 windows update
06-04-2015 13:49:04 windows-sicherung
12-04-2015 19:00:37 windows-sicherung
15-04-2015 21:18:25 avast! Antivirus system restore point
16-04-2015 13:20:05 windows update
19-04-2015 19:01:16 windows-sicherung
26-04-2015 19:00:57 windows-sicherung
03-05-2015 19:01:34 windows-sicherung
11-05-2015 00:46:19 windows-sicherung
13-05-2015 12:34:30 windows update
17-05-2015 23:45:19 windows-sicherung
20-05-2015 12:29:41 windows update
21-05-2015 00:39:36 removed java(tm) 6 update 7
21-05-2015 00:42:16 installed java(tm) 6 update 7
24-05-2015 22:14:11 windows-sicherung
28-05-2015 19:24:15 microsoft visual c++ 2013 redistributable (x86) - 12.0.30501
28-05-2015 19:26:34 microsoft visual c++ 2013 redistributable (x86) - 12.0.21005
31-05-2015 19:01:12 windows-sicherung
08-06-2015 00:28:15 windows-sicherung
11-06-2015 00:41:13 windows update
11-06-2015 10:10:32 windows update
14-06-2015 23:30:13 windows-sicherung
21-06-2015 19:01:05 windows-sicherung
28-06-2015 23:44:47 windows-sicherung
05-07-2015 21:19:56 windows-sicherung
09-07-2015 21:44:56 removed java 8 update 40
12-07-2015 22:21:18 windows-sicherung
15-07-2015 08:11:35 windows update
15-07-2015 15:41:24 windows update
19-07-2015 02:26:59 nvidia physx wird entfernt
20-07-2015 01:47:24 windows-sicherung
21-07-2015 00:33:53 installiert medieval ii total war
21-07-2015 00:54:55 directx wurde installiert
21-07-2015 00:58:16 installiert medieval ii total war : Kingdoms : Americas
21-07-2015 02:22:27 installiert medieval ii total war : Kingdoms : Britannia
21-07-2015 02:33:02 installiert medieval ii total war : Kingdoms : Crusades
21-07-2015 02:37:44 installiert medieval ii total war : Kingdoms : Teutonic
22-07-2015 01:53:40 windows update
26-07-2015 19:08:25 windows-sicherung
29-07-2015 03:00:42 windows update
==================== hosts inhalt: ===============================
(wenn benötigt kann der hosts: Schalter in die fixlist aufgenommen werden um die hosts datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-27 02:47 - 00000854 ____a c:\windows\system32\drivers\etc\hosts
0.0.0.1 mssplus.mcafee.com
==================== geplante aufgaben (nicht auf der ausnahmeliste) =============
(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Die datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
task: {0f32673d-cf80-4d76-8b12-1c789d5fdc31} - system32\tasks\googleupdatetaskmachinecore => c:\program files (x86)\google\update\googleupdate.exe [2014-10-20] (google inc.)
task: {17d13859-861b-4d50-909a-5b47154595a7} - system32\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001core => c:\users\tim\appdata\local\google\update\googleupdate.exe [2014-01-12] (google inc.)
task: {36473548-5287-4ef2-b699-8d7c93436e4d} - system32\tasks\microsoft\windows\media center\extender\update media permissions for mcx1-tim-pc => c:\windows\ehome\mcxtask.exe [2009-07-14] (microsoft corporation)
task: {9e01355c-611f-4dbc-8147-1f3398372bc0} - system32\tasks\avast! Emergency update => c:\program files\avast software\avast\avastemupdate.exe [2015-04-15] (avast software s.r.o.)
task: {abbd3668-5b14-4ae6-87b5-d971859fea4f} - system32\tasks\adobe flash player updater => c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe [2015-07-15] (adobe systems incorporated)
task: {b671691e-10dc-40f2-b996-eaaaeb75af34} - system32\tasks\avastbclrestarts-1-5-21-4254080380-16762214-4038314476-1001 => firefox.exe
task: {ba093cab-4d65-444e-be91-53492b0d1456} - system32\tasks\{7a8f8793-0e09-4147-b7a1-be9fcebd3830} => pcalua.exe -a "c:\users\tim\desktop\transkriptprogramm f4.exe" -d c:\users\tim\desktop
task: {dedfa1c6-490b-4179-bacb-4928c30811e4} - system32\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001ua => c:\users\tim\appdata\local\google\update\googleupdate.exe [2014-01-12] (google inc.)
task: {f918b5bf-baf0-4deb-af9b-b9699ca7893b} - system32\tasks\googleupdatetaskmachineua => c:\program files (x86)\google\update\googleupdate.exe [2014-10-20] (google inc.)
(wenn ein eintrag in die fixlist aufgenommen wird, wird die aufgabe verschoben. Die datei, die durch die aufgabe gestartet wird, wird nicht verschoben.)
task: C:\windows\tasks\adobe flash player updater.job => c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
task: C:\windows\tasks\googleupdatetaskmachinecore.job => c:\program files (x86)\google\update\googleupdate.exe
task: C:\windows\tasks\googleupdatetaskmachineua.job => c:\program files (x86)\google\update\googleupdate.exe
task: C:\windows\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001core.job => c:\users\tim\appdata\local\google\update\googleupdate.exe
task: C:\windows\tasks\googleupdatetaskusers-1-5-21-4254080380-16762214-4038314476-1001ua.job => c:\users\tim\appdata\local\google\update\googleupdate.exe
==================== geladene module (nicht auf der ausnahmeliste) ==============
2014-07-01 23:11 - 2015-06-17 08:48 - 00116368 _____ () c:\program files\nvidia corporation\display\nvsmartmax64.dll
2015-04-15 21:20 - 2015-04-15 21:20 - 00104400 _____ () c:\program files\avast software\avast\log.dll
2015-04-15 21:20 - 2015-04-15 21:20 - 00081728 _____ () c:\program files\avast software\avast\jsonrpcserver.dll
2015-07-29 12:43 - 2015-07-29 12:43 - 02960384 _____ () c:\program files\avast software\avast\defs\15072900\algo.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () c:\program files (x86)\common files\apple\apple application support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () c:\program files (x86)\common files\apple\apple application support\libxml2.dll
2014-10-16 19:55 - 2014-10-16 19:55 - 00172544 _____ () c:\windows\assembly\nativeimages_v2.0.50727_32\isdiinterop\b2363cf94faf59386ab4778a39c16e2b\isdiinterop.ni.dll
2011-09-29 17:34 - 2011-05-20 19:05 - 00059904 _____ () c:\program files (x86)\intel\intel(r) rapid storage technology\isdiinterop.dll
2015-07-19 02:28 - 2015-06-17 11:10 - 00011920 _____ () c:\program files (x86)\nvidia corporation\update core\detoured.dll
2013-03-12 18:10 - 2015-07-03 18:12 - 00778240 _____ () c:\program files (x86)\steam\sdl2.dll
2015-01-29 18:22 - 2015-07-03 18:12 - 04962816 _____ () c:\program files (x86)\steam\v8.dll
2015-01-29 18:22 - 2015-07-03 18:12 - 01556992 _____ () c:\program files (x86)\steam\icui18n.dll
2015-01-29 18:22 - 2015-07-03 18:12 - 01187840 _____ () c:\program files (x86)\steam\icuuc.dll
2014-05-23 08:47 - 2015-07-24 01:24 - 02410176 _____ () c:\program files (x86)\steam\video.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 02396672 _____ () c:\program files (x86)\steam\libavcodec-56.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00442880 _____ () c:\program files (x86)\steam\libavutil-54.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00479744 _____ () c:\program files (x86)\steam\libavformat-56.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00332800 _____ () c:\program files (x86)\steam\libavresample-2.dll
2014-08-30 02:20 - 2014-12-01 23:31 - 00485888 _____ () c:\program files (x86)\steam\libswscale-3.dll
2012-08-07 20:38 - 2015-07-24 01:23 - 00703168 _____ () c:\program files (x86)\steam\bin\chromehtml.dll
2015-07-23 11:33 - 2015-07-07 22:41 - 00169984 _____ () c:\program files (x86)\steam\bin\openvr_api.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00619816 _____ () c:\program files (x86)\cyberlink\power2go\clmedialibrary.dll
2010-08-04 00:39 - 2010-08-04 00:39 - 00013096 _____ () c:\program files (x86)\cyberlink\power2go\clmlsvcps.dll
2015-03-20 13:40 - 2015-03-20 13:40 - 40540672 _____ () c:\program files\avast software\avast\libcef.dll
2012-08-07 20:38 - 2015-07-03 18:12 - 39553928 _____ () c:\program files (x86)\steam\bin\libcef.dll
2014-08-13 10:27 - 2014-08-13 10:27 - 00988160 _____ () c:\program files (x86)\openoffice 4\program\libxml2.dll
2014-07-29 14:34 - 2014-07-29 14:34 - 00170496 _____ () c:\program files (x86)\openoffice 4\program\libxslt.dll
2012-08-08 03:12 - 2013-03-12 16:22 - 09390592 _____ () c:\users\tim\appdata\local\adobe\acrobat\10.0\cache\rdlang_rdlang32.deu
2012-12-18 16:28 - 2012-12-18 16:28 - 00305880 _____ () c:\program files (x86)\adobe\reader 10.0\reader\sqlite.dll
2014-06-23 20:58 - 2014-01-28 07:47 - 03601408 _____ () c:\program files (x86)\adobe\reader 10.0\reader\plug_ins\citavi picker\citavipicker.api
2012-08-08 03:15 - 2013-03-18 02:43 - 00014336 _____ () c:\users\tim\appdata\local\adobe\acrobat\10.0\cache\rdlang_updater.deu
2015-07-15 15:48 - 2015-07-15 15:48 - 17448624 _____ () c:\windows\syswow64\macromed\flash\npswf32_18_0_0_209.dll
==================== alternate data streams (nicht auf der ausnahmeliste) =========
(wenn ein eintrag in die fixlist aufgenommen wird, wird nur der ads entfernt.)
==================== abgesicherter modus (nicht auf der ausnahmeliste) ===================
(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Der wert "alternateshell" wird wiederhergestellt.)
==================== exe verknüpfungen (nicht auf der ausnahmeliste) ===============
(wenn ein eintrag in die fixlist aufgenommen wird, wird der registryeintrag auf den standardwert zurückgesetzt oder entfernt.)
==================== internet explorer trusted/restricted ===============
(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt.)
==================== andere bereiche ============================
(aktuell gibt es keinen automatisierten fix für diesen bereich.)
hku\s-1-5-21-4254080380-16762214-4038314476-1001\control panel\desktop\\wallpaper -> c:\users\tim\appdata\roaming\microsoft\windows\themes\transcodedwallpaper.jpg
dns servers: 192.168.178.1
hklm\software\microsoft\windows\currentversion\policies\system => (consentpromptbehavioradmin: 5) (consentpromptbehavioruser: 3) (enablelua: 1)
windows firewall ist aktiviert.
==================== msconfig/task manager deaktivierte einträge ==
(aktuell gibt es keinen automatisierten fix für diesen bereich.)
msconfig\services: Bonjour service => 2
msconfig\startupreg: Apntbmon => "c:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe"
msconfig\startupreg: Inetstat => c:\users\tim\appdata\roaming\inetstat\inetstat.exe
msconfig\startupreg: Ituneshelper => "c:\program files (x86)\itunes\ituneshelper.exe"
==================== firewall regeln (nicht auf der ausnahmeliste) ===============
(wenn ein eintrag in die fixlist aufgenommen wird, wird er aus der registry entfernt. Die datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
firewallrules: [{cc7a9a93-3447-4089-a681-63ff7930f637}] => (allow) c:\program files (x86)\windows live\contacts\wlcomm.exe
firewallrules: [{f9560ef2-fee6-4329-9b99-7509b9a25f30}] => (allow) lport=2869
firewallrules: [{12243fb8-90cc-4f7a-8728-940856db8b1c}] => (allow) lport=1900
firewallrules: [{308d8a43-d7b5-4672-99b9-bb7709bff146}] => (allow) c:\program files (x86)\windows live\messenger\msnmsgr.exe
firewallrules: [{1bbb2c33-0580-4f9a-befb-af28d84aa65a}] => (allow) c:\program files (x86)\windows live\mesh\moe.exe
firewallrules: [{86167796-edfe-4251-be30-cd8629b0f3cb}] => (allow) c:\program files (x86)\skype\phone\skype.exe
firewallrules: [{f0731bcf-c829-495d-9eb8-b89f5c29d253}] => (allow) c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe
firewallrules: [{25fe5c3e-5ede-49ad-9776-11165788eb50}] => (allow) c:\program files (x86)\steam\steamapps\common\empire total war\empire.exe
firewallrules: [{631d1eb1-6e90-4c6e-86bc-b6a2547c0e1c}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe
firewallrules: [{4265681f-dc2c-4986-8088-a44260e633a4}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe
firewallrules: [{b18188d9-1c43-4739-b53d-3f018645dc69}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe
firewallrules: [tcp query user{3ed0d92f-027a-455f-a4fc-5db56f4139e7}c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe] => (allow) c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe
firewallrules: [udp query user{6cb343f6-28a2-4dca-92cb-859782ff62b8}c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe] => (allow) c:\program files (x86)\hercules\webcam station evolution se\stationevse.exe
firewallrules: [tcp query user{38432cdd-26b3-4d83-8d10-663670042ff3}c:\program files (x86)\steam\steam.exe] => (block) c:\program files (x86)\steam\steam.exe
firewallrules: [udp query user{416d66c7-a52a-4d6c-b9d9-b3c8dd0392ff}c:\program files (x86)\steam\steam.exe] => (block) c:\program files (x86)\steam\steam.exe
firewallrules: [{3fcc2945-32a4-4714-8f1c-756a9e332d3e}] => (allow) c:\program files (x86)\ventrilo\ventrilo.exe
firewallrules: [{2c7bad4c-5526-4e46-b639-8aeece07c991}] => (allow) c:\program files (x86)\ventrilo\ventrilo.exe
firewallrules: [{712bc95e-a76e-4587-8e08-4a65468d9d09}] => (allow) c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe
firewallrules: [{a4a0780a-579f-438c-8fef-7148bcb16eb4}] => (allow) c:\program files (x86)\steam\steamapps\common\napoleon total war\napoleon.exe
firewallrules: [{46284e4e-881d-4812-8782-5e99e3817183}] => (allow) c:\users\tim\appdata\local\temp\7zs7ca7\hppiw.exe
firewallrules: [{b25df979-4410-4b3b-bdf0-624ede30446e}] => (allow) c:\users\tim\appdata\local\temp\7zs7ca7\hppiw.exe
firewallrules: [{7be1f68e-1a3b-49c5-8830-ef7cd01f6ef6}] => (allow) c:\users\tim\appdata\local\temp\7zs7cbe\hppiw.exe
firewallrules: [{587a2946-224d-4589-9c78-15daac2fcb8d}] => (allow) c:\users\tim\appdata\local\temp\7zs7cbe\hppiw.exe
firewallrules: [{a0be0301-46d1-4127-9d16-19a060fc13e1}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [{7c194689-863d-4cb4-94e5-956eac6ed7c1}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [tcp query user{ade217ac-e5cd-4983-8129-ac9fbd8e6eb1}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [udp query user{6c589530-1b17-4a80-9c7f-209401568bb5}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [{ff761814-6783-4a06-ac4f-aff5364daba9}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [{dfe86eb1-2995-46b5-a157-9af60d67cc3e}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [{7acd9b6f-7dde-4398-9403-099ad60ba551}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [{52ba9ede-bcf4-4e8f-bc1d-d840b5d16bd1}] => (allow) c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe
firewallrules: [tcp query user{5a59c77a-8316-4d98-84b8-e892e08e2804}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [udp query user{a817c938-0f16-48e5-ba38-534e920d308c}c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (allow) c:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe
firewallrules: [tcp query user{c8e5ef8c-ce20-4a97-abe2-644adb56988a}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [udp query user{9f2e2cb6-6486-43b9-8e4a-94f76bb7ec9a}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [tcp query user{1b2d14f7-cca4-4a8f-bff3-5655cd5a05ca}c:\program files (x86)\steam\steam.exe] => (allow) c:\program files (x86)\steam\steam.exe
firewallrules: [udp query user{4ba7b1c7-4288-4f38-9b32-d3946a705f18}c:\program files (x86)\steam\steam.exe] => (allow) c:\program files (x86)\steam\steam.exe
firewallrules: [{3d06d572-36fb-477b-928c-26bd8b728d7b}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [{ca3b09bc-c2dc-4947-b185-b9fac0502cb2}] => (allow) c:\program files (x86)\steam\steamapps\common\company of heroes 2\reliccoh2.exe
firewallrules: [{899ef5d6-0a31-49db-ba81-baa6283db83a}] => (allow) c:\program files (x86)\electronic arts\command & conquer 3\retailexe\1.0\cnc3game.dat
firewallrules: [tcp query user{8896d19e-24be-4c44-b3dd-b32c04a83481}c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe] => (allow) c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe
firewallrules: [udp query user{21320bd9-0160-45cf-a010-c3f7a8f2cd16}c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe] => (allow) c:\users\tim\appdata\local\temp\electronicarts_patcher_000.exe
firewallrules: [tcp query user{6a15a47d-9fa3-4116-9a37-add76e5ed1c8}c:\sierra\ee-zde\ee-aoc.exe] => (allow) c:\sierra\ee-zde\ee-aoc.exe
firewallrules: [udp query user{962c1b9d-512e-49a8-9380-5a0d99ad81d2}c:\sierra\ee-zde\ee-aoc.exe] => (allow) c:\sierra\ee-zde\ee-aoc.exe
firewallrules: [{8adfa03b-d0a6-4c29-99b2-6334abafb4aa}] => (allow) c:\program files (x86)\origin games\command and conquer red alert 3\ra3launcher.exe
firewallrules: [{54061174-aab4-4849-8284-77a905ec0545}] => (allow) c:\program files (x86)\origin games\command and conquer red alert 3\ra3launcher.exe
firewallrules: [{39ddb74f-be4f-46b8-a06a-cbfca33d8a7c}] => (allow) c:\program files (x86)\origin games\command and conquer generals zero hour\generals.exe
firewallrules: [{badf87b6-6138-431f-9595-496f68431c23}] => (allow) c:\program files (x86)\origin games\command and conquer generals zero hour\generals.exe
firewallrules: [{9401c300-852b-41df-9b3f-7d35bbf3218b}] => (allow) c:\program files (x86)\origin games\command and conquer the ultimate collection additional content\launcher.exe
firewallrules: [{6eeacca2-a831-4613-92dd-250c14e38caf}] => (allow) c:\program files (x86)\origin games\command and conquer the ultimate collection additional content\launcher.exe
firewallrules: [{22c8a69b-ddaf-4c4b-b952-20a06c77e7ed}] => (allow) c:\program files (x86)\origin games\cnc and the covert operations\cnc95launcher.exe
firewallrules: [{949aabc7-6c1c-464c-a75f-d6c62f31156f}] => (allow) c:\program files (x86)\origin games\cnc and the covert operations\cnc95launcher.exe
firewallrules: [{2fad198f-e49e-4fd7-8c0f-08db2f8e2127}] => (allow) c:\program files (x86)\origin games\renegade\renegadelauncher.exe
firewallrules: [{0ec7f6e5-b891-4aa1-a2c0-f1e5cfeddd28}] => (allow) c:\program files (x86)\origin games\renegade\renegadelauncher.exe
firewallrules: [{9542b3d3-b0c8-40a3-8f6e-fa01ebdb7121}] => (allow) c:\program files (x86)\origin games\command and conquer red alert\ra95launcher.exe
firewallrules: [{bae02649-ce40-4b0e-af98-7b43dfc15a74}] => (allow) c:\program files (x86)\origin games\command and conquer red alert\ra95launcher.exe
firewallrules: [{1b220b61-dd7e-4bc5-8314-fe3ebe6a50aa}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{5b1aaca3-dead-49a4-ae1f-4897b44a36b3}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{a4d71bd9-4a5f-4d1b-b878-a1a9dcfe6f1d}] => (allow) c:\program files (x86)\origin games\command and conquer tiberian sun\tslauncher.exe
firewallrules: [{c20ef644-ae05-4979-8f0f-52a65833cbc4}] => (allow) c:\program files (x86)\origin games\command and conquer tiberian sun\tslauncher.exe
firewallrules: [{8bd01ce9-d9ab-4011-b1cd-87833c1110ec}] => (allow) c:\program files (x86)\origin games\command and conquer 3\cnc3launcher.exe
firewallrules: [{f5d021be-507f-4d97-9e4f-f89249aa9404}] => (allow) c:\program files (x86)\origin games\command and conquer 3\cnc3launcher.exe
firewallrules: [{7aedd126-0fa4-4234-a5ab-128350ca4919}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe
firewallrules: [{a0483b24-2413-4297-9fac-95b751f01a5e}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe
firewallrules: [{7d363b00-50e2-4291-a1b5-7b8fdc0d8dcb}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hposid01.exe
firewallrules: [{a7266062-78ab-46bb-9e5a-568d67a2dab2}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe
firewallrules: [{742554f6-b53e-4ad1-a9c2-2778a1fd2450}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe
firewallrules: [{4638f46d-7219-443a-bea1-3855417e8d37}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe
firewallrules: [{2d5e5670-f7ed-46aa-beb9-74e113bfbbed}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe
firewallrules: [{a0dd209f-1ab7-4889-8768-0903b85a7555}] => (allow) c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe
firewallrules: [{73c515ab-01b5-4691-a6e0-1009b0c73362}] => (allow) c:\program files (x86)\hp\hp software update\hpwucli.exe
firewallrules: [{2f067bec-a02b-498c-bbbe-ed3cdf480687}] => (allow) c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe
firewallrules: [{2a317d99-a40b-4eb5-aeb1-77c155d8b96d}] => (allow) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\cnc4.exe
firewallrules: [{a518821c-536a-4587-9c26-477a0c07e8c5}] => (allow) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\cnc4.exe
firewallrules: [tcp query user{ff5639b8-aac6-4d46-8dc4-855a6482787d}c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (block) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
firewallrules: [udp query user{8fc6a088-0323-44cd-99f6-8ed716b3cc13}c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (block) c:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game
firewallrules: [{f9ce33e9-cc12-45c6-97b5-240bb5635749}] => (allow) c:\program files (x86)\origin games\battlefield 3\bf3.exe
firewallrules: [{355855b1-a131-41a2-b1bf-1023cb645dfa}] => (allow) c:\program files (x86)\origin games\battlefield 3\bf3.exe
firewallrules: [{0edd78e9-8710-4d81-b52b-da77b8230dbe}] => (allow) c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
firewallrules: [{8bf43e1a-90d9-4e9f-b51f-9c4dccb44a58}] => (allow) c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
firewallrules: [{df010dc7-4c4d-477f-8f3c-2dfd79749bdb}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe
firewallrules: [{4b030603-6fd2-4541-a020-41ae200b76ad}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe
firewallrules: [{6a102388-49fe-4d0c-8b26-c9e2c457f6c2}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe
firewallrules: [{08cc1427-a878-49a0-9bba-abe55e39f3fe}] => (allow) c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe
firewallrules: [{2a30b544-8d34-40b2-b75c-41bd45cccdee}] => (allow) c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe
firewallrules: [{5da24c54-a020-4646-8093-a87d4b8cffea}] => (allow) c:\program files (x86)\steam\steamapps\common\total war shogun 2\shogun2.exe
firewallrules: [{1badc6de-c2d4-4c6b-a9d2-cec128e72cde}] => (allow) c:\program files (x86)\steam\bin\steamwebhelper.exe
firewallrules: [{a3a54767-b012-4a87-bd6e-94c3918299cc}] => (allow) c:\program files (x86)\steam\bin\steamwebhelper.exe
firewallrules: [{947f9a42-f0ba-4e82-9c6a-52060f02b0f9}] => (allow) c:\program files (x86)\steam\steamapps\common\edna & harvey the breakout\edna.exe
firewallrules: [{d29fc276-658e-42d0-9dfa-4f05e42344dd}] => (allow) c:\program files (x86)\steam\steamapps\common\edna & harvey the breakout\edna.exe
firewallrules: [tcp query user{a8ec35c3-a773-4b54-9915-299aa6988c40}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [udp query user{0ebfea20-0535-4716-952e-1cb932ece926}c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (block) c:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
firewallrules: [{034bc70f-3484-4e63-ab6d-3a60c3861461}] => (allow) c:\program files (x86)\itunes\itunes.exe
firewallrules: [{374aebfa-34a4-4652-bd73-8523259957ce}] => (allow) c:\program files (x86)\mozilla firefox\firefox.exe
firewallrules: [{16bf8091-510d-4e20-be18-cf2db1608989}] => (allow) c:\program files (x86)\mozilla firefox\firefox.exe
firewallrules: [tcp query user{2f06d9b1-8093-4a12-bd36-328d172f3278}c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (allow) c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
firewallrules: [udp query user{7a8c8a3d-a674-41ad-bc10-72389b07fb1b}c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (allow) c:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe
firewallrules: [{1a1af9a3-a88a-4c32-9fbf-c8b65aa42966}] => (allow) c:\program files\avast software\avast\ng\vbox\aswfe.exe
firewallrules: [{23e2f8b8-099f-4c7d-8323-e44d6a99d5ec}] => (allow) c:\program files\avast software\avast\ng\vbox\aswfe.exe
firewallrules: [{f0ad814f-01ae-4856-9ec0-af4a22f47789}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{d82bab71-3118-4377-abf6-8691596812f8}] => (allow) c:\program files (x86)\steam\steamapps\common\total war rome ii\launcher\launcher.exe
firewallrules: [{03f0868d-874a-47b7-9cdd-77d30749859f}] => (allow) c:\program files (x86)\google\chrome\application\chrome.exe
==================== fehlerhafte geräte im gerätemanager =============
==================== fehlereinträge in der ereignisanzeige: =========================
applikationsfehler:
==================
error: (07/29/2015 06:08:39 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
(stream product id=0x0066): Streaming failed
error: (07/29/2015 06:08:08 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
Too many failures while downloading ranges: 2
error: (07/29/2015 06:06:57 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003
error: (07/29/2015 06:06:31 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
--- ende der internen ausnahmestapelüberwachung ---
bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration. Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
bei remoteserverservice.memeobackgroundservice.onstart(string[] args)
error: (07/29/2015 12:43:58 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
(stream product id=0x0066): Streaming failed
error: (07/29/2015 12:43:27 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Nur zur information.
Too many failures while downloading ranges: 2
error: (07/29/2015 12:42:38 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003
error: (07/29/2015 12:41:46 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
--- ende der internen ausnahmestapelüberwachung ---
bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration. Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
bei remoteserverservice.memeobackgroundservice.onstart(string[] args)
error: (07/29/2015 04:33:51 am) (source: Nvstreamsvc) (eventid: 2001) (user: )
description: An error has occurred (nvstreamuseragent restarted too many times in a short period. Aborting. [0]).
Error: (07/28/2015 11:50:42 pm) (source: Application hang) (eventid: 1002) (user: )
description: Programm kingdoms.exe, version 1.3.0.0 kann nicht mehr unter windows ausgeführt werden und wurde beendet. überprüfen sie den problemverlauf in der wartungscenter-systemsteuerung, um nach weiteren informationen zum problem zu suchen.
Prozess-id: 1dac
startzeit: 01d0c975a402d8c3
endzeit: 3246
anwendungspfad: C:\program files (x86)\sega\medieval ii total war\kingdoms.exe
berichts-id:
Systemfehler:
=============
error: (07/29/2015 06:11:40 pm) (source: Service control manager) (eventid: 7022) (user: )
description: Der dienst "windows search" wurde nicht richtig gestartet.
Error: (07/29/2015 12:47:06 pm) (source: Service control manager) (eventid: 7022) (user: )
description: Der dienst "windows search" wurde nicht richtig gestartet.
Error: (07/28/2015 02:44:03 am) (source: Service control manager) (eventid: 7009) (user: )
description: Das zeitlimit (30000 ms) wurde beim verbindungsversuch mit dem dienst windows-fehlerberichterstattungsdienst erreicht.
Error: (07/26/2015 12:12:22 am) (source: Service control manager) (eventid: 7000) (user: )
description: Der dienst "steam client service" wurde aufgrund folgenden fehlers nicht gestartet:
%%1053
error: (07/26/2015 12:12:22 am) (source: Service control manager) (eventid: 7009) (user: )
description: Das zeitlimit (30000 ms) wurde beim verbindungsversuch mit dem dienst steam client service erreicht.
Error: (07/23/2015 04:40:55 pm) (source: Schannel) (eventid: 4119) (user: Nt-autorität)
description: Es wurde eine schwerwiegende warnung empfangen: 40.
Error: (07/23/2015 04:40:55 pm) (source: Schannel) (eventid: 4119) (user: Nt-autorität)
description: Es wurde eine schwerwiegende warnung empfangen: 40.
Error: (07/23/2015 04:24:57 pm) (source: Service control manager) (eventid: 7000) (user: )
description: Der dienst "hp network devices support" wurde aufgrund folgenden fehlers nicht gestartet:
%%1053
error: (07/23/2015 04:24:57 pm) (source: Service control manager) (eventid: 7009) (user: )
description: Das zeitlimit (30000 ms) wurde beim verbindungsversuch mit dem dienst hp network devices support erreicht.
Error: (07/23/2015 04:24:57 pm) (source: Dcom) (eventid: 10005) (user: )
description: 1053hpslpsvc{10da4f3c-cc99-4190-be4d-58330754e882}
microsoft office:
=========================
error: (07/29/2015 06:08:39 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: (stream product id=0x0066): Streaming failed
error: (07/29/2015 06:08:08 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Too many failures while downloading ranges: 2
error: (07/29/2015 06:06:57 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003
error: (07/29/2015 06:06:31 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
--- ende der internen ausnahmestapelüberwachung ---
bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration. Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
bei remoteserverservice.memeobackgroundservice.onstart(string[] args)
error: (07/29/2015 12:43:58 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: (stream product id=0x0066): Streaming failed
error: (07/29/2015 12:43:27 pm) (source: Cvhsvc) (eventid: 100) (user: )
description: Too many failures while downloading ranges: 2
error: (07/29/2015 12:42:38 pm) (source: Winmgmt) (eventid: 10) (user: )
description: //./root/cimv2select * from __instancemodificationevent within 60 where targetinstance isa "win32_processor" and targetinstance.loadpercentage > 990x80041003
error: (07/29/2015 12:41:46 pm) (source: Memeobackgroundservice) (eventid: 0) (user: )
description: Problem starting memeo background service :ausnahmefehler "system.reflection.targetinvocationexception: Ein aufrufziel hat einen ausnahmefehler verursacht. ---> system.security.principal.identitynotmappedexception: Manche oder alle identitätsverweise konnten nicht übersetzt werden.
Bei system.runtime.remoting.channels.ipc.ipcserverchannel.startlistening(object data)
bei system.runtime.remoting.channels.ipc.ipcserverchannel..ctor(idictionary properties, iserverchannelsinkprovider sinkprovider, commonsecuritydescriptor securitydescriptor)
bei system.runtime.remoting.channels.ipc.ipcchannel..ctor(idictionary properties, iclientchannelsinkprovider clientsinkprovider, iserverchannelsinkprovider serversinkprovider)
--- ende der internen ausnahmestapelüberwachung ---
bei system.runtimemethodhandle._invokeconstructor(object[] args, signaturestruct& signature, intptr declaringtype)
bei system.reflection.runtimeconstructorinfo.invoke(bindingflags invokeattr, binder binder, object[] parameters, cultureinfo culture)
bei system.runtimetype.createinstanceimpl(bindingflags bindingattr, binder binder, object[] args, cultureinfo culture, object[] activationattributes)
bei system.runtime.remoting.remotingconfighandler.createchannelfromconfigentry(channelentry entry)
bei system.runtime.remoting.remotingconfighandler.configurechannels(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)" bei der remotekonfiguration. Bei system.runtime.remoting.remotingconfighandler.configureremoting(remotingxmlconfigfiledata configdata, boolean ensuresecurity)
bei system.runtime.remoting.remotingconfiguration.configure(string filename, boolean ensuresecurity)
bei remoteserverservice.memeobackgroundservice.onstart(string[] args)
error: (07/29/2015 04:33:51 am) (source: Nvstreamsvc) (eventid: 2001) (user: )
description: Nvstreamsvcnvstreamuseragent restarted too many times in a short period. Aborting. [0]
error: (07/28/2015 11:50:42 pm) (source: Application hang) (eventid: 1002) (user: )
description: Kingdoms.exe1.3.0.01dac01d0c975a402d8c33246c:\program files (x86)\sega\medieval ii total war\kingdoms.exe
==================== speicherinformationen ===========================
processor: Intel(r) core(tm) i5-2320 cpu @ 3.00ghz
percentage of memory in use: 52%
total physical ram: 4077.64 mb
available physical ram: 1917.68 mb
total virtual: 8168.49 mb
available virtual: 3484.08 mb
==================== drives ================================
drive c: (boot) (fixed) (total:1811.92 gb) (free:1187.55 gb) ntfs
drive d: (recover) (fixed) (total:50 gb) (free:0 gb) ntfs
drive e: (med2_gold_disk1) (cdrom) (total:6.42 gb) (free:0 gb) udf
==================== mbr & partition table ==================
========================================================
disk: 0 (size: 1863 gb) (disk id: B90c56b0)
partition 1: (active) - (size=100 mb) - (type=07 ntfs)
partition 2: (not active) - (size=1811.9 gb) - (type=07 ntfs)
partition 3: (not active) - (size=50 gb) - (type=07 ntfs)
partition 4: (not active) - (size=1 gb) - (type=12)
==================== ende von log ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 27.07.2015 Suchlaufzeit: 02:06 Protokolldatei: tim.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.26.06 Rootkit-Datenbank: v2015.07.22.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Tim Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 442109 Abgelaufene Zeit: 32 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end)  |
|
30.07.2015, 05:22
| #3 |
| /// the machine /// TB-Ausbilder    | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
30.07.2015, 12:17
| #4 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Das kam am Anfang, ich habe auf Nein geklickt.  Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.30.02
rootkit: v2015.07.29.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17914
Tim :: TIM-PC [administrator]
30.07.2015 12:30:49
mbar-log-2015-07-30 (12-30-49).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 444200
Time elapsed: 36 minute(s), 35 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 13:10:57.0555 0x0660 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:11:09.0361 0x0660 ============================================================
13:11:09.0361 0x0660 Current date / time: 2015/07/30 13:11:09.0361
13:11:09.0361 0x0660 SystemInfo:
13:11:09.0362 0x0660
13:11:09.0362 0x0660 OS Version: 6.1.7601 ServicePack: 1.0
13:11:09.0362 0x0660 Product type: Workstation
13:11:09.0362 0x0660 ComputerName: TIM-PC
13:11:09.0362 0x0660 UserName: Tim
13:11:09.0362 0x0660 Windows directory: C:\Windows
13:11:09.0362 0x0660 System windows directory: C:\Windows
13:11:09.0362 0x0660 Running under WOW64
13:11:09.0362 0x0660 Processor architecture: Intel x64
13:11:09.0362 0x0660 Number of processors: 4
13:11:09.0362 0x0660 Page size: 0x1000
13:11:09.0362 0x0660 Boot type: Normal boot
13:11:09.0362 0x0660 ============================================================
13:11:09.0884 0x0660 KLMD registered as C:\Windows\system32\drivers\79900316.sys
13:11:11.0507 0x0660 System UUID: {52D498D7-1D30-193D-DDD4-60F62BFAA7CD}
13:11:12.0916 0x0660 Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:11:12.0932 0x0660 ============================================================
13:11:12.0932 0x0660 \Device\Harddisk0\DR0:
13:11:12.0932 0x0660 MBR partitions:
13:11:12.0932 0x0660 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:11:12.0932 0x0660 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE27D5800
13:11:12.0932 0x0660 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xE2808000, BlocksNum 0x6400000
13:11:12.0932 0x0660 ============================================================
13:11:13.0030 0x0660 C: <-> \Device\Harddisk0\DR0\Partition2
13:11:13.0231 0x0660 D: <-> \Device\Harddisk0\DR0\Partition3
13:11:13.0231 0x0660 ============================================================
13:11:13.0231 0x0660 Initialize success
13:11:13.0231 0x0660 ============================================================
13:11:46.0122 0x02d4 ============================================================
13:11:46.0122 0x02d4 Scan started
13:11:46.0122 0x02d4 Mode: Manual; SigCheck; TDLFS;
13:11:46.0122 0x02d4 ============================================================
13:11:46.0122 0x02d4 KSN ping started
13:11:59.0869 0x02d4 KSN ping finished: true
13:12:00.0939 0x02d4 ================ Scan system memory ========================
13:12:00.0939 0x02d4 System memory - ok
13:12:00.0940 0x02d4 ================ Scan services =============================
13:12:01.0296 0x02d4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:12:01.0454 0x02d4 1394ohci - ok
13:12:01.0608 0x02d4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:12:01.0653 0x02d4 ACPI - ok
13:12:01.0698 0x02d4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:12:01.0750 0x02d4 AcpiPmi - ok
13:12:01.0920 0x02d4 [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:12:01.0938 0x02d4 AdobeARMservice - ok
13:12:02.0123 0x02d4 [ 9B3355B29942AF67F014EA90CE1EA960, FBB155F72984045BCD99CC2059B9EDAABD3A52104C3864A290D8A355991F94D3 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:12:02.0149 0x02d4 AdobeFlashPlayerUpdateSvc - ok
13:12:02.0266 0x02d4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
13:12:02.0297 0x02d4 adp94xx - ok
13:12:02.0377 0x02d4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
13:12:02.0407 0x02d4 adpahci - ok
13:12:02.0467 0x02d4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
13:12:02.0481 0x02d4 adpu320 - ok
13:12:02.0514 0x02d4 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:12:02.0558 0x02d4 AeLookupSvc - ok
13:12:02.0613 0x02d4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
13:12:02.0669 0x02d4 AFD - ok
13:12:02.0712 0x02d4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:12:02.0724 0x02d4 agp440 - ok
13:12:02.0752 0x02d4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:12:02.0805 0x02d4 ALG - ok
13:12:02.0846 0x02d4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:12:02.0862 0x02d4 aliide - ok
13:12:02.0903 0x02d4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:12:02.0916 0x02d4 amdide - ok
13:12:02.0958 0x02d4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
13:12:02.0996 0x02d4 AmdK8 - ok
13:12:03.0031 0x02d4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
13:12:03.0064 0x02d4 AmdPPM - ok
13:12:03.0090 0x02d4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:12:03.0105 0x02d4 amdsata - ok
13:12:03.0134 0x02d4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
13:12:03.0153 0x02d4 amdsbs - ok
13:12:03.0179 0x02d4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:12:03.0189 0x02d4 amdxata - ok
13:12:03.0251 0x02d4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
13:12:03.0290 0x02d4 AppID - ok
13:12:03.0332 0x02d4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:12:03.0351 0x02d4 AppIDSvc - ok
13:12:03.0422 0x02d4 [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo C:\Windows\System32\appinfo.dll
13:12:03.0488 0x02d4 Appinfo - ok
13:12:03.0556 0x02d4 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:12:03.0572 0x02d4 Apple Mobile Device - ok
13:12:03.0601 0x02d4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
13:12:03.0620 0x02d4 arc - ok
13:12:03.0655 0x02d4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
13:12:03.0674 0x02d4 arcsas - ok
13:12:03.0763 0x02d4 [ D6D2BB2F4F5868549DDE75F3146BC84E, FE2965649FF62696D30A4A7C377064EA2A27F03511DAF781913AA055A5FED323 ] asmthub3 C:\Windows\system32\drivers\asmthub3.sys
13:12:03.0825 0x02d4 asmthub3 - ok
13:12:03.0896 0x02d4 [ 1E758172367DC2A3653F16586D62A3F0, 5395781F2B71CD9050F6CF75779D661F98E816A263ABA51153D14E21B73D4BC4 ] asmtxhci C:\Windows\system32\drivers\asmtxhci.sys
13:12:03.0969 0x02d4 asmtxhci - ok
13:12:04.0086 0x02d4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:12:04.0117 0x02d4 aspnet_state - ok
13:12:04.0180 0x02d4 [ AA0B7720D0CB89DCC3363E5DBDF3EBB6, A00E47DD5D32A3D9652B8C11899D455EA239DA33222AA80F3743BCF8BBC7BE5A ] aswHwid C:\Windows\system32\drivers\aswHwid.sys
13:12:04.0191 0x02d4 aswHwid - ok
13:12:04.0214 0x02d4 [ 3B154DDD747CBAC31E33B276800736B0, AAE2C0F62F510C7183BAEAF762290F8431DCCC8618F80EDC9B6028720F0C1C47 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
13:12:04.0225 0x02d4 aswMonFlt - ok
13:12:04.0229 0x02d4 [ CF1BFE4B95F0626C10E96A48B9B8EAC6, 99897F005A0AD3DF7AEEAD63C662C6FC4B3BDCA47B6641AD5D12AFD2406282F1 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys
13:12:04.0240 0x02d4 aswRdr - ok
13:12:04.0309 0x02d4 [ 67C5C6F9DE8F6B43372EDADEBAD85E67, 4FA16109494681BEF9F84574CF3407BB001A1757CA2CE036B8EAC969AB9D428B ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
13:12:04.0332 0x02d4 aswRvrt - ok
13:12:04.0413 0x02d4 [ BE3D7AC282909F1352742F98DA2C9D18, 15C4A3240CD37531A6A6D406E34B4AAE93DD0FA449D3F37237ECFCB01D2F3BE8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
13:12:04.0474 0x02d4 aswSnx - ok
13:12:04.0593 0x02d4 [ 2EF2CB17A9C46AE16276A15EF2F3AF74, 7D9CB982ED06BCBCA4A714CB723E54E8DCCCA35D5D11E9E32F5D7CFE99DCA62F ] aswSP C:\Windows\system32\drivers\aswSP.sys
13:12:04.0624 0x02d4 aswSP - ok
13:12:04.0711 0x02d4 [ D4408FE64734D8DA69AB699D8A4AEF0D, F0D04D468DD3CD1F664A5FF5043A4308B539F5465C43DA0994D4D8F84753B831 ] aswStm C:\Windows\system32\drivers\aswStm.sys
13:12:04.0734 0x02d4 aswStm - ok
13:12:04.0790 0x02d4 [ 8DF6664681FF5ADDBEB0D749B85B6544, BCC2359E9A3F92499EDFD22B497048F6EA51C769D2DC70A5AD821C5AB681844C ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
13:12:04.0814 0x02d4 aswVmm - ok
13:12:04.0842 0x02d4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:12:04.0963 0x02d4 AsyncMac - ok
13:12:05.0039 0x02d4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:12:05.0056 0x02d4 atapi - ok
13:12:05.0171 0x02d4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:12:05.0236 0x02d4 AudioEndpointBuilder - ok
13:12:05.0262 0x02d4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:12:05.0288 0x02d4 AudioSrv - ok
13:12:05.0469 0x02d4 [ 210A326658D72D7F2EE2267F3D9C44D4, 25BC620209B5F4BCF5C3F323290E41255F68660F3DFF901FA5A78423A7293D73 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:12:05.0493 0x02d4 avast! Antivirus - ok
13:12:05.0691 0x02d4 [ 986B03BCC7679B181EC540249956B080, 35FD1229DD016B0837A2879E685A830034DD36D5F52ECBAFA358299DCB126989 ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
13:12:05.0776 0x02d4 AvastVBoxSvc - ok
13:12:05.0868 0x02d4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:12:05.0950 0x02d4 AxInstSV - ok
13:12:06.0004 0x02d4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
13:12:06.0068 0x02d4 b06bdrv - ok
13:12:06.0149 0x02d4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:12:06.0211 0x02d4 b57nd60a - ok
13:12:06.0260 0x02d4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:12:06.0335 0x02d4 BDESVC - ok
13:12:06.0383 0x02d4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:12:06.0462 0x02d4 Beep - ok
13:12:06.0687 0x02d4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:12:06.0777 0x02d4 BFE - ok
13:12:06.0824 0x02d4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:12:06.0954 0x02d4 BITS - ok
13:12:06.0986 0x02d4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
13:12:07.0000 0x02d4 blbdrive - ok
13:12:07.0032 0x02d4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:12:07.0065 0x02d4 bowser - ok
13:12:07.0078 0x02d4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
13:12:07.0114 0x02d4 BrFiltLo - ok
13:12:07.0123 0x02d4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
13:12:07.0170 0x02d4 BrFiltUp - ok
13:12:07.0264 0x02d4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:12:07.0295 0x02d4 Browser - ok
13:12:07.0373 0x02d4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:12:07.0404 0x02d4 Brserid - ok
13:12:07.0420 0x02d4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:12:07.0451 0x02d4 BrSerWdm - ok
13:12:07.0467 0x02d4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:12:07.0498 0x02d4 BrUsbMdm - ok
13:12:07.0545 0x02d4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:12:07.0576 0x02d4 BrUsbSer - ok
13:12:07.0638 0x02d4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
13:12:07.0685 0x02d4 BTHMODEM - ok
13:12:07.0763 0x02d4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:12:07.0825 0x02d4 bthserv - ok
13:12:07.0935 0x02d4 [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
13:12:07.0981 0x02d4 c2cautoupdatesvc - ok
13:12:08.0106 0x02d4 [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
13:12:08.0215 0x02d4 c2cpnrsvc - ok
13:12:08.0278 0x02d4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:12:08.0325 0x02d4 cdfs - ok
13:12:08.0387 0x02d4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:12:08.0434 0x02d4 cdrom - ok
13:12:08.0481 0x02d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:12:08.0527 0x02d4 CertPropSvc - ok
13:12:08.0605 0x02d4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
13:12:08.0652 0x02d4 circlass - ok
13:12:08.0699 0x02d4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
13:12:08.0730 0x02d4 CLFS - ok
13:12:08.0824 0x02d4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:12:08.0839 0x02d4 clr_optimization_v2.0.50727_32 - ok
13:12:09.0027 0x02d4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:12:09.0058 0x02d4 clr_optimization_v2.0.50727_64 - ok
13:12:09.0151 0x02d4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:12:09.0167 0x02d4 clr_optimization_v4.0.30319_32 - ok
13:12:09.0183 0x02d4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:12:09.0214 0x02d4 clr_optimization_v4.0.30319_64 - ok
13:12:09.0261 0x02d4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
13:12:09.0307 0x02d4 CmBatt - ok
13:12:09.0339 0x02d4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:12:09.0354 0x02d4 cmdide - ok
13:12:09.0479 0x02d4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
13:12:09.0541 0x02d4 CNG - ok
13:12:09.0557 0x02d4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
13:12:09.0573 0x02d4 Compbatt - ok
13:12:09.0619 0x02d4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:12:09.0651 0x02d4 CompositeBus - ok
13:12:09.0666 0x02d4 COMSysApp - ok
13:12:09.0682 0x02d4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
13:12:09.0697 0x02d4 crcdisk - ok
13:12:09.0744 0x02d4 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:12:09.0807 0x02d4 CryptSvc - ok
13:12:09.0916 0x02d4 [ B4D1D62A09F09CB2DFD55628350CDAFB, 7DD3CE77D88B5AFAC4B6187F4CA6D50B7BD3398207163B2A1E4C76467801FF28 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
13:12:09.0963 0x02d4 cvhsvc - ok
13:12:10.0025 0x02d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:12:10.0103 0x02d4 DcomLaunch - ok
13:12:10.0259 0x02d4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:12:10.0337 0x02d4 defragsvc - ok
13:12:10.0400 0x02d4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:12:10.0462 0x02d4 DfsC - ok
13:12:10.0524 0x02d4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:12:10.0556 0x02d4 Dhcp - ok
13:12:10.0680 0x02d4 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
13:12:10.0790 0x02d4 DiagTrack - ok
13:12:10.0821 0x02d4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:12:10.0883 0x02d4 discache - ok
13:12:10.0977 0x02d4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
13:12:11.0008 0x02d4 Disk - ok
13:12:11.0024 0x02d4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:12:11.0070 0x02d4 Dnscache - ok
13:12:11.0102 0x02d4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:12:11.0148 0x02d4 dot3svc - ok
13:12:11.0195 0x02d4 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
13:12:11.0273 0x02d4 Dot4 - ok
13:12:11.0304 0x02d4 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
13:12:11.0351 0x02d4 Dot4Print - ok
13:12:11.0398 0x02d4 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
13:12:11.0445 0x02d4 dot4usb - ok
13:12:11.0507 0x02d4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:12:11.0570 0x02d4 DPS - ok
13:12:11.0648 0x02d4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:12:11.0710 0x02d4 drmkaud - ok
13:12:11.0850 0x02d4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:12:11.0897 0x02d4 DXGKrnl - ok
13:12:11.0975 0x02d4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:12:12.0053 0x02d4 EapHost - ok
13:12:12.0178 0x02d4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
13:12:12.0318 0x02d4 ebdrv - ok
13:12:12.0350 0x02d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS C:\Windows\System32\lsass.exe
13:12:12.0396 0x02d4 EFS - ok
13:12:12.0474 0x02d4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:12:12.0521 0x02d4 ehRecvr - ok
13:12:12.0537 0x02d4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:12:12.0568 0x02d4 ehSched - ok
13:12:12.0615 0x02d4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
13:12:12.0630 0x02d4 elxstor - ok
13:12:12.0662 0x02d4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:12:12.0693 0x02d4 ErrDev - ok
13:12:12.0755 0x02d4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:12:12.0802 0x02d4 EventSystem - ok
13:12:12.0849 0x02d4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:12:12.0911 0x02d4 exfat - ok
13:12:12.0974 0x02d4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:12:13.0052 0x02d4 fastfat - ok
13:12:13.0130 0x02d4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:12:13.0176 0x02d4 Fax - ok
13:12:13.0192 0x02d4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
13:12:13.0223 0x02d4 fdc - ok
13:12:13.0254 0x02d4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:12:13.0286 0x02d4 fdPHost - ok
13:12:13.0332 0x02d4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:12:13.0379 0x02d4 FDResPub - ok
13:12:13.0410 0x02d4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:12:13.0426 0x02d4 FileInfo - ok
13:12:13.0457 0x02d4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:12:13.0535 0x02d4 Filetrace - ok
13:12:13.0566 0x02d4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
13:12:13.0582 0x02d4 flpydisk - ok
13:12:13.0629 0x02d4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:12:13.0660 0x02d4 FltMgr - ok
13:12:13.0754 0x02d4 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
13:12:13.0832 0x02d4 FontCache - ok
13:12:13.0894 0x02d4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:12:13.0910 0x02d4 FontCache3.0.0.0 - ok
13:12:13.0925 0x02d4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:12:13.0941 0x02d4 FsDepends - ok
13:12:14.0003 0x02d4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:12:14.0034 0x02d4 Fs_Rec - ok
13:12:14.0097 0x02d4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:12:14.0128 0x02d4 fvevol - ok
13:12:14.0175 0x02d4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
13:12:14.0190 0x02d4 gagp30kx - ok
13:12:14.0222 0x02d4 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:12:14.0237 0x02d4 GEARAspiWDM - ok
13:12:14.0409 0x02d4 [ 55FC14B287C6FF306C32B42628CE0D8C, F22D7BA248D616A76AFAC5DA21A419FF13BC4346F402685F6FC6671B04528110 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
13:12:14.0440 0x02d4 GfExperienceService - ok
13:12:14.0596 0x02d4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:12:14.0674 0x02d4 gpsvc - ok
13:12:14.0783 0x02d4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:12:14.0799 0x02d4 gupdate - ok
13:12:14.0830 0x02d4 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:12:14.0846 0x02d4 gupdatem - ok
13:12:14.0877 0x02d4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:12:14.0939 0x02d4 hcw85cir - ok
13:12:14.0986 0x02d4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:12:15.0017 0x02d4 HdAudAddService - ok
13:12:15.0142 0x02d4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
13:12:15.0189 0x02d4 HDAudBus - ok
13:12:15.0220 0x02d4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
13:12:15.0267 0x02d4 HidBatt - ok
13:12:15.0282 0x02d4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
13:12:15.0314 0x02d4 HidBth - ok
13:12:15.0314 0x02d4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
13:12:15.0392 0x02d4 HidIr - ok
13:12:15.0454 0x02d4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:12:15.0516 0x02d4 hidserv - ok
13:12:15.0594 0x02d4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
13:12:15.0626 0x02d4 HidUsb - ok
13:12:15.0672 0x02d4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:12:15.0704 0x02d4 hkmsvc - ok
13:12:15.0797 0x02d4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:12:15.0875 0x02d4 HomeGroupListener - ok
13:12:15.0891 0x02d4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:12:15.0938 0x02d4 HomeGroupProvider - ok
13:12:16.0172 0x02d4 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:12:16.0218 0x02d4 hpqcxs08 - ok
13:12:16.0265 0x02d4 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:12:16.0296 0x02d4 hpqddsvc - ok
13:12:16.0328 0x02d4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:12:16.0343 0x02d4 HpSAMD - ok
13:12:16.0671 0x02d4 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Users\Tim\AppData\Local\Temp\7zS7CBE\hpslpsvc64.dll
13:12:16.0733 0x02d4 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
13:12:19.0198 0x02d4 Detect skipped due to KSN trusted
13:12:19.0198 0x02d4 HPSLPSVC - ok
13:12:19.0292 0x02d4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:12:19.0354 0x02d4 HTTP - ok
13:12:19.0385 0x02d4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:12:19.0385 0x02d4 hwpolicy - ok
13:12:19.0432 0x02d4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
13:12:19.0463 0x02d4 i8042prt - ok
13:12:19.0510 0x02d4 [ 2FDAEC4B02729C48C0FD1B0B4695995B, 87331D91FA3A23257B9913067B7B16D08710408070795B638058DBF728BBB288 ] iaStor C:\Windows\system32\drivers\iaStor.sys
13:12:19.0541 0x02d4 iaStor - ok
13:12:19.0604 0x02d4 [ D41861E56E7552C13674D7F147A02464, A361AE723FEEFD8D34D259F667ED14EEEC3B8ED6458522AC5D50C08E281B298B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:12:19.0619 0x02d4 IAStorDataMgrSvc - ok
13:12:19.0666 0x02d4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:12:19.0697 0x02d4 iaStorV - ok
13:12:19.0822 0x02d4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:12:19.0869 0x02d4 idsvc - ok
13:12:19.0916 0x02d4 IEEtwCollectorService - ok
13:12:20.0150 0x02d4 [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
13:12:20.0399 0x02d4 igfx - ok
13:12:20.0446 0x02d4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
13:12:20.0462 0x02d4 iirsp - ok
13:12:20.0540 0x02d4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:12:20.0633 0x02d4 IKEEXT - ok
13:12:20.0789 0x02d4 [ CB7DADEF3D83FE2C12655A0BDCBA99F2, AD55A578986F008ED01635D3BB26414D71F418640099BFA92D9CABAB6A88E01D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:12:20.0945 0x02d4 IntcAzAudAddService - ok
13:12:20.0976 0x02d4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:12:20.0992 0x02d4 intelide - ok
13:12:21.0008 0x02d4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:12:21.0054 0x02d4 intelppm - ok
13:12:21.0086 0x02d4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:12:21.0148 0x02d4 IPBusEnum - ok
13:12:21.0242 0x02d4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:12:21.0288 0x02d4 IpFilterDriver - ok
13:12:21.0351 0x02d4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:12:21.0429 0x02d4 iphlpsvc - ok
13:12:21.0444 0x02d4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:12:21.0476 0x02d4 IPMIDRV - ok
13:12:21.0491 0x02d4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:12:21.0600 0x02d4 IPNAT - ok
13:12:21.0710 0x02d4 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:12:21.0756 0x02d4 iPod Service - ok
13:12:21.0803 0x02d4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:12:21.0850 0x02d4 IRENUM - ok
13:12:21.0881 0x02d4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:12:21.0897 0x02d4 isapnp - ok
13:12:21.0944 0x02d4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:12:21.0959 0x02d4 iScsiPrt - ok
13:12:22.0006 0x02d4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
13:12:22.0022 0x02d4 kbdclass - ok
13:12:22.0037 0x02d4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
13:12:22.0053 0x02d4 kbdhid - ok
13:12:22.0115 0x02d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso C:\Windows\system32\lsass.exe
13:12:22.0146 0x02d4 KeyIso - ok
13:12:22.0193 0x02d4 [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:12:22.0209 0x02d4 KSecDD - ok
13:12:22.0240 0x02d4 [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:12:22.0271 0x02d4 KSecPkg - ok
13:12:22.0287 0x02d4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:12:22.0334 0x02d4 ksthunk - ok
13:12:22.0427 0x02d4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:12:22.0474 0x02d4 KtmRm - ok
13:12:22.0646 0x02d4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:12:22.0724 0x02d4 LanmanServer - ok
13:12:22.0755 0x02d4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:12:22.0802 0x02d4 LanmanWorkstation - ok
13:12:22.0848 0x02d4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:12:22.0880 0x02d4 lltdio - ok
13:12:22.0926 0x02d4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:12:22.0958 0x02d4 lltdsvc - ok
13:12:22.0973 0x02d4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:12:23.0051 0x02d4 lmhosts - ok
13:12:23.0160 0x02d4 [ 1584DEEAE5AA0E3FB045F3D0EAC585EA, 27DE800E2A609827D9D972F7B9D196870E5875F9A09FB0CC3EBBC593294D7BDD ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:12:23.0192 0x02d4 LMS - ok
13:12:23.0301 0x02d4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
13:12:23.0316 0x02d4 LSI_FC - ok
13:12:23.0363 0x02d4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
13:12:23.0379 0x02d4 LSI_SAS - ok
13:12:23.0504 0x02d4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
13:12:23.0519 0x02d4 LSI_SAS2 - ok
13:12:23.0566 0x02d4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
13:12:23.0582 0x02d4 LSI_SCSI - ok
13:12:23.0660 0x02d4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:12:23.0722 0x02d4 luafv - ok
13:12:23.0847 0x02d4 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
13:12:23.0862 0x02d4 MBAMProtector - ok
13:12:24.0050 0x02d4 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
13:12:24.0096 0x02d4 MBAMScheduler - ok
13:12:24.0190 0x02d4 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
13:12:24.0206 0x02d4 MBAMService - ok
13:12:24.0315 0x02d4 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\Windows\system32\drivers\MBAMSwissArmy.sys
13:12:24.0330 0x02d4 MBAMSwissArmy - ok
13:12:24.0346 0x02d4 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
13:12:24.0362 0x02d4 MBAMWebAccessControl - ok
13:12:24.0580 0x02d4 [ 61E27025735991FB61E2B5324357CEE5, 3D145E558625A33336DDE3A9B3A3214D6AC2EBF8E35C19E5CE755C1F97568C0F ] McComponentHostService C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe
13:12:24.0611 0x02d4 McComponentHostService - ok
13:12:24.0689 0x02d4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:12:24.0720 0x02d4 Mcx2Svc - ok
13:12:24.0752 0x02d4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
13:12:24.0767 0x02d4 megasas - ok
13:12:24.0814 0x02d4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
13:12:24.0845 0x02d4 MegaSR - ok
13:12:24.0876 0x02d4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
13:12:24.0908 0x02d4 MEIx64 - ok
13:12:24.0986 0x02d4 [ 8A43D23ACE2E8C95A2D87B6E9599DEDA, 18683A7CE5AF0A9C5D7E33EB99588AE55FC61103A8894F3F45E2101355966A71 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
13:12:25.0001 0x02d4 MemeoBackgroundService - ok
13:12:25.0001 0x02d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:12:25.0079 0x02d4 MMCSS - ok
13:12:25.0142 0x02d4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:12:25.0204 0x02d4 Modem - ok
13:12:25.0266 0x02d4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:12:25.0282 0x02d4 monitor - ok
13:12:25.0313 0x02d4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:12:25.0329 0x02d4 mouclass - ok
13:12:25.0422 0x02d4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:12:25.0469 0x02d4 mouhid - ok
13:12:25.0516 0x02d4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:12:25.0547 0x02d4 mountmgr - ok
13:12:25.0703 0x02d4 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:12:25.0719 0x02d4 MozillaMaintenance - ok
13:12:25.0750 0x02d4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:12:25.0766 0x02d4 mpio - ok
13:12:25.0781 0x02d4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:12:25.0812 0x02d4 mpsdrv - ok
13:12:25.0906 0x02d4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:12:26.0062 0x02d4 MpsSvc - ok
13:12:26.0093 0x02d4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:12:26.0124 0x02d4 MRxDAV - ok
13:12:26.0156 0x02d4 [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:12:26.0187 0x02d4 mrxsmb - ok
13:12:26.0249 0x02d4 [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:12:26.0312 0x02d4 mrxsmb10 - ok
13:12:26.0327 0x02d4 [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:12:26.0390 0x02d4 mrxsmb20 - ok
13:12:26.0468 0x02d4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:12:26.0483 0x02d4 msahci - ok
13:12:26.0514 0x02d4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:12:26.0530 0x02d4 msdsm - ok
13:12:26.0546 0x02d4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:12:26.0561 0x02d4 MSDTC - ok
13:12:26.0577 0x02d4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:12:26.0639 0x02d4 Msfs - ok
13:12:26.0764 0x02d4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:12:26.0842 0x02d4 mshidkmdf - ok
13:12:26.0858 0x02d4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:12:26.0858 0x02d4 msisadrv - ok
13:12:26.0920 0x02d4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:12:26.0967 0x02d4 MSiSCSI - ok
13:12:26.0967 0x02d4 msiserver - ok
13:12:27.0014 0x02d4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:12:27.0029 0x02d4 MSKSSRV - ok
13:12:27.0060 0x02d4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:12:27.0107 0x02d4 MSPCLOCK - ok
13:12:27.0138 0x02d4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:12:27.0154 0x02d4 MSPQM - ok
13:12:27.0216 0x02d4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:12:27.0263 0x02d4 MsRPC - ok
13:12:27.0279 0x02d4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:12:27.0294 0x02d4 mssmbios - ok
13:12:27.0310 0x02d4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:12:27.0357 0x02d4 MSTEE - ok
13:12:27.0372 0x02d4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
13:12:27.0388 0x02d4 MTConfig - ok
13:12:27.0388 0x02d4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:12:27.0404 0x02d4 Mup - ok
13:12:27.0450 0x02d4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:12:27.0513 0x02d4 napagent - ok
13:12:27.0560 0x02d4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:12:27.0591 0x02d4 NativeWifiP - ok
13:12:27.0716 0x02d4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:12:27.0762 0x02d4 NDIS - ok
13:12:27.0794 0x02d4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:12:27.0856 0x02d4 NdisCap - ok
13:12:27.0887 0x02d4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:12:27.0950 0x02d4 NdisTapi - ok
13:12:27.0996 0x02d4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:12:28.0028 0x02d4 Ndisuio - ok
13:12:28.0059 0x02d4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:12:28.0090 0x02d4 NdisWan - ok
13:12:28.0121 0x02d4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:12:28.0137 0x02d4 NDProxy - ok
13:12:28.0184 0x02d4 [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:12:28.0199 0x02d4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:12:30.0680 0x02d4 Detect skipped due to KSN trusted
13:12:30.0680 0x02d4 Net Driver HPZ12 - ok
13:12:30.0773 0x02d4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:12:30.0945 0x02d4 NetBIOS - ok
13:12:31.0007 0x02d4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:12:31.0101 0x02d4 NetBT - ok
13:12:31.0132 0x02d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon C:\Windows\system32\lsass.exe
13:12:31.0163 0x02d4 Netlogon - ok
13:12:31.0226 0x02d4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:12:31.0304 0x02d4 Netman - ok
13:12:31.0382 0x02d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0397 0x02d4 NetMsmqActivator - ok
13:12:31.0444 0x02d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0460 0x02d4 NetPipeActivator - ok
13:12:31.0491 0x02d4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:12:31.0538 0x02d4 netprofm - ok
13:12:31.0584 0x02d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0600 0x02d4 NetTcpActivator - ok
13:12:31.0600 0x02d4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:12:31.0616 0x02d4 NetTcpPortSharing - ok
13:12:31.0694 0x02d4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
13:12:31.0709 0x02d4 nfrd960 - ok
13:12:31.0756 0x02d4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
13:12:31.0818 0x02d4 NlaSvc - ok
13:12:31.0850 0x02d4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:12:31.0896 0x02d4 Npfs - ok
13:12:31.0928 0x02d4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:12:31.0974 0x02d4 nsi - ok
13:12:32.0021 0x02d4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:12:32.0068 0x02d4 nsiproxy - ok
13:12:32.0177 0x02d4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:12:32.0286 0x02d4 Ntfs - ok
13:12:32.0318 0x02d4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:12:32.0380 0x02d4 Null - ok
13:12:32.0442 0x02d4 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
13:12:32.0458 0x02d4 NVHDA - ok
13:12:32.0864 0x02d4 [ BF769EC1CC472FAD4C6EAEEB96ED857E, BBF8BA2B703BF4C36DFC7F69B4D8E477C8162BEC492C6C5D1A7751C19305ABE8 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:12:33.0300 0x02d4 nvlddmkm - ok
13:12:33.0534 0x02d4 [ DCAA93D28D6FC75A4D80AE410008BA90, 7EDB69747C95FB68A4DF1932CF45E078DE94364D7A37D83A29952977A41D1FD7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:12:33.0566 0x02d4 NvNetworkService - ok
13:12:33.0675 0x02d4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:12:33.0706 0x02d4 nvraid - ok
13:12:33.0722 0x02d4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:12:33.0737 0x02d4 nvstor - ok
13:12:33.0878 0x02d4 [ 9408391358F3B9FD0F59E27151383C51, 777A41DE1D8D71833369D1335A083BA8F197317CB62D0E65EFFCC9760D84F2AB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:12:33.0893 0x02d4 NvStreamKms - ok
13:12:33.0909 0x02d4 NvStreamSvc - ok
13:12:34.0002 0x02d4 [ 039ACFA07F59DB2109BB6A2C0FA2C0D9, E641179FCDB83BBFFADDDECD646F69D667F494BFC41FCE1F035EE78A944C6D5B ] nvsvc C:\Windows\system32\nvvsvc.exe
13:12:34.0049 0x02d4 nvsvc - ok
13:12:34.0127 0x02d4 [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:12:34.0143 0x02d4 nvvad_WaveExtensible - ok
13:12:34.0174 0x02d4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:12:34.0205 0x02d4 nv_agp - ok
13:12:34.0236 0x02d4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:12:34.0268 0x02d4 ohci1394 - ok
13:12:34.0424 0x02d4 [ EF8DA126239D08B7B4734256417AE702, 4BBA0577C20E851F5B30D0D0F19382AB32AF57EFF7AA5B394E0FF6358A7AB287 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
13:12:34.0548 0x02d4 Origin Client Service - ok
13:12:34.0626 0x02d4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:12:34.0642 0x02d4 ose - ok
13:12:34.0860 0x02d4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:12:35.0048 0x02d4 osppsvc - ok
13:12:35.0094 0x02d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:12:35.0157 0x02d4 p2pimsvc - ok
13:12:35.0188 0x02d4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:12:35.0266 0x02d4 p2psvc - ok
13:12:35.0297 0x02d4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
13:12:35.0344 0x02d4 Parport - ok
13:12:35.0391 0x02d4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:12:35.0406 0x02d4 partmgr - ok
13:12:35.0469 0x02d4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
13:12:35.0547 0x02d4 PcaSvc - ok
13:12:35.0578 0x02d4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:12:35.0594 0x02d4 pci - ok
13:12:35.0656 0x02d4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:12:35.0672 0x02d4 pciide - ok
13:12:35.0703 0x02d4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
13:12:35.0718 0x02d4 pcmcia - ok
13:12:35.0750 0x02d4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:12:35.0765 0x02d4 pcw - ok
13:12:35.0812 0x02d4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:12:35.0921 0x02d4 PEAUTH - ok
13:12:36.0030 0x02d4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:12:36.0062 0x02d4 PerfHost - ok
13:12:36.0155 0x02d4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:12:36.0249 0x02d4 pla - ok
13:12:36.0311 0x02d4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:12:36.0389 0x02d4 PlugPlay - ok
13:12:36.0436 0x02d4 [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:12:36.0467 0x02d4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
13:12:38.0916 0x02d4 Detect skipped due to KSN trusted
13:12:38.0916 0x02d4 Pml Driver HPZ12 - ok
13:12:38.0932 0x02d4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:12:38.0979 0x02d4 PNRPAutoReg - ok
13:12:39.0010 0x02d4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:12:39.0041 0x02d4 PNRPsvc - ok
13:12:39.0104 0x02d4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:12:39.0150 0x02d4 PolicyAgent - ok
13:12:39.0197 0x02d4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:12:39.0244 0x02d4 Power - ok
13:12:39.0291 0x02d4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:12:39.0353 0x02d4 PptpMiniport - ok
13:12:39.0384 0x02d4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
13:12:39.0416 0x02d4 Processor - ok
13:12:39.0447 0x02d4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
13:12:39.0478 0x02d4 ProfSvc - ok
13:12:39.0494 0x02d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
13:12:39.0509 0x02d4 ProtectedStorage - ok
13:12:39.0556 0x02d4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:12:39.0603 0x02d4 Psched - ok
13:12:39.0681 0x02d4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
13:12:39.0743 0x02d4 ql2300 - ok
13:12:39.0806 0x02d4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
13:12:39.0821 0x02d4 ql40xx - ok
13:12:39.0884 0x02d4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:12:39.0915 0x02d4 QWAVE - ok
13:12:39.0930 0x02d4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:12:39.0946 0x02d4 QWAVEdrv - ok
13:12:39.0962 0x02d4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:12:39.0993 0x02d4 RasAcd - ok
13:12:40.0071 0x02d4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:12:40.0133 0x02d4 RasAgileVpn - ok
13:12:40.0227 0x02d4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:12:40.0274 0x02d4 RasAuto - ok
13:12:40.0336 0x02d4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:12:40.0398 0x02d4 Rasl2tp - ok
13:12:40.0445 0x02d4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:12:40.0508 0x02d4 RasMan - ok
13:12:40.0586 0x02d4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:12:40.0632 0x02d4 RasPppoe - ok
13:12:40.0679 0x02d4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:12:40.0742 0x02d4 RasSstp - ok
13:12:40.0804 0x02d4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:12:40.0913 0x02d4 rdbss - ok
13:12:40.0913 0x02d4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
13:12:40.0944 0x02d4 rdpbus - ok
13:12:40.0960 0x02d4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:12:41.0007 0x02d4 RDPCDD - ok
13:12:41.0054 0x02d4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:12:41.0116 0x02d4 RDPENCDD - ok
13:12:41.0132 0x02d4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:12:41.0163 0x02d4 RDPREFMP - ok
13:12:41.0225 0x02d4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:12:41.0272 0x02d4 RDPWD - ok
13:12:41.0319 0x02d4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:12:41.0334 0x02d4 rdyboost - ok
13:12:41.0350 0x02d4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:12:41.0381 0x02d4 RemoteAccess - ok
13:12:41.0475 0x02d4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:12:41.0522 0x02d4 RemoteRegistry - ok
13:12:41.0522 0x02d4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:12:41.0553 0x02d4 RpcEptMapper - ok
13:12:41.0631 0x02d4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:12:41.0678 0x02d4 RpcLocator - ok
13:12:41.0709 0x02d4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:12:41.0756 0x02d4 RpcSs - ok
13:12:41.0818 0x02d4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:12:41.0865 0x02d4 rspndr - ok
13:12:42.0005 0x02d4 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
13:12:42.0052 0x02d4 RTL8167 - ok
13:12:42.0130 0x02d4 [ B3F36B4B3F192EA87DDC119F3A0B3E45, DE80502994ED9977AD64483385A0BC0C6060EA9E9C08645E72FBBCFE8B2358C7 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
13:12:42.0146 0x02d4 RTL8192su - ok
13:12:42.0161 0x02d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs C:\Windows\system32\lsass.exe
13:12:42.0177 0x02d4 SamSs - ok
13:12:42.0192 0x02d4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:12:42.0208 0x02d4 sbp2port - ok
13:12:42.0239 0x02d4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:12:42.0270 0x02d4 SCardSvr - ok
13:12:42.0286 0x02d4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:12:42.0317 0x02d4 scfilter - ok
13:12:42.0458 0x02d4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:12:42.0520 0x02d4 Schedule - ok
13:12:42.0598 0x02d4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:12:42.0645 0x02d4 SCPolicySvc - ok
13:12:42.0660 0x02d4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:12:42.0692 0x02d4 SDRSVC - ok
13:12:42.0785 0x02d4 [ 4A5809A1D796E2675AC0332BF7B0CB11, 7EEEC85A397F04A9460DC37A070D115E19114D9A3E5D9D7E8021F60A7986C8C1 ] SeaPort C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
13:12:42.0816 0x02d4 SeaPort - ok
13:12:42.0832 0x02d4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:12:42.0863 0x02d4 secdrv - ok
13:12:42.0894 0x02d4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:12:42.0941 0x02d4 seclogon - ok
13:12:43.0004 0x02d4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:12:43.0050 0x02d4 SENS - ok
13:12:43.0097 0x02d4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:12:43.0191 0x02d4 SensrSvc - ok
13:12:43.0191 0x02d4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
13:12:43.0238 0x02d4 Serenum - ok
13:12:43.0284 0x02d4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
13:12:43.0316 0x02d4 Serial - ok
13:12:43.0378 0x02d4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
13:12:43.0440 0x02d4 sermouse - ok
13:12:43.0456 0x02d4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:12:43.0487 0x02d4 SessionEnv - ok
13:12:43.0518 0x02d4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:12:43.0565 0x02d4 sffdisk - ok
13:12:43.0581 0x02d4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:12:43.0596 0x02d4 sffp_mmc - ok
13:12:43.0596 0x02d4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:12:43.0612 0x02d4 sffp_sd - ok
13:12:43.0612 0x02d4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
13:12:43.0659 0x02d4 sfloppy - ok
13:12:43.0752 0x02d4 [ 21AB491BBCC8C1B26FDC402A374AB196, DD973C9963C840200D153A15078152D499639730D065BB8122C6BE65D4372300 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
13:12:43.0799 0x02d4 Sftfs - ok
13:12:43.0862 0x02d4 [ 4E1BB8A9CCDB4BAF41F7F9A930EB121D, D994B20DACEB187BEB6530309E2185040B58105E4FD5AC1DA435712F9DE027D0 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
13:12:43.0893 0x02d4 sftlist - ok
13:12:43.0955 0x02d4 [ 3B8D43FEEFF7A187534DDDFD675FE123, 9308D5C552FE3AF1121A3F7B7595547C6B892FF500377953F3B623511D84698C ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
13:12:43.0986 0x02d4 Sftplay - ok
13:12:44.0018 0x02d4 [ F1D1B1DC7A8765A09D7640FBF8D20970, 72E59B04BC44DAFFB88987C16CF3F9DC35438B15879E102FD83013673E0DB66F ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
13:12:44.0033 0x02d4 Sftredir - ok
13:12:44.0033 0x02d4 [ B3B9ADE7F8C4AF0C20E712E040588543, 9A6BB11DA046BF6F0239952871263E148FAE91FB21065613645114B5FA054EC5 ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
13:12:44.0049 0x02d4 Sftvol - ok
13:12:44.0080 0x02d4 [ CECFDE5D3701B2D914862F5E6C3DFE18, E7627F90630C306324A39DC3C652B37D255F90636AC19D3302EE5B85BD504BD5 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
13:12:44.0096 0x02d4 sftvsa - ok
13:12:44.0189 0x02d4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:12:44.0298 0x02d4 SharedAccess - ok
13:12:44.0330 0x02d4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:12:44.0392 0x02d4 ShellHWDetection - ok
13:12:44.0439 0x02d4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
13:12:44.0454 0x02d4 SiSRaid2 - ok
13:12:44.0470 0x02d4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
13:12:44.0486 0x02d4 SiSRaid4 - ok
13:12:44.0595 0x02d4 [ 0B70786BD1062CD4C6B58E412B9C3E55, 60ED027642FFF97BFFA55AE3EFFCCBB6D6AD8196D35E9ED06F9AF431E3C0402A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:12:44.0610 0x02d4 SkypeUpdate - ok
13:12:44.0673 0x02d4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:12:44.0720 0x02d4 Smb - ok
13:12:44.0922 0x02d4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:12:44.0954 0x02d4 SNMPTRAP - ok
13:12:44.0985 0x02d4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:12:45.0000 0x02d4 spldr - ok
13:12:45.0063 0x02d4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:12:45.0141 0x02d4 Spooler - ok
13:12:45.0266 0x02d4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:12:45.0453 0x02d4 sppsvc - ok
13:12:45.0468 0x02d4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:12:45.0531 0x02d4 sppuinotify - ok
13:12:45.0562 0x02d4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:12:45.0624 0x02d4 srv - ok
13:12:45.0656 0x02d4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:12:45.0702 0x02d4 srv2 - ok
13:12:45.0734 0x02d4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:12:45.0780 0x02d4 srvnet - ok
13:12:45.0812 0x02d4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:12:45.0874 0x02d4 SSDPSRV - ok
13:12:45.0936 0x02d4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:12:45.0983 0x02d4 SstpSvc - ok
13:12:46.0124 0x02d4 [ 7AE700179C4839F657D245319E234A06, 6EAEFE4A8CAF1A70F1BAD4DD457C6AEC080839542D4E5582376489800BE52E89 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:12:46.0139 0x02d4 Steam Client Service - ok
13:12:46.0248 0x02d4 [ D2B4376F9F36C5873A6CF99EF5750724, 2A5C12EE3657D4A6819080549ADFA3288E0DAC975114D9466DCCC3ED922D2539 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:12:46.0280 0x02d4 Stereo Service - ok
13:12:46.0311 0x02d4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
13:12:46.0311 0x02d4 stexstor - ok
13:12:46.0358 0x02d4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:12:46.0436 0x02d4 stisvc - ok
13:12:46.0467 0x02d4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
13:12:46.0498 0x02d4 swenum - ok
13:12:46.0592 0x02d4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:12:46.0654 0x02d4 swprv - ok
13:12:46.0779 0x02d4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:12:46.0919 0x02d4 SysMain - ok
13:12:46.0950 0x02d4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:12:46.0966 0x02d4 TabletInputService - ok
13:12:46.0982 0x02d4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:12:47.0028 0x02d4 TapiSrv - ok
13:12:47.0044 0x02d4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:12:47.0106 0x02d4 TBS - ok
13:12:47.0200 0x02d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:12:47.0340 0x02d4 Tcpip - ok
13:12:47.0450 0x02d4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:12:47.0528 0x02d4 TCPIP6 - ok
13:12:47.0559 0x02d4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:12:47.0590 0x02d4 tcpipreg - ok
13:12:47.0621 0x02d4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:12:47.0668 0x02d4 TDPIPE - ok
13:12:47.0668 0x02d4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:12:47.0699 0x02d4 TDTCP - ok
13:12:47.0730 0x02d4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:12:47.0762 0x02d4 tdx - ok
13:12:47.0793 0x02d4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
13:12:47.0808 0x02d4 TermDD - ok
13:12:47.0871 0x02d4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
13:12:47.0980 0x02d4 TermService - ok
13:12:47.0980 0x02d4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:12:48.0027 0x02d4 Themes - ok
13:12:48.0058 0x02d4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:12:48.0089 0x02d4 THREADORDER - ok
13:12:48.0105 0x02d4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:12:48.0152 0x02d4 TrkWks - ok
13:12:48.0214 0x02d4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:12:48.0276 0x02d4 TrustedInstaller - ok
13:12:48.0386 0x02d4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:12:48.0510 0x02d4 tssecsrv - ok
13:12:48.0526 0x02d4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:12:48.0573 0x02d4 TsUsbFlt - ok
13:12:48.0604 0x02d4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
13:12:48.0620 0x02d4 TsUsbGD - ok
13:12:48.0666 0x02d4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:12:48.0744 0x02d4 tunnel - ok
13:12:48.0807 0x02d4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
13:12:48.0822 0x02d4 uagp35 - ok
13:12:48.0916 0x02d4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:12:48.0978 0x02d4 udfs - ok
13:12:49.0088 0x02d4 [ 88A68DA9B38708A511CEAFEAB0383849, 27F1FD389E9C5FE202D888F89137FA30146CAF9439F0D101F9D7F1D3BA106F56 ] UHSfiltv C:\Windows\system32\drivers\UHSfiltv.sys
13:12:49.0119 0x02d4 UHSfiltv - ok
13:12:49.0134 0x02d4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:12:49.0166 0x02d4 UI0Detect - ok
13:12:49.0228 0x02d4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:12:49.0244 0x02d4 uliagpkx - ok
13:12:49.0322 0x02d4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
13:12:49.0353 0x02d4 umbus - ok
13:12:49.0400 0x02d4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:12:49.0446 0x02d4 UmPass - ok
13:12:49.0587 0x02d4 [ FC43877B4625F6EB773C98233EB625C5, 2294E1981A3323606FBD8FC9B35EEC85F47C6E0F6F73C1F6346B5A3492D53F40 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:12:49.0634 0x02d4 UNS - ok
13:12:49.0665 0x02d4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:12:49.0712 0x02d4 upnphost - ok
13:12:49.0774 0x02d4 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
13:12:49.0805 0x02d4 USBAAPL64 - ok
13:12:49.0852 0x02d4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
13:12:49.0914 0x02d4 usbaudio - ok
13:12:49.0946 0x02d4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:12:49.0992 0x02d4 usbccgp - ok
13:12:50.0039 0x02d4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:12:50.0086 0x02d4 usbcir - ok
13:12:50.0148 0x02d4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:12:50.0180 0x02d4 usbehci - ok
13:12:50.0289 0x02d4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:12:50.0336 0x02d4 usbhub - ok
13:12:50.0351 0x02d4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:12:50.0398 0x02d4 usbohci - ok
13:12:50.0429 0x02d4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:12:50.0445 0x02d4 usbprint - ok
13:12:50.0460 0x02d4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
13:12:50.0492 0x02d4 usbscan - ok
13:12:50.0523 0x02d4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:12:50.0601 0x02d4 USBSTOR - ok
13:12:50.0632 0x02d4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:12:50.0663 0x02d4 usbuhci - ok
13:12:50.0694 0x02d4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:12:50.0772 0x02d4 UxSms - ok
13:12:50.0804 0x02d4 [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc C:\Windows\system32\lsass.exe
13:12:50.0835 0x02d4 VaultSvc - ok
13:12:50.0960 0x02d4 [ CD74DB141650A8E131F30250381E5A77, C3F6CC4FA70D73A0453126AD6FB1A8A285A6B66EC2C661D9B4F798F8D9CB3976 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
13:12:50.0975 0x02d4 VBoxAswDrv - ok
13:12:51.0038 0x02d4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:12:51.0069 0x02d4 vdrvroot - ok
13:12:51.0100 0x02d4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:12:51.0147 0x02d4 vds - ok
13:12:51.0209 0x02d4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:12:51.0240 0x02d4 vga - ok
13:12:51.0256 0x02d4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:12:51.0334 0x02d4 VgaSave - ok
13:12:51.0350 0x02d4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:12:51.0381 0x02d4 vhdmp - ok
13:12:51.0396 0x02d4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:12:51.0412 0x02d4 viaide - ok
13:12:51.0428 0x02d4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:12:51.0443 0x02d4 volmgr - ok
13:12:51.0490 0x02d4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:12:51.0506 0x02d4 volmgrx - ok
13:12:51.0537 0x02d4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:12:51.0552 0x02d4 volsnap - ok
13:12:51.0584 0x02d4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
13:12:51.0599 0x02d4 vsmraid - ok
13:12:51.0740 0x02d4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:12:51.0880 0x02d4 VSS - ok
13:12:51.0927 0x02d4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:12:51.0958 0x02d4 vwifibus - ok
13:12:51.0989 0x02d4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:12:52.0036 0x02d4 vwififlt - ok
13:12:52.0114 0x02d4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
13:12:52.0145 0x02d4 vwifimp - ok
13:12:52.0208 0x02d4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:12:52.0270 0x02d4 W32Time - ok
13:12:52.0286 0x02d4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
13:12:52.0301 0x02d4 WacomPen - ok
13:12:52.0348 0x02d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:12:52.0395 0x02d4 WANARP - ok
13:12:52.0457 0x02d4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:12:52.0488 0x02d4 Wanarpv6 - ok
13:12:52.0613 0x02d4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
13:12:52.0644 0x02d4 WatAdminSvc - ok
13:12:52.0754 0x02d4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:12:52.0847 0x02d4 wbengine - ok
13:12:52.0878 0x02d4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:12:52.0910 0x02d4 WbioSrvc - ok
13:12:52.0956 0x02d4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:12:52.0972 0x02d4 wcncsvc - ok
13:12:53.0003 0x02d4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:12:53.0034 0x02d4 WcsPlugInService - ok
13:12:53.0066 0x02d4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
13:12:53.0066 0x02d4 Wd - ok
13:12:53.0144 0x02d4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:12:53.0190 0x02d4 Wdf01000 - ok
13:12:53.0268 0x02d4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:12:53.0315 0x02d4 WdiServiceHost - ok
13:12:53.0315 0x02d4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:12:53.0346 0x02d4 WdiSystemHost - ok
13:12:53.0393 0x02d4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
13:12:53.0456 0x02d4 WebClient - ok
13:12:53.0487 0x02d4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:12:53.0534 0x02d4 Wecsvc - ok
13:12:53.0596 0x02d4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:12:53.0643 0x02d4 wercplsupport - ok
13:12:53.0705 0x02d4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:12:53.0736 0x02d4 WerSvc - ok
13:12:53.0799 0x02d4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:12:53.0830 0x02d4 WfpLwf - ok
13:12:53.0861 0x02d4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:12:53.0861 0x02d4 WIMMount - ok
13:12:53.0877 0x02d4 WinDefend - ok
13:12:53.0892 0x02d4 WinHttpAutoProxySvc - ok
13:12:53.0955 0x02d4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:12:54.0033 0x02d4 Winmgmt - ok
13:12:54.0142 0x02d4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
13:12:54.0376 0x02d4 WinRM - ok
13:12:54.0438 0x02d4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
13:12:54.0470 0x02d4 WinUsb - ok
13:12:54.0516 0x02d4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:12:54.0626 0x02d4 Wlansvc - ok
13:12:54.0735 0x02d4 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
13:12:54.0750 0x02d4 wlcrasvc - ok
13:12:54.0906 0x02d4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:12:54.0953 0x02d4 wlidsvc - ok
13:12:54.0984 0x02d4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:12:55.0016 0x02d4 WmiAcpi - ok
13:12:55.0047 0x02d4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:12:55.0094 0x02d4 wmiApSrv - ok
13:12:55.0125 0x02d4 WMPNetworkSvc - ok
13:12:55.0172 0x02d4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:12:55.0234 0x02d4 WPCSvc - ok
13:12:55.0265 0x02d4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:12:55.0296 0x02d4 WPDBusEnum - ok
13:12:55.0328 0x02d4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:12:55.0359 0x02d4 ws2ifsl - ok
13:12:55.0374 0x02d4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:12:55.0437 0x02d4 wscsvc - ok
13:12:55.0437 0x02d4 WSearch - ok
13:12:55.0530 0x02d4 [ 82E8F5AA03DF7DBDB8A33F700D5D8CDA, 7EEB1B8F1430AFB06A18DC6107DBDD57EBBF473FF96F3578481EB89724823393 ] wsvd C:\Windows\system32\DRIVERS\wsvd.sys
13:12:55.0546 0x02d4 wsvd - ok
13:12:55.0686 0x02d4 [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv C:\Windows\system32\wuaueng.dll
13:12:55.0796 0x02d4 wuauserv - ok
13:12:55.0827 0x02d4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:12:55.0858 0x02d4 WudfPf - ok
13:12:55.0936 0x02d4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
13:12:55.0967 0x02d4 WUDFRd - ok
13:12:55.0983 0x02d4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:12:55.0998 0x02d4 wudfsvc - ok
13:12:56.0030 0x02d4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:12:56.0108 0x02d4 WwanSvc - ok
13:12:56.0139 0x02d4 ================ Scan global ===============================
13:12:56.0170 0x02d4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:12:56.0217 0x02d4 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:12:56.0232 0x02d4 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
13:12:56.0279 0x02d4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:12:56.0326 0x02d4 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
13:12:56.0342 0x02d4 [ Global ] - ok
13:12:56.0342 0x02d4 ================ Scan MBR ==================================
13:12:56.0357 0x02d4 [ 753CA1D394F3C0855134963D7361060F ] \Device\Harddisk0\DR0
13:12:58.0869 0x02d4 \Device\Harddisk0\DR0 - ok
13:12:58.0869 0x02d4 ================ Scan VBR ==================================
13:12:58.0931 0x02d4 [ 619A03A875D85497D559FA3E19E9DE27 ] \Device\Harddisk0\DR0\Partition1
13:12:59.0056 0x02d4 \Device\Harddisk0\DR0\Partition1 - ok
13:12:59.0087 0x02d4 [ DC8E50B44761646F6E2907248AD0737C ] \Device\Harddisk0\DR0\Partition2
13:12:59.0181 0x02d4 \Device\Harddisk0\DR0\Partition2 - ok
13:12:59.0228 0x02d4 [ E690196DF433B7303FFF50578E9387AE ] \Device\Harddisk0\DR0\Partition3
13:12:59.0228 0x02d4 \Device\Harddisk0\DR0\Partition3 - ok
13:12:59.0228 0x02d4 ================ Scan generic autorun ======================
13:12:59.0664 0x02d4 [ 5DADA908E14051D65DB1991CB0B1F58D, DC02EDA032CEC2241F302995BF010B0376D5421A3E97583CB8A13A80993290B4 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:12:59.0898 0x02d4 RTHDVCPL - ok
13:13:00.0008 0x02d4 [ 7E25F1EFFDF50F702DE3D9E8F6B8CC47, F1857D2966D2A31DD067A7E8015842FC2757E4BFFEC961726D3C14947824C5C9 ] C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe
13:13:00.0023 0x02d4 MedionReminder - ok
13:13:00.0210 0x02d4 [ D9133D4157664B1E2ACFC2CD56CCB599, 0B2B8EE7D45962026A30833D3D7F59FB1FB07085904C2E77A10714F38910E462 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:13:00.0273 0x02d4 NvBackend - ok
13:13:00.0288 0x02d4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
13:13:00.0320 0x02d4 ShadowPlay - ok
13:13:00.0382 0x02d4 [ DC73E11DC27E7D9AEF884EBE816C4240, 638485C85F7183E2B3060B8FD3189EA47F873B84EE34CAB99526A3A1CC3EE62B ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
13:13:00.0413 0x02d4 IAStorIcon - ok
13:13:00.0476 0x02d4 [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:13:00.0522 0x02d4 Adobe ARM - ok
13:13:00.0678 0x02d4 [ 35048D8E8A0BF7A797CD5757ACD7EED0, 890FCF24869614B3990B575A588ECB35C25A5B896F21BF9C66D43C93787FDD7A ] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
13:13:00.0694 0x02d4 CLMLServer - ok
13:13:00.0741 0x02d4 [ DDEFF7E98629203E66BB4298FABC5983, 59CBE0A49AAA93898831B1D64FFB1D0809736CABB4D19843DB2E99C2650D1AD9 ] C:\Program Files (x86)\PDF24\pdf24.exe
13:13:00.0756 0x02d4 PDFPrint - ok
13:13:00.0959 0x02d4 [ 06964B7DE858BB6317164BF184E9C766, ADE3D2A7256A8F3F11B6E35979413850EB22B9BBADCE3EC73BE04A1622512126 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
13:13:01.0068 0x02d4 AvastUI.exe - ok
13:13:01.0146 0x02d4 [ 5516C26A6AF8EB4E2CAB48EC98A74398, 2BF161DE944090B3B3792AE8F5985FCB09744B3EE626E8253A3861D86284652D ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
13:13:01.0162 0x02d4 HP Software Update - ok
13:13:01.0240 0x02d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:13:01.0365 0x02d4 Sidebar - ok
13:13:01.0396 0x02d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:13:01.0427 0x02d4 mctadmin - ok
13:13:01.0458 0x02d4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:13:01.0490 0x02d4 Sidebar - ok
13:13:01.0490 0x02d4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:13:01.0505 0x02d4 mctadmin - ok
13:13:01.0739 0x02d4 [ 532E8929C8D71E0C4DE405D8995907CF, 2477918259E4D884509FD73948F6783BF696CBF19D18059EE9D44515B196D60A ] C:\Program Files (x86)\Steam\Steam.exe
13:13:01.0817 0x02d4 Steam - ok
13:13:02.0082 0x02d4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe
13:13:02.0098 0x02d4 Google Update - ok
13:13:02.0098 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:03.0112 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:04.0126 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:05.0140 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:06.0154 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:07.0168 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:08.0182 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:09.0196 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:10.0210 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:11.0224 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:12.0238 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:13.0252 0x02d4 Waiting for KSN requests completion. In queue: 121
13:13:14.0391 0x02d4 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2215.880 ), 0x41000 ( enabled : updated )
13:13:14.0438 0x02d4 Win FW state via NFP2: enabled ( trusted )
13:13:16.0934 0x02d4 ============================================================
13:13:16.0934 0x02d4 Scan finished
13:13:16.0934 0x02d4 ============================================================
13:13:16.0934 0x15ec Detected object count: 0
13:13:16.0934 0x15ec Actual detected object count: 0
|
|
31.07.2015, 08:34
| #5 |
| /// the machine /// TB-Ausbilder | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.07.2015, 13:13
| #6 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Es gab beim ersten Installieren ein Problem (frierte ein bei der Installation), weswegen ich es ein zweites mal installieren musste. Code:
ATTFilter ComboFix 15-07-31.01 - Tim 31.07.2015 13:15:15.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4078.1736 [GMT 2:00]
ausgeführt von:: c:\users\Tim\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Tim\AppData\Local\Temp\7zS7CBE\HPSLPSVC64.DLL
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_HPSLPSVC
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-06-28 bis 2015-07-31 ))))))))))))))))))))))))))))))
.
.
2015-07-31 11:29 . 2015-07-31 11:29 -------- d-----w- c:\users\Mcx1-TIM-PC\AppData\Local\temp
2015-07-31 11:29 . 2015-07-31 11:29 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-07-30 10:30 . 2015-07-30 11:09 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-07-29 19:26 . 2015-07-29 19:33 -------- d-----w- C:\FRST
2015-07-28 12:55 . 2015-07-25 18:04 726528 ----a-w- c:\windows\system32\generaltel.dll
2015-07-28 12:55 . 2015-07-25 18:04 765440 ----a-w- c:\windows\system32\invagent.dll
2015-07-28 12:55 . 2015-07-25 18:03 433664 ----a-w- c:\windows\system32\devinv.dll
2015-07-28 12:55 . 2015-07-25 18:03 1085440 ----a-w- c:\windows\system32\appraiser.dll
2015-07-28 12:55 . 2015-07-25 18:03 67584 ----a-w- c:\windows\system32\acmigration.dll
2015-07-28 12:55 . 2015-07-25 17:55 1145856 ----a-w- c:\windows\system32\aeinv.dll
2015-07-28 12:55 . 2015-07-25 18:07 17856 ----a-w- c:\windows\system32\CompatTelRunner.exe
2015-07-28 12:55 . 2015-07-25 18:03 227328 ----a-w- c:\windows\system32\aepdu.dll
2015-07-27 02:53 . 2015-07-27 02:53 0 ----a-w- c:\windows\SysWow64\sho4F88.tmp
2015-07-27 00:47 . 2015-07-27 00:47 -------- d-----w- c:\program files\McAfee Security Scan
2015-07-23 14:22 . 2015-07-23 14:22 -------- d-----w- c:\users\Tim\AppData\Local\CEF
2015-07-22 18:11 . 2015-07-22 18:11 -------- d-----w- c:\program files\TeamSpeak 3 Client
2015-07-21 14:05 . 2015-07-31 11:38 113880 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-07-21 14:04 . 2015-07-30 11:18 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-07-21 14:04 . 2015-06-18 06:41 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2015-07-21 14:04 . 2015-06-18 06:41 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2015-07-21 14:04 . 2015-07-21 19:26 -------- d-----w- c:\program files (x86)\ Malwarebytes Anti-Malware
2015-07-21 14:04 . 2015-07-21 14:04 -------- d-----w- c:\programdata\Malwarebytes
2015-07-21 11:15 . 2015-07-15 03:19 41984 ----a-w- c:\windows\system32\lpk.dll
2015-07-21 11:15 . 2015-07-15 03:19 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-07-21 11:15 . 2015-07-15 03:19 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-07-21 11:15 . 2015-07-15 03:19 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-07-21 11:15 . 2015-07-15 02:55 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-07-21 11:15 . 2015-07-15 02:55 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-07-21 11:15 . 2015-07-15 02:55 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-07-21 11:15 . 2015-07-15 02:54 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-07-21 11:15 . 2015-07-15 01:59 372224 ----a-w- c:\windows\system32\atmfd.dll
2015-07-21 11:15 . 2015-07-15 01:52 299008 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-07-20 22:35 . 2015-07-20 22:35 -------- d-----w- c:\program files (x86)\SEGA
2015-07-20 22:31 . 2015-07-20 22:31 -------- d-----w- c:\users\Tim\AppData\Roaming\InstallShield
2015-07-19 16:41 . 2015-07-19 16:41 0 ----a-w- c:\windows\SysWow64\sho54F7.tmp
2015-07-19 00:29 . 2015-06-17 09:10 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll
2015-07-19 00:29 . 2015-06-17 09:10 1316000 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2015-07-19 00:25 . 2015-06-17 06:03 571024 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2015-07-16 08:46 . 2015-07-16 08:46 0 ----a-w- c:\windows\SysWow64\sho4D75.tmp
2015-07-15 13:48 . 2015-07-15 13:48 18524336 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2015-07-15 13:12 . 2015-07-03 05:56 235216 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-07-15 13:11 . 2015-06-15 21:50 112064 ----a-w- c:\windows\system32\consent.exe
2015-07-15 13:11 . 2015-06-15 21:45 504320 ----a-w- c:\windows\system32\msihnd.dll
2015-07-15 13:11 . 2015-06-15 21:45 3242496 ----a-w- c:\windows\system32\msi.dll
2015-07-15 13:11 . 2015-06-15 21:45 70656 ----a-w- c:\windows\system32\appinfo.dll
2015-07-15 13:11 . 2015-06-15 21:45 1941504 ----a-w- c:\windows\system32\authui.dll
2015-07-15 13:11 . 2015-06-15 21:44 128000 ----a-w- c:\windows\system32\msiexec.exe
2015-07-15 13:11 . 2015-06-15 21:43 337408 ----a-w- c:\windows\SysWow64\msihnd.dll
2015-07-15 13:11 . 2015-06-15 21:43 2364416 ----a-w- c:\windows\SysWow64\msi.dll
2015-07-15 13:11 . 2015-06-15 21:43 1805824 ----a-w- c:\windows\SysWow64\authui.dll
2015-07-15 13:11 . 2015-06-15 21:42 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-07-15 13:11 . 2015-06-15 21:42 25088 ----a-w- c:\windows\system32\msimsg.dll
2015-07-15 13:11 . 2015-06-15 21:37 25088 ----a-w- c:\windows\SysWow64\msimsg.dll
2015-07-14 18:51 . 2015-07-14 18:51 0 ----a-w- c:\windows\SysWow64\shoC7A4.tmp
2015-07-09 19:52 . 2015-07-09 19:52 -------- d-----w- c:\users\Tim\AppData\Local\YSearchUtil
2015-07-09 19:52 . 2015-07-09 19:52 -------- d-----w- c:\program files (x86)\Yahoo!
2015-07-08 17:52 . 2015-07-08 17:52 0 ----a-w- c:\windows\SysWow64\shoB75.tmp
2015-07-08 17:02 . 2015-07-08 17:02 0 ----a-w- c:\windows\SysWow64\shoCD55.tmp
2015-07-06 23:32 . 2015-07-06 23:32 0 ----a-w- c:\windows\SysWow64\sho5153.tmp
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-07-15 13:48 . 2012-08-09 00:47 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-07-15 13:48 . 2011-09-29 16:10 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-07-09 19:49 . 2014-06-30 23:33 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-06-17 09:10 . 2014-07-01 21:12 1571696 ----a-w- c:\windows\system32\nvspcap64.dll
2015-06-17 09:10 . 2014-07-01 21:12 1320304 ----a-w- c:\windows\SysWow64\nvspcap.dll
2015-06-17 09:10 . 2014-07-01 21:09 1567576 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-06-17 09:10 . 2014-07-01 21:08 61616 ----a-w- c:\windows\system32\nvaudcap64v.dll
2015-06-17 06:48 . 2011-09-29 15:56 937616 ----a-w- c:\windows\system32\nvvsvc.exe
2015-06-17 06:48 . 2011-09-29 15:56 62792 ----a-w- c:\windows\system32\nvshext.dll
2015-06-17 06:48 . 2011-09-29 15:56 385168 ----a-w- c:\windows\system32\nvmctray.dll
2015-06-17 06:48 . 2011-09-29 15:56 2558792 ----a-w- c:\windows\system32\nvsvcr.dll
2015-06-17 06:48 . 2011-09-29 15:56 6873232 ----a-w- c:\windows\system32\nvcpl.dll
2015-06-17 06:48 . 2011-09-29 15:56 3492168 ----a-w- c:\windows\system32\nvsvc64.dll
2015-06-17 01:07 . 2015-06-17 01:07 0 ----a-w- c:\windows\SysWow64\shoAE8F.tmp
2015-06-12 09:42 . 2015-06-12 09:42 0 ----a-w- c:\windows\SysWow64\shoA238.tmp
2015-06-02 14:11 . 2014-07-01 21:11 4421614 ----a-w- c:\windows\system32\nvcoproc.bin
2015-05-31 02:10 . 2015-05-31 02:10 0 ----a-w- c:\windows\SysWow64\sho6186.tmp
2015-05-29 00:04 . 2015-05-29 00:04 0 ----a-w- c:\windows\SysWow64\shoAB5B.tmp
2015-05-25 18:24 . 2015-06-11 08:05 5569984 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-05-25 18:21 . 2015-06-11 08:05 1728960 ----a-w- c:\windows\system32\ntdll.dll
2015-05-25 18:19 . 2015-06-11 08:05 362496 ----a-w- c:\windows\system32\wow64win.dll
2015-05-25 18:19 . 2015-06-11 08:05 243712 ----a-w- c:\windows\system32\wow64.dll
2015-05-25 18:19 . 2015-06-11 08:05 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2015-05-25 18:19 . 2015-06-11 08:05 215040 ----a-w- c:\windows\system32\winsrv.dll
2015-05-25 18:19 . 2015-06-11 08:05 1255424 ----a-w- c:\windows\system32\diagtrack.dll
2015-05-25 18:19 . 2015-06-11 08:05 879104 ----a-w- c:\windows\system32\tdh.dll
2015-05-25 18:19 . 2015-06-11 08:05 503808 ----a-w- c:\windows\system32\srcore.dll
2015-05-25 18:19 . 2015-06-11 08:05 50176 ----a-w- c:\windows\system32\srclient.dll
2015-05-25 18:19 . 2015-06-11 08:05 113664 ----a-w- c:\windows\system32\sechost.dll
2015-05-25 18:19 . 2015-06-11 08:05 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2015-05-25 18:19 . 2015-06-11 08:05 424960 ----a-w- c:\windows\system32\KernelBase.dll
2015-05-25 18:19 . 2015-06-11 08:05 1162752 ----a-w- c:\windows\system32\kernel32.dll
2015-05-25 18:18 . 2015-06-11 08:05 43520 ----a-w- c:\windows\system32\csrsrv.dll
2015-05-25 18:18 . 2015-06-11 08:05 879104 ----a-w- c:\windows\system32\advapi32.dll
2015-05-25 18:18 . 2015-06-11 08:05 47104 ----a-w- c:\windows\system32\typeperf.exe
2015-05-25 18:18 . 2015-06-11 08:05 404992 ----a-w- c:\windows\system32\tracerpt.exe
2015-05-25 18:18 . 2015-06-11 08:05 112640 ----a-w- c:\windows\system32\smss.exe
2015-05-25 18:18 . 2015-06-11 08:05 296960 ----a-w- c:\windows\system32\rstrui.exe
2015-05-25 18:18 . 2015-06-11 08:05 43008 ----a-w- c:\windows\system32\relog.exe
2015-05-25 18:18 . 2015-06-11 08:05 104448 ----a-w- c:\windows\system32\logman.exe
2015-05-25 18:18 . 2015-06-11 08:05 19456 ----a-w- c:\windows\system32\diskperf.exe
2015-05-25 18:18 . 2015-06-11 08:05 338432 ----a-w- c:\windows\system32\conhost.exe
2015-05-25 18:11 . 2015-06-11 08:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 4608 ---ha-w- c:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 6656 ----a-w- c:\windows\system32\apisetschema.dll
2015-05-25 18:11 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 5120 ---ha-w- c:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-25 18:11 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-25 18:07 . 2015-06-11 08:05 3989440 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2015-05-25 18:07 . 2015-06-11 08:05 3934144 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2015-05-25 18:04 . 2015-06-11 08:05 1310744 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-05-25 18:01 . 2015-06-11 08:05 635392 ----a-w- c:\windows\SysWow64\tdh.dll
2015-05-25 18:01 . 2015-06-11 08:05 43008 ----a-w- c:\windows\SysWow64\srclient.dll
2015-05-25 18:01 . 2015-06-11 08:05 92160 ----a-w- c:\windows\SysWow64\sechost.dll
2015-05-25 18:01 . 2015-06-11 08:05 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2015-05-25 18:01 . 2015-06-11 08:05 641536 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-05-25 18:01 . 2015-06-11 08:05 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-25 18:00 . 2015-06-11 08:05 40448 ----a-w- c:\windows\SysWow64\typeperf.exe
2015-05-25 18:00 . 2015-06-11 08:05 364544 ----a-w- c:\windows\SysWow64\tracerpt.exe
2015-05-25 18:00 . 2015-06-11 08:05 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2015-05-25 18:00 . 2015-06-11 08:05 37888 ----a-w- c:\windows\SysWow64\relog.exe
2015-05-25 18:00 . 2015-06-11 08:05 82944 ----a-w- c:\windows\SysWow64\logman.exe
2015-05-25 18:00 . 2015-06-11 08:05 17408 ----a-w- c:\windows\SysWow64\diskperf.exe
2015-05-25 17:59 . 2015-06-11 08:05 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2015-05-25 17:59 . 2015-06-11 08:05 274944 ----a-w- c:\windows\SysWow64\KernelBase.dll
2015-05-25 17:55 . 2015-06-11 08:05 4608 ---ha-w- c:\windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
2015-05-25 17:55 . 2015-06-11 08:05 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2015-07-23 2895552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2010-08-03 107816]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-02-06 189480]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-04-15 5512912]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"MSN Toolbar"="c:\program files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe" [2009-11-16 240992]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.11.149\SSScheduler.exe [2015-6-26 330456]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe;c:\program files\McAfee Security Scan\3.11.149\McCHSvc.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 UHSfiltv;UHSfiltv;c:\windows\system32\drivers\UHSfiltv.sys;c:\windows\SYSNATIVE\drivers\UHSfiltv.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-07-28 23:17 995144 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.125\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-07-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-09 13:48]
.
2015-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-07 23:34]
.
2015-07-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-07 23:34]
.
2015-07-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-03 14:05]
.
2015-07-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
- c:\users\Tim\AppData\Local\Google\Update\GoogleUpdate.exe [2014-02-03 14:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-04-15 19:20 722400 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-16 12673128]
"MedionReminder"="c:\program files (x86)\CyberLink\PowerRecover\Reminder.exe" [2011-05-25 443688]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-06-17 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-06-17 1571696]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
uDefault_Search_URL = www.google.com
mStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = www.google.com
mSearch Bar = https://de.yahoo.com/?fr=hp-avast&type=avastbcl
mDefault_Page_URL = www.google.com
mDefault_Search_URL = www.google.com
uInternet Settings,ProxyOverride = <-loopback>
IE: &Citavi Picker... - file://c:\program files (x86)\Internet Explorer\Citavi Picker\ShowContextMenu.html
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\
FF - prefs.js: browser.startup.homepage - hxxps://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKLM-Run-SunJavaUpdateSched - c:\program files (x86)\Java\jre1.8.0_45\bin\jusched.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\S-1-5-21-4254080380-16762214-4038314476-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:92,7e,4b,24,8b,46,33,9b,dc,15,60,7e,dc,e5,a9,37,2c,1b,d4,0c,97,2c,95,
4c,40,ac,42,26,4a,d2,fd,4b,78,4f,7a,6b,ec,f3,ea,47,de,e2,24,80,c4,6e,5c,19,\
"??"=hex:5d,2e,bc,00,9b,07,bc,9c,34,34,87,88,c9,ab,ca,0d
.
[HKEY_USERS\S-1-5-21-4254080380-16762214-4038314476-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:95,94,32,7d,6a,dc,f4,cf,75,e0,a4,d9,9f,cf,d9,17,72,18,1f,fa,4c,
b4,40,23,32,d3,18,b8,e3,5b,64,d3,d2,c9,fc,2f,08,51,9e,31,31,e4,91,4b,d6,eb,\
"rkeysecu"=hex:0c,01,85,43,d9,94,1a,d5,71,29,87,48,26,17,d9,45
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_18_0_0_209_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.18"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_18_0_0_209.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\ Malwarebytes Anti-Malware \mbam.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-07-31 13:48:56 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-07-31 11:48
.
Vor Suchlauf: 10 Verzeichnis(se), 1.271.791.714.304 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 1.275.014.422.528 Bytes frei
.
- - End Of File - - 51D4443DCFEF7CA996C719A1196DC70C
|
|
01.08.2015, 12:17
| #7 |
| /// the machine /// TB-Ausbilder | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.08.2015, 19:53
| #8 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Anti-Malware: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.08.2015 Suchlaufzeit: 20:13 Protokolldatei: Administrator: Ja Version: 0.0.0.0000 Malware-Datenbank: v2015.08.01.06 Rootkit-Datenbank: v2015.07.30.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Tim Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 446440 Abgelaufene Zeit: 28 Min., 36 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 01/08/2015 um 20:29:31
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-01.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Tim - TIM-PC
# Gestarted von : C:\Users\Tim\Desktop\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Browser Manager
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil
Ordner Gelöscht : C:\Users\Tim\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Tim\AppData\Local\YSearchUtil
Ordner Gelöscht : C:\Users\Tim\AppData\LocalLow\HPAppData
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\InetStat
Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\RHEng
[!] Ordner Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\wpe66st4.default\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\user.js
Datei Gelöscht : C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\wpe66st4.default\user.js
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.searchnu.com_0.localstorage
Datei Gelöscht : C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.searchnu.com_0.localstorage-journal
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Tim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9C81D00A-3DAA-48AB-90C7-8252119ABB93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1DA17428-323D-48FF-857C-98CFEE48BFD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InetStat
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\simplytech
Schlüssel Gelöscht : HKCU\Software\Linkey
Schlüssel Gelöscht : HKCU\Software\Kromtech
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\iLividSRTB
Schlüssel Gelöscht : HKLM\SOFTWARE\SpeedBit
Schlüssel Gelöscht : HKLM\SOFTWARE\AIM Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchnu.com
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49847;hxxps=127.0.0.1:49847
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v39.0 (x86 de)
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.alias", "istartsurf");
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/web/favicon.ico");
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.name", "istartsurf");
[oh9vloy6.default-1435741436466\prefs.js] - Zeile Gelöscht : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=dspp&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756&q={searchTerms}");
[wpe66st4.default\prefs.js] - Zeile Gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=9413301700654312&o=APN10645&q=");
-\\ Google Chrome v44.0.2403.125
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://dts.search-results.com/sr?src=crb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=9413301700654312&q={searchTerms}
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3322288&octid=EB_ORIGINAL_CTID&ISID=M46533BF2-FEED-4930-A7FD-A13C5DB766E6&SearchSource=58&CUI=&UM=6&UP=SP7831373F-6402-492A-B493-D4BD255C436B&q={searchTerms}&SSPV=
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1421094515&from=cvs&uid=ST2000DL003-9VT166_6YD19SSYXXXX6YD19SSY&q={searchTerms}
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.istartsurf.com/web/?type=dspp&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756&q={searchTerms}
[C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.istartsurf.com/?type=hppp&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
-\\ Chromium v
*************************
AdwCleaner[R0].txt - [7208 Bytes] - [01/08/2015 20:17:07]
AdwCleaner[R1].txt - [7267 Bytes] - [01/08/2015 20:25:43]
AdwCleaner[S0].txt - [6668 Bytes] - [01/08/2015 20:29:31]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6727 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Tim on 01.08.2015 at 20:40:42,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Windows\SysWOW64\sho12E0.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho162D.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho1843.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho2CB1.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho2FC8.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho3607.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho3788.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho44DD.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho451E.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho47DB.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4A8C.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4D75.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4E2F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho4F88.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5153.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5320.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho54F7.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho59F3.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho5A95.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6186.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho627A.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6461.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6483.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho689D.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6B57.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho6B70.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho715C.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho7BF2.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho7FCA.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho8372.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho8392.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho8A6A.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho9292.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho95C9.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho9717.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\sho97DE.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA238.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA267.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA315.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA40F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoA56B.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoAB1F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoAB5B.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoAE8F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoB75.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoB9E5.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoC0F8.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoC7A4.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoCB8E.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoCD55.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD00F.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoD191.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoDAC.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoE0FE.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoE643.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoF126.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoF772.tmp
Successfully deleted: [File] C:\Windows\SysWOW64\shoFB87.tmp
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{00DCEC11-FC6D-416A-AF73-7CFD79B7F60E}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{09789DAB-F44E-495C-8EC2-3C6286FB4623}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{0C241C1C-C907-4BFE-8352-5B4E45867FCF}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{152EAD4C-1E61-4847-A223-F5DBF11C2EA2}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{1B85D89C-D6AC-40B6-A609-8553A5680B00}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{2005420E-0422-4A58-8E41-27FD692209A3}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{29A7DCB5-3BCA-4B3F-9F09-23CFE4B6ED25}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{2E4B0399-36C6-4F2E-AC16-716F26A57CD4}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{2FC234E4-8DC3-4159-94E1-80ECD01B7936}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{331396FF-B502-4C1E-8319-CBFF39AA70DA}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{42DA2664-F1CC-4909-B1FC-1C62A3B7AD5D}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{4461E600-01F9-495C-9977-C423D0F13869}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{5B9756E3-B07C-45F3-ADAD-EFA05A785606}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{5DF01866-55DE-4D78-AA22-DF97DA64C62A}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{638428FF-F065-45CB-9DD4-29D3D9C8BB72}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{63DAB7D5-7266-4B0A-A43F-22A49AC2B7DD}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{69B1F1F5-9AC6-4D57-95CE-B3421BB05079}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{724B7388-E913-43BE-BAB9-A5CBAD0B465C}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{80E92B4C-576E-4870-99D7-6BBF825879D0}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{82FFD8A1-9362-491D-BAF9-EDBD9E78AB0E}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{88C86DE3-6FF9-4D17-9367-316C5C4666C0}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{8CBC55FE-262A-48D8-B638-B10367F48431}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{9BE3D82C-B519-49BF-A2BD-358FADA2A385}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{9E6060B8-4F89-48E1-A7BB-5EB4E1E70815}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{A0241C2A-205E-406A-B767-33A6B915E9A2}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{A11F28A3-1ECF-408F-B2C5-16554E444260}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{A2AFEEA2-04E4-4376-B2DF-30E41C05B83D}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{B2C96E29-08B0-4CF9-B360-588411E4F417}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{B40DA1A3-5A20-4C47-99D7-35B44397606D}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{BB71535D-B92E-4998-B339-7A948B4D393E}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{BFA97763-EB1E-4789-947B-E974A0F7D834}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{C60D3D90-4809-4DD3-812E-962D3D94F9B1}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{CA80ECA7-58A9-4408-81A7-1E35C5C3E5A7}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{D07F5952-B6CD-4559-B625-151E5A85823F}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{E595534C-60EF-4A36-B30B-BDA403FF2E6B}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{E998C336-786B-4B1C-A966-CD3FFB419170}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{EE33735C-B451-496D-94C8-E428618FD9F9}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{EF3CE935-3381-4C1E-AC8F-1C507C120990}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{FD0B576A-3853-4FF5-9695-C1FA8032F36B}
Successfully deleted: [Empty Folder] C:\Users\Tim\Appdata\Local\{FF7BF16A-B40F-46D0-BC27-DB3C0D443B60}
Successfully deleted: [Folder] C:\ProgramData\google
~~~ FireFox
Successfully deleted the following from C:\Users\Tim\AppData\Roaming\mozilla\firefox\profiles\oh9vloy6.default-1435741436466\prefs.js
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.ptid, xtab);
user_pref(browser.search.searchengine.uid, 6D0406E2F7954c35AD9100F84F8CB756);
Emptied folder: C:\Users\Tim\AppData\Roaming\mozilla\firefox\profiles\oh9vloy6.default-1435741436466\minidumps [1 files]
~~~ Chrome
[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Tim\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.08.2015 at 20:47:57,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015
durchgeführt von Tim (Administrator) auf TIM-PC (01-08-2015 20:51:49)
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor)
HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49847;https=127.0.0.1:49847
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-09] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466
FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-09] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05]
FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10]
FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21]
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23]
FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08]
CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08]
CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30]
CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04]
CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] ()
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation)
R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-01 20:51 - 2015-08-01 20:51 - 00000000 ____D C:\Users\Tim\Desktop\FRST-OlderVersion
2015-08-01 20:47 - 2015-08-01 20:47 - 00009546 _____ C:\Users\Tim\Desktop\JRT.txt
2015-08-01 20:17 - 2015-08-01 20:30 - 00000000 ____D C:\AdwCleaner
2015-08-01 19:38 - 2015-08-01 19:38 - 02248704 _____ C:\Users\Tim\Desktop\AdwCleaner_4.208.exe
2015-08-01 19:38 - 2015-08-01 19:38 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Tim\Desktop\JRT.exe
2015-07-31 13:48 - 2015-07-31 13:48 - 00035287 _____ C:\ComboFix.txt
2015-07-31 13:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-07-31 13:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-07-31 13:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-07-31 13:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-07-31 13:04 - 2015-07-31 13:49 - 00000000 ____D C:\Qoobox
2015-07-31 13:04 - 2015-07-31 13:44 - 00000000 ____D C:\Windows\erdnt
2015-07-31 13:01 - 2015-07-31 13:02 - 05633745 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe
2015-07-30 12:30 - 2015-07-30 13:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-30 12:29 - 2015-07-30 13:09 - 00000000 ____D C:\Users\Tim\Desktop\mbar
2015-07-30 12:27 - 2015-07-30 12:28 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe
2015-07-30 12:27 - 2015-07-30 12:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe
2015-07-29 22:09 - 2015-07-29 22:09 - 00005796 _____ C:\Users\Tim\Desktop\timtt.txt
2015-07-29 22:09 - 2015-07-29 22:09 - 00001196 _____ C:\Users\Tim\Desktop\tim.txt
2015-07-29 21:31 - 2015-07-29 21:33 - 00064694 _____ C:\Users\Tim\Desktop\Addition.txt
2015-07-29 21:28 - 2015-08-01 20:51 - 00022711 _____ C:\Users\Tim\Desktop\FRST.txt
2015-07-29 21:26 - 2015-08-01 20:51 - 00000000 ____D C:\FRST
2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log
2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable
2015-07-29 21:24 - 2015-08-01 20:51 - 02168832 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe
2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe
2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe
2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
2015-07-27 02:25 - 2015-08-01 02:16 - 00026047 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt
2015-07-26 16:00 - 2015-07-30 19:57 - 53185442 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip
2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF
2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-07-22 20:09 - 2015-07-22 20:09 - 01198368 _____ C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe
2015-07-22 20:06 - 2015-07-22 20:07 - 01260832 _____ C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt
2015-07-21 16:05 - 2015-08-01 20:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-21 16:04 - 2015-07-30 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe
2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA
2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA
2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield
2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls
2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls
2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k
2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe
2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-01 20:48 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-01 20:41 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-01 20:41 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-01 20:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job
2015-08-01 20:33 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-01 20:33 - 2009-07-14 06:51 - 00461432 _____ C:\Windows\setupact.log
2015-08-01 20:32 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 20:32 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-01 20:32 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-01 20:31 - 2012-08-07 19:28 - 01888763 _____ C:\Windows\WindowsUpdate.log
2015-08-01 20:30 - 2012-08-07 19:33 - 00000955 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-01 20:29 - 2014-04-12 22:22 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-01 20:29 - 2012-08-07 19:30 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2015-08-01 20:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-01 12:23 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-01 02:07 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype
2015-07-31 23:49 - 2014-05-24 21:10 - 00000000 ____D C:\ProgramData\Origin
2015-07-31 23:47 - 2014-05-24 21:10 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-31 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job
2015-07-31 21:02 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien
2015-07-31 13:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-07-31 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-07-31 13:37 - 2010-11-21 05:47 - 00541176 _____ C:\Windows\PFRO.log
2015-07-29 21:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim
2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni
2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client
2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log
2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log
2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA
2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core
2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt
2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-09 22:05 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle
2015-07-09 21:53 - 2011-11-10 16:59 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-09 21:49 - 2014-07-01 01:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt
2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel
2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262}
2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log
2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-06-27 16:49
==================== Ende von log ============================
Geändert von Stannis B. (01.08.2015 um 19:50 Uhr) |
|
02.08.2015, 11:32
| #9 |
| /// the machine /// TB-Ausbilder | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2015, 01:13
| #10 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. EOS: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9572d6a75b5be44f8941a5c542706b16
# end=init
# utc_time=2015-08-03 09:16:52
# local_time=2015-08-03 11:16:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25106
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=9572d6a75b5be44f8941a5c542706b16
# end=updated
# utc_time=2015-08-03 09:19:03
# local_time=2015-08-03 11:19:03 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=9572d6a75b5be44f8941a5c542706b16
# engine=25106
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-04 12:04:35
# local_time=2015-08-04 02:04:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 4025851 203067165 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 65090294 190276525 0 0
# scanned=406474
# found=5
# cleaned=0
# scan_time=9931
sh=E13FAB8E570DA5FA5FB6EA4AF92837E624B98211 ft=1 fh=c71c0011a617a106 vn="Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Tim\AppData\Local\iLivid\Helper.dll.vir"
sh=A8DA28B546A8041EDF55A731A1C14FE644ECC84F ft=1 fh=f6eb7d106e1da1ce vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe"
sh=105303FE365ECFF894384ECB9E552069997316C1 ft=1 fh=3d4ecacdb46663a8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe"
sh=0B1B68B5CBA14A1C21CEFAE0EA9B4088450F77C6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip"
sh=F4C85D5D754DB9CAF262D5D2E00751647A536836 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung" ac=I fn="D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip"
Code:
ATTFilter Results of screen317's Security Check version 1.006 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` avast! Antivirus Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 45 Java version 32-bit out of Date! Adobe Flash Player 18.0.0.209 Adobe Reader 10.1.1 Adobe Reader out of Date! Mozilla Firefox (39.0) Google Chrome (44.0.2403.107) Google Chrome (44.0.2403.125) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe AVAST Software Avast AvastSvc.exe AVAST Software Avast AvastUI.exe AVAST Software Avast ng vbox\AvastVBoxSVC.exe AVAST Software Avast ng ngservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01 durchgeführt von Tim (Administrator) auf TIM-PC (04-08-2015 02:46:57) Gestartet von C:\Users\Tim\Desktop Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.) HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation) HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert. ProxyServer: [.DEFAULT] => http=127.0.0.1:49847;https=127.0.0.1:49847 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-07-09] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-07-09] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466 FF Homepage: https://www.malwarebytes.org/restorebrowser/&ts=1434482912&from=xtab&uid=6D0406E2F7954c35AD9100F84F8CB756 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-07-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-07-09] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05] FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10] FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20] FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23] FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08] CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08] CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30] CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04] CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation) R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-03 23:14 - 2015-08-03 23:16 - 02870984 _____ (ESET) C:\Users\Tim\Desktop\esetsmartinstaller_deu.exe 2015-08-03 23:14 - 2015-08-03 23:14 - 00852684 _____ C:\Users\Tim\Desktop\SecurityCheck.exe 2015-08-01 20:51 - 2015-08-04 02:46 - 00000000 ____D C:\Users\Tim\Desktop\FRST-OlderVersion 2015-08-01 20:47 - 2015-08-01 20:47 - 00009546 _____ C:\Users\Tim\Desktop\JRT.txt 2015-08-01 20:17 - 2015-08-01 20:30 - 00000000 ____D C:\AdwCleaner 2015-08-01 19:38 - 2015-08-01 19:38 - 02248704 _____ C:\Users\Tim\Desktop\AdwCleaner_4.208.exe 2015-08-01 19:38 - 2015-08-01 19:38 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Tim\Desktop\JRT.exe 2015-07-31 13:48 - 2015-07-31 13:48 - 00035287 _____ C:\ComboFix.txt 2015-07-31 13:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-07-31 13:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-07-31 13:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-07-31 13:04 - 2015-07-31 13:49 - 00000000 ____D C:\Qoobox 2015-07-31 13:04 - 2015-07-31 13:44 - 00000000 ____D C:\Windows\erdnt 2015-07-31 13:01 - 2015-07-31 13:02 - 05633745 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe 2015-07-30 12:30 - 2015-07-30 13:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-07-30 12:29 - 2015-07-30 13:09 - 00000000 ____D C:\Users\Tim\Desktop\mbar 2015-07-30 12:27 - 2015-07-30 12:28 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe 2015-07-30 12:27 - 2015-07-30 12:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe 2015-07-29 22:09 - 2015-07-29 22:09 - 00005796 _____ C:\Users\Tim\Desktop\timtt.txt 2015-07-29 22:09 - 2015-07-29 22:09 - 00001196 _____ C:\Users\Tim\Desktop\tim.txt 2015-07-29 21:31 - 2015-07-29 21:33 - 00064694 _____ C:\Users\Tim\Desktop\Addition.txt 2015-07-29 21:28 - 2015-08-04 02:47 - 00025920 _____ C:\Users\Tim\Desktop\FRST.txt 2015-07-29 21:26 - 2015-08-04 02:47 - 00000000 ____D C:\FRST 2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log 2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable 2015-07-29 21:24 - 2015-08-04 02:46 - 02169856 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe 2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe 2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe 2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-07-27 02:25 - 2015-08-01 02:16 - 00026047 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt 2015-07-26 16:00 - 2015-07-30 19:57 - 53185442 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip 2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF 2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-07-22 20:09 - 2015-07-22 20:09 - 01198368 _____ C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe 2015-07-22 20:06 - 2015-07-22 20:07 - 01260832 _____ C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe 2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt 2015-07-21 16:05 - 2015-08-04 00:12 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-07-21 16:04 - 2015-07-30 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe 2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA 2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA 2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield 2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls 2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls 2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe 2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k 2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe 2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-04 02:43 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype 2015-08-04 02:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job 2015-08-04 02:34 - 2012-08-07 19:28 - 02011332 _____ C:\Windows\WindowsUpdate.log 2015-08-04 02:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-04 01:49 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-03 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job 2015-08-03 21:15 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-03 21:14 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-03 21:14 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-03 21:08 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-03 21:03 - 2009-07-14 06:51 - 00462496 _____ C:\Windows\setupact.log 2015-08-03 21:02 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-03 21:02 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-03 12:24 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-01 20:30 - 2012-08-07 19:33 - 00000955 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-01 20:29 - 2014-04-12 22:22 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-08-01 20:29 - 2012-08-07 19:30 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2015-07-31 23:49 - 2014-05-24 21:10 - 00000000 ____D C:\ProgramData\Origin 2015-07-31 23:47 - 2014-05-24 21:10 - 00000000 ____D C:\Program Files (x86)\Origin 2015-07-31 21:02 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien 2015-07-31 13:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-07-31 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-07-31 13:37 - 2010-11-21 05:47 - 00541176 _____ C:\Windows\PFRO.log 2015-07-29 21:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim 2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni 2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache 2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log 2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log 2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA 2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core 2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt 2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype 2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-09 22:05 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle 2015-07-09 21:53 - 2011-11-10 16:59 - 00000000 ____D C:\Program Files (x86)\Java 2015-07-09 21:49 - 2014-07-01 01:33 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt 2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel 2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262} 2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log 2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-06-27 16:49 ==================== Ende von log ============================ Geändert von Stannis B. (04.08.2015 um 01:49 Uhr) |
|
04.08.2015, 12:26
| #11 |
| /// the machine /// TB-Ausbilder | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Java und adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip
RemoveProxy:
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.08.2015, 16:26
| #12 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal.Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von Tim (2015-08-04 16:31:08) Run:1
Gestartet von C:\Users\Tim\Desktop
Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe
C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip
RemoveProxy:
Emptytemp:
*****************
C:\Users\Tim\Downloads\TeamSpeak 3 32 Bit - CHIP-Installer.exe => erfolgreich verschoben.
C:\Users\Tim\Downloads\TeamSpeak 3 64 Bit - CHIP-Installer.exe => erfolgreich verschoben.
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 10.zip => erfolgreich verschoben.
D:\TIM-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 5.zip => erfolgreich verschoben.
========= RemoveProxy: =========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-4254080380-16762214-4038314476-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
EmptyTemp: => 1.4 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 16:33:59 ====
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01 durchgeführt von Tim (Administrator) auf TIM-PC (04-08-2015 17:08:20) Gestartet von C:\Users\Tim\Desktop Geladene Profile: Tim (Verfügbare Profile: Tim & Mcx1-TIM-PC) Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{33E8EBC9-D93A-2445-B7A6-C65E2B29A627}\YSearchUtilSvc.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Users\Tim\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12673128 2011-08-16] (Realtek Semiconductor) HKLM\...\Run: [MedionReminder] => C:\Program Files (x86)\CyberLink\PowerRecover\Reminder.exe [443688 2011-05-26] (CyberLink) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-17] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-05-20] (Intel Corporation) HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-04] (CyberLink) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-15] (Avast Software s.r.o.) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.) HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [2895552 2015-07-24] (Valve Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-20] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2012-08-09] ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.149\SSScheduler.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-15] (Avast Software s.r.o.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-4254080380-16762214-4038314476-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms} SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> DefaultScope {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default SearchScopes: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> {322B23D0-3F4C-4046-9BDE-C7823C37C64E} URL = https://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-15] (Avast Software s.r.o.) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll Keine Datei BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.) BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation) BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-04] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-15] (Avast Software s.r.o.) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: MSN Toolbar BHO -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-04] (Oracle Corporation) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) Toolbar: HKU\S-1-5-21-4254080380-16762214-4038314476-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{F705B830-3D09-48E9-8657-CD0CA5A0FE70}: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466 FF Homepage: https://de.yahoo.com/?fr=yset_ff_syc_oracle&type=orcl_hpset FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] () FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] () FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 -> C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll [2009-11-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-06-17] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @talk.google.com/O1DPlugin -> C:\Users\Tim\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin HKU\S-1-5-21-4254080380-16762214-4038314476-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Tim\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\Tim\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google) FF Extension: ZenMate Security & Privacy VPN - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\firefox@zenmate.com.xpi [2015-07-05] FF Extension: New Tab by Yahoo - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-06-22] FF Extension: Adblock Plus - C:\Users\Tim\AppData\Roaming\Mozilla\Firefox\Profiles\oh9vloy6.default-1435741436466\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-10] FF Extension: Kein Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-11-30] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-06-20] FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-06-20] FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension [2014-06-21] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-06-23] FF HKU\S-1-5-21-4254080380-16762214-4038314476-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avast SafePrice) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-10-08] CHR Extension: (Avast Online Security) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-08] CHR Extension: (Skype Click to Call) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-30] CHR Extension: (Google Wallet) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-04] CHR Extension: (Citavi Picker) - C:\Users\Tim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohgndokldibnndfnjnagojmheejlengn [2014-10-08] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-06] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-20] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - C:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-15] (Avast Software s.r.o.) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4030800 2015-03-20] (Avast Software) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-17] (NVIDIA Corporation) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc.) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-17] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-17] (NVIDIA Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts) R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [Datei ist nicht signiert] S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{33E8EBC9-D93A-2445-B7A6-C65E2B29A627}\YSearchUtilSvc.exe [152344 2015-06-29] (Yahoo Inc.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-15] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-15] (Avast Software s.r.o.) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-15] (Avast Software s.r.o.) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-15] (Avast Software s.r.o.) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-15] (Avast Software s.r.o.) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-15] (Avast Software s.r.o.) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-15] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-04] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-17] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-06-17] (NVIDIA Corporation) R3 UHSfiltv; C:\Windows\System32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.) R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-03-20] (Avast Software) S3 catchme; \??\C:\ComboFix\catchme.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-04 16:28 - 2015-08-04 16:28 - 01825464 _____ (Adobe Systems Incorporated) C:\Users\Tim\Downloads\AcroRd32.exe 2015-08-04 16:28 - 2015-08-04 16:28 - 01825464 _____ (Adobe Systems Incorporated) C:\Users\Tim\Desktop\AcroRd32.exe 2015-08-04 16:27 - 2015-08-04 16:27 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-08-04 16:25 - 2015-08-04 16:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2015-08-04 16:25 - 2015-08-04 16:25 - 00002051 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk 2015-08-04 16:19 - 2015-08-04 16:19 - 00000000 ____D C:\Users\Tim\AppData\Local\YSearchUtil 2015-08-04 16:17 - 2015-08-04 16:16 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-08-04 16:16 - 2015-08-04 16:16 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-04 16:11 - 2015-08-04 16:11 - 00562784 _____ (Oracle Corporation) C:\Users\Tim\Desktop\jxpiinstall(1).exe 2015-08-03 23:14 - 2015-08-03 23:16 - 02870984 _____ (ESET) C:\Users\Tim\Desktop\esetsmartinstaller_deu.exe 2015-08-03 23:14 - 2015-08-03 23:14 - 00852684 _____ C:\Users\Tim\Desktop\SecurityCheck.exe 2015-08-01 20:51 - 2015-08-04 02:46 - 00000000 ____D C:\Users\Tim\Desktop\FRST-OlderVersion 2015-08-01 20:47 - 2015-08-01 20:47 - 00009546 _____ C:\Users\Tim\Desktop\JRT.txt 2015-08-01 20:17 - 2015-08-01 20:30 - 00000000 ____D C:\AdwCleaner 2015-08-01 19:38 - 2015-08-01 19:38 - 02248704 _____ C:\Users\Tim\Desktop\AdwCleaner_4.208.exe 2015-08-01 19:38 - 2015-08-01 19:38 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Tim\Desktop\JRT.exe 2015-07-31 13:48 - 2015-07-31 13:48 - 00035287 _____ C:\ComboFix.txt 2015-07-31 13:11 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-07-31 13:11 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-07-31 13:11 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-07-31 13:11 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-07-31 13:04 - 2015-07-31 13:49 - 00000000 ____D C:\Qoobox 2015-07-31 13:04 - 2015-07-31 13:44 - 00000000 ____D C:\Windows\erdnt 2015-07-31 13:01 - 2015-07-31 13:02 - 05633745 ____R (Swearware) C:\Users\Tim\Desktop\ComboFix.exe 2015-07-30 12:30 - 2015-07-30 13:09 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-07-30 12:29 - 2015-07-30 13:09 - 00000000 ____D C:\Users\Tim\Desktop\mbar 2015-07-30 12:27 - 2015-07-30 12:28 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Tim\Desktop\mbar-1.09.1.1004.exe 2015-07-30 12:27 - 2015-07-30 12:27 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Tim\Desktop\tdsskiller.exe 2015-07-29 22:09 - 2015-07-29 22:09 - 00005796 _____ C:\Users\Tim\Desktop\timtt.txt 2015-07-29 22:09 - 2015-07-29 22:09 - 00001196 _____ C:\Users\Tim\Desktop\tim.txt 2015-07-29 21:31 - 2015-08-04 02:48 - 00066864 _____ C:\Users\Tim\Desktop\Addition.txt 2015-07-29 21:28 - 2015-08-04 17:10 - 00026002 _____ C:\Users\Tim\Desktop\FRST.txt 2015-07-29 21:26 - 2015-08-04 17:08 - 00000000 ____D C:\FRST 2015-07-29 21:25 - 2015-07-29 21:25 - 00000468 _____ C:\Users\Tim\Desktop\defogger_disable.log 2015-07-29 21:25 - 2015-07-29 21:25 - 00000000 _____ C:\Users\Tim\defogger_reenable 2015-07-29 21:24 - 2015-08-04 02:46 - 02169856 _____ (Farbar) C:\Users\Tim\Desktop\FRST64.exe 2015-07-29 21:24 - 2015-07-29 21:24 - 00380416 _____ C:\Users\Tim\Desktop\Gmer-19357.exe 2015-07-29 21:23 - 2015-07-29 21:24 - 00050477 _____ C:\Users\Tim\Desktop\Defogger.exe 2015-07-28 14:55 - 2015-07-25 20:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2015-07-28 14:55 - 2015-07-25 20:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-07-28 14:55 - 2015-07-25 20:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-07-28 14:55 - 2015-07-25 20:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2015-07-28 14:55 - 2015-07-25 19:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus 2015-07-27 02:47 - 2015-07-27 02:47 - 00000000 ____D C:\Program Files\McAfee Security Scan 2015-07-27 02:25 - 2015-08-01 02:16 - 00026047 _____ C:\Users\Tim\Desktop\Essays Lipinsky.odt 2015-07-26 16:00 - 2015-07-30 19:57 - 53185442 _____ C:\Users\Tim\Desktop\Aquillien_Länderwappen.zip 2015-07-23 16:22 - 2015-07-23 16:22 - 00000000 ____D C:\Users\Tim\AppData\Local\CEF 2015-07-22 20:11 - 2015-07-22 20:11 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2015-07-21 21:26 - 2015-07-21 21:26 - 00001106 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-07-21 17:17 - 2015-07-21 17:17 - 00001224 _____ C:\Malwarebytes 21.07.15.txt 2015-07-21 16:05 - 2015-08-04 17:06 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-07-21 16:05 - 2015-07-21 21:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-07-21 16:04 - 2015-07-30 13:18 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-07-21 16:04 - 2015-07-21 21:26 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-07-21 16:04 - 2015-07-21 16:04 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-21 16:04 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-07-21 16:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-07-21 16:02 - 2015-07-21 16:02 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Tim\Downloads\mbam-setup-2.1.6.1022.exe 2015-07-21 13:15 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-07-21 13:15 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-07-21 13:15 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-07-21 13:15 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-07-21 13:15 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-07-21 13:15 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-07-21 00:54 - 2015-07-21 00:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SEGA 2015-07-21 00:35 - 2015-07-21 00:35 - 00000000 ____D C:\Program Files (x86)\SEGA 2015-07-21 00:31 - 2015-07-21 00:31 - 00000000 ____D C:\Users\Tim\AppData\Roaming\InstallShield 2015-07-20 13:57 - 2015-07-20 14:08 - 00015872 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung(1).xls 2015-07-20 02:04 - 2015-07-20 02:04 - 00012288 _____ C:\Users\Tim\Downloads\Wirtschaft_Nach-Con-Auswertung.xls 2015-07-19 02:43 - 2015-07-19 02:43 - 00001381 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-07-19 02:29 - 2015-06-17 11:10 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-07-19 02:29 - 2015-06-17 11:10 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-07-19 02:25 - 2015-06-17 08:03 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-07-19 02:22 - 2015-06-17 11:10 - 42729104 _____ C:\Windows\system32\nvcompiler.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 30481552 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 22947144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 17724600 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 16145200 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 15866992 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 15224784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 14497520 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 13263056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 12855416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 11831856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 11011216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 03395648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02997544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 02599752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435330.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435330.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01099992 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01060168 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 01050768 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00975176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00938752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll 2015-07-19 02:22 - 2015-06-17 11:10 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys 2015-07-19 02:22 - 2015-06-17 11:10 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll 2015-07-19 02:17 - 2015-07-19 02:18 - 292264080 _____ (NVIDIA Corporation) C:\Users\Tim\Downloads\353.30-desktop-win8-win7-winvista-64bit-international-whql.exe 2015-07-16 12:40 - 2015-07-21 13:15 - 00000000 ____D C:\Users\Tim\Desktop\40k 2015-07-15 15:48 - 2015-07-15 15:48 - 18524336 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-07-15 15:13 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-07-15 15:13 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-07-15 15:13 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-07-15 15:13 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-07-15 15:13 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-07-15 15:13 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-07-15 15:13 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-07-15 15:13 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-07-15 15:13 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-07-15 15:13 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-07-15 15:13 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-07-15 15:13 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-07-15 15:13 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-07-15 15:13 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-07-15 15:13 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2015-07-15 15:13 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2015-07-15 15:13 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll 2015-07-15 15:13 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll 2015-07-15 15:12 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2015-07-15 15:12 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2015-07-15 15:12 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-07-15 15:12 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-07-15 15:12 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-07-15 15:12 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-07-15 15:12 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-07-15 15:12 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-07-15 15:12 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-07-15 15:12 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-07-15 15:12 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-07-15 15:12 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-07-15 15:12 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-07-15 15:12 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-07-15 15:12 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-07-15 15:12 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-07-15 15:12 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-07-15 15:12 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-07-15 15:12 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-07-15 15:12 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-07-15 15:12 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-07-15 15:12 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-07-15 15:12 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-07-15 15:12 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-07-15 15:12 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-07-15 15:12 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-07-15 15:12 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-07-15 15:12 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-07-15 15:12 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-07-15 15:12 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-07-15 15:12 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-07-15 15:12 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-07-15 15:12 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-07-15 15:12 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-07-15 15:12 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-07-15 15:12 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-07-15 15:12 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-07-15 15:12 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-07-15 15:12 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-07-15 15:12 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-07-15 15:12 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-07-15 15:12 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-07-15 15:12 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-07-15 15:12 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-07-15 15:12 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-07-15 15:12 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-07-15 15:12 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-07-15 15:12 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-07-15 15:12 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-07-15 15:12 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-07-15 15:12 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-07-15 15:12 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-07-15 15:12 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-07-15 15:12 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-07-15 15:12 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-07-15 15:12 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-07-15 15:12 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-07-15 15:12 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-07-15 15:12 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-07-15 15:12 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-07-15 15:12 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-07-15 15:12 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-07-15 15:12 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-07-15 15:12 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-07-15 15:12 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-07-15 15:12 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-07-15 15:12 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-07-15 15:12 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-07-15 15:12 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-07-15 15:12 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-07-15 15:12 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-07-15 15:12 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-07-15 15:12 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-07-15 15:12 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-07-15 15:12 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-07-15 15:11 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe 2015-07-15 15:11 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll 2015-07-15 15:11 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll 2015-07-15 15:11 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe 2015-07-15 15:11 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2015-07-15 15:11 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-07-15 15:11 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll 2015-07-15 15:11 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe 2015-07-15 15:11 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll 2015-07-15 15:11 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll 2015-07-09 21:52 - 2015-07-09 21:52 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2015-07-09 21:48 - 2015-07-09 21:49 - 00561248 _____ (Oracle Corporation) C:\Users\Tim\Downloads\jxpiinstall.exe 2015-07-08 13:12 - 2015-07-09 21:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-07-06 09:59 - 2015-07-06 09:59 - 00000383 _____ C:\ftconfig.ini ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-08-04 17:06 - 2012-08-07 20:20 - 00000000 ____D C:\Program Files (x86)\Steam 2015-08-04 17:06 - 2012-08-07 19:29 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-04 17:05 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA 2015-08-04 17:05 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-04 17:05 - 2009-07-14 06:51 - 00463056 _____ C:\Windows\setupact.log 2015-08-04 17:04 - 2010-11-21 05:47 - 00543298 _____ C:\Windows\PFRO.log 2015-08-04 17:03 - 2012-08-07 19:28 - 02059718 _____ C:\Windows\WindowsUpdate.log 2015-08-04 16:48 - 2015-01-22 20:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-04 16:39 - 2014-02-03 20:36 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA.job 2015-08-04 16:28 - 2012-08-08 03:11 - 00000000 ____D C:\Users\Tim\AppData\Local\Adobe 2015-08-04 16:25 - 2011-09-29 18:04 - 00000000 ____D C:\ProgramData\Adobe 2015-08-04 16:25 - 2011-09-29 18:04 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-08-04 16:17 - 2013-10-04 18:02 - 00000000 ____D C:\ProgramData\Oracle 2015-08-04 16:17 - 2013-10-04 18:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-04 16:15 - 2012-08-07 19:29 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-04 16:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2015-08-04 15:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-04 15:18 - 2009-07-14 06:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-04 15:13 - 2012-11-30 02:39 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update 2015-08-04 02:53 - 2012-08-07 20:42 - 00000000 ____D C:\Users\Tim\AppData\Roaming\Skype 2015-08-03 21:39 - 2014-02-03 20:36 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core.job 2015-08-01 20:30 - 2012-08-07 19:33 - 00000955 _____ C:\Users\Tim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-08-01 20:29 - 2014-04-12 22:22 - 00001065 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-08-01 20:29 - 2012-08-07 19:30 - 00001290 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2015-07-31 23:49 - 2014-05-24 21:10 - 00000000 ____D C:\ProgramData\Origin 2015-07-31 23:47 - 2014-05-24 21:10 - 00000000 ____D C:\Program Files (x86)\Origin 2015-07-31 21:02 - 2012-12-17 19:29 - 00000000 ___RD C:\Users\Tim\Desktop\Aquillien 2015-07-31 13:49 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default 2015-07-31 13:38 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini 2015-07-29 21:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF 2015-07-29 21:25 - 2012-08-07 19:32 - 00000000 ____D C:\Users\Tim 2015-07-29 03:01 - 2014-05-06 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel 2015-07-29 00:08 - 2013-01-13 04:03 - 00000000 ____D C:\Users\Tim\Desktop\Uni 2015-07-27 02:47 - 2012-08-09 02:47 - 00000000 ____D C:\ProgramData\McAfee Security Scan 2015-07-22 20:11 - 2012-08-11 18:35 - 00000931 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk 2015-07-22 19:11 - 2012-08-11 18:35 - 00000000 ____D C:\Program Files (x86)\TeamSpeak 3 Client 2015-07-22 13:28 - 2009-07-14 06:45 - 00307240 _____ C:\Windows\system32\FNTCACHE.DAT 2015-07-21 18:08 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache 2015-07-21 17:17 - 2014-04-12 22:22 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-07-21 16:12 - 2014-02-16 02:13 - 00007168 _____ C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-21 02:38 - 2011-09-29 17:34 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-07-21 00:56 - 2015-04-01 16:27 - 00001412 _____ C:\Windows\DXError.log 2015-07-21 00:56 - 2011-09-29 18:13 - 00091711 _____ C:\Windows\DirectX.log 2015-07-19 02:44 - 2011-09-29 17:56 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-07-19 02:29 - 2011-09-29 17:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation 2015-07-19 02:26 - 2014-07-01 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-07-19 02:22 - 2013-01-04 21:11 - 00000000 ____D C:\ProgramData\boost_interprocess 2015-07-15 21:34 - 2014-02-03 20:36 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001UA 2015-07-15 21:34 - 2014-02-03 20:36 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4254080380-16762214-4038314476-1001Core 2015-07-15 21:10 - 2012-08-07 19:29 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-15 21:10 - 2012-08-07 19:29 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-15 20:34 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-07-15 20:30 - 2015-04-16 18:16 - 00000000 ____D C:\Windows\system32\appraiser 2015-07-15 20:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-07-15 15:48 - 2015-01-22 20:13 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-15 15:48 - 2012-08-09 02:47 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-15 15:48 - 2011-09-29 18:10 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2015-07-15 08:12 - 2015-04-05 03:00 - 00000000 ___SD C:\Windows\system32\GWX 2015-07-14 20:41 - 2014-06-18 19:30 - 00203303 _____ C:\Users\Tim\Desktop\Einkaufsliste Party.odt 2015-07-13 15:41 - 2012-08-07 20:42 - 00000000 ____D C:\ProgramData\Skype 2015-07-13 15:40 - 2012-08-07 20:42 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-07-08 19:36 - 2014-04-12 22:22 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-01-12 22:36 - 2015-03-31 00:36 - 0246420 _____ () C:\Users\Tim\AppData\Local\Citavi Picker Internet Explorer Protocol.txt 2014-02-16 02:13 - 2015-07-21 16:12 - 0007168 _____ () C:\Users\Tim\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-01-26 03:43 - 2014-01-26 03:43 - 0002108 _____ () C:\Users\Tim\AppData\Local\recently-used.xbel 2012-08-07 20:32 - 2012-08-07 20:32 - 0000000 _____ () C:\Users\Tim\AppData\Local\{40843CD9-9E16-4ADF-9436-1C338BD6A262} 2012-08-21 14:04 - 2014-06-20 22:16 - 0001913 _____ () C:\ProgramData\hpzinstall.log 2014-05-25 13:37 - 2014-07-27 22:24 - 0000040 _____ () C:\ProgramData\ra3.ini ==================== Bamital & volsnap Check ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-08-04 16:01 ==================== Ende von log ============================ |
|
05.08.2015, 08:05
| #13 |
| /// the machine /// TB-Ausbilder | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.08.2015, 19:29
| #14 |
| | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Ich danke dir schonmal für deine Hilfe. Nur eine Frage noch, ist der untere Teil ein vorgefertigter Text den du immer postest ? Weil ich benutze Firefox und die Windows Firewall ist auch an ? Gruß, Tim |
|
06.08.2015, 06:05
| #15 |
| /// the machine /// TB-Ausbilder | Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. Ja, ein Allround-Absicherungstext. Da kann sich jeder das raus picken was für ihn taugt wenn ich den Käse jedesmal tippen müsste könnte ich nur noch 3 Usern am Tag helfen, anstatt 100
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windwos 7 Home Premium. Rechner ist ständigen Intervallen langsam und dann wieder normal. |
| antivirus, browser, desktop, fehlermeldung, firefox, flash player, google, home, homepage, iexplore.exe, installation, langsam, mozilla, npdicihegicnhaangkdmcgbjceoemeoo, programm, prozesse, realtek, registry, rundll, scan, security, services.exe, software, system, teamspeak, windows |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
