Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Virus trotz Kaspersky Anti-Virus; was machen? (https://www.trojaner-board.de/161547-virus-trotz-kaspersky-anti-virus.html)

Harzburch 05.12.2014 20:00
Virus trotz Kaspersky Anti-Virus; was machen?
 
Beginn ich einmal...
seit einiger Zeit habe ich Probleme mit meinem Pc.
Es ist wie verhext...Ich fang mal mit den Probs. an:
-Pc fährt manchmal stundenlang oder garnicht runter und bleibt bei Windows runterfahren stehen
-PC stürtzt manchmal plötlich ab ! Mit verschiedenen Sachen die ich dann seh..
-Programme laufen nicht mehr wie vorher, es kommt auch vermehrt zu abstürtzen.
-Internet-Browsers lassen sich nicht mehr aktualisieren und es erscheint trotz änderrung der Startseite in Mozilla sowie Chrome immer wieder diese Seite: hxxp://search.fbdownloader.com/?channel=de
-Alles ist irgendwie komisch geworden, und eventuell hat sich auch was an den Angeschlossenen Geräten etwas verändert, da boxen rauschen, Geräte ausfallen usw. :/

Zu den gegebenheiten: ich nutze Wlan über mein Handy, was mit dem Router verbunden ist, da ich derzeit kein Wlan Stick habe..
Ich habe mir NEU KAsperksy ANti-Virus 2015 gekauft, jedoch garnkeine besserung nach etlichen kompletten suchdurchläufen.. :(..
Ist vllt Kaspersky nicht richtig installiert?
Mein System:
64 bit, 16GB Ram ...
Bitte helfen!!
Rege mich Tierisch darüber auf, das Kaspersky null hilft, weil ich denke wirklich stark das Virus hinter steckt, weil mit dem Sytem ansich kann eig. nichts sein.

hxxp://www.trojaner-board.de/images/smilies/dankeschoen.gif

Machiavelli 05.12.2014 20:12
Zitat:
Rege mich Tierisch darüber auf, das Kaspersky null hilft,
Sinnlos für so etwas Geld auszugeben.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Harzburch 05.12.2014 20:28
Antwort; FRST;Addition
 
FRST:
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Max (administrator) on MAX-PC on 05-12-2014 20:24:51
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(reimage) C:\Program Files\Reimage\Reimage Repair\Reimage.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [Gameo] => C:\Users\Max\AppData\Roaming\Gameo\gameo.exe [41402880 2014-12-01] ()
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\RunOnce: [DigitalSites] => wscript /E:vbscript /B "C:\Users\Max\AppData\Roaming\DigitalSites\UpdateProc\bkup.dat"
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\RunOnce: [WSE_Vosteran] => wscript /E:vbscript /B "C:\Users\Max\AppData\Roaming\WSE_Vosteran\UpdateProc\bkup.dat"
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {308BD32D-3F3F-4dc6-A45A-4CAC4205E05F} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_13_other&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEtAtCtC0BtAyEtG0FtCyEzztGtCtC0FtBtGyBzzyB0CtGyCtCtBtC0Azz0BtBtA0CyBzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DyEzz0BtAyB0DtGzyyD0DtDtG0Azy0B0EtGyC0A0EyDtGtBzy0CtD0CtB0E0ByDzyyE0A2Q&cr=550538211&ir=
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Simple New Tab Bho -> {5C2DD58F-613F-4580-8AC0-F10D760AF938} -> C:\Users\Max\AppData\Local\simple_new_tab\simple_new_tab.dll ()
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll No File
Toolbar: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF DefaultSearchEngine: Vosteran
FF DefaultSearchUrl: hxxp://search.fbdownloader.com/search.php?channel=de&q=
FF SelectedSearchEngine: Vosteran
FF Homepage: hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
FF Keyword.URL: hxxp://search.fbdownloader.com/search.php?channel=de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: bebomedia.com/OfferMosquitoIEHelper -> C:\Users\Max\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll No File
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\user.js
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\searchplugins\Vosteran.xml
FF Extension: OfferMosquito - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\om@offermosquito.com.xpi [2014-04-02]
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: Simple New Tab - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\snt@dotlabs.co.xpi [2013-12-16]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=","hxxp://search.fbdownloader.com/?channel=de"
CHR DefaultSearchKeyword: Default -> Vosteran.com
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-08]
CHR Extension: (Price Alarm) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2013-10-03]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-05-08]
CHR Extension: (Amazon-Icon) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2013-10-10]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Max\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 nkdytjtjsw32; C:\Program Files\007\nkdytjtjsw32.exe [683848 2014-11-26] ()
R2 ReimageRealTimeProtector; C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [7138664 2014-12-02] (Reimage®)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
R3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 20:24 - 2014-12-05 20:25 - 00025226 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-05 20:24 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-05 20:23 - 02117632 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:22 - 2014-12-05 20:22 - 00004266 _____ () C:\Windows\System32\Tasks\ReimageUpdater
2014-12-05 20:22 - 2014-12-05 20:22 - 00003422 _____ () C:\Windows\System32\Tasks\Reimage Reminder
2014-12-05 20:22 - 2014-12-05 20:22 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-12-05 20:21 - 2014-12-05 20:23 - 00000165 _____ () C:\Windows\Reimage.ini
2014-12-05 20:21 - 2014-12-05 20:23 - 00000000 ____D () C:\rei
2014-12-05 20:21 - 2014-12-05 20:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair
2014-12-05 20:21 - 2014-12-05 20:22 - 00000000 ____D () C:\Program Files\Reimage
2014-12-05 20:21 - 2014-12-05 20:21 - 00774944 _____ () C:\Users\Max\Downloads\ReimageRepair.exe
2014-12-05 20:21 - 2014-12-05 20:21 - 00001901 _____ () C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk
2014-12-05 20:20 - 2014-12-05 20:20 - 00003714 _____ () C:\Windows\System32\Tasks\gameo_update
2014-12-05 20:20 - 2014-12-05 20:20 - 00001913 _____ () C:\Users\Max\Desktop\Play Goodgame Empire.lnk
2014-12-05 20:20 - 2014-12-05 20:20 - 00001773 _____ () C:\Users\Max\Desktop\Gameo.lnk
2014-12-05 20:20 - 2014-12-05 20:20 - 00001759 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo.lnk
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ___HD () C:\Users\Max\AppData\Roaming\GoldenGate
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gameo
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Gameo
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ____D () C:\Users\Max\AppData\Local\Gameo
2014-12-05 20:19 - 2014-12-05 20:20 - 00003216 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-12-05 20:19 - 2014-12-05 20:20 - 00000284 _____ () C:\Windows\Tasks\Digital Sites.job
2014-12-05 20:19 - 2014-12-05 20:19 - 00003216 _____ () C:\Windows\System32\Tasks\WSE_Vosteran
2014-12-05 20:19 - 2014-12-05 20:19 - 00001150 _____ () C:\Users\Public\Desktop\FileOpener.lnk
2014-12-05 20:19 - 2014-12-05 20:19 - 00000284 _____ () C:\Windows\Tasks\WSE_Vosteran.job
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\Users\Max\AppData\Roaming\WSE_Vosteran
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\Users\Max\AppData\Roaming\1H1Q1V1N1N1O1R
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\Program Files\007
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\Program Files (x86)\WSE_Vosteran
2014-12-05 20:19 - 2014-12-05 20:19 - 00000000 ____D () C:\Program Files (x86)\Tweaks
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-05 18:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:35 - 2014-12-03 21:35 - 00000000 ____D () C:\Users\Max\AppData\Local\{FBBEA713-D792-4CF4-A78F-B33F7953ED27}
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 19:38 - 2014-11-13 19:38 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Snz
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-05 18:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-05 15:49 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\WorldofTanks
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\StormFall
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 20:19 - 2014-03-27 20:39 - 00000000 ____D () C:\Users\Max\AppData\Roaming\DigitalSites
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 20:19 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-05 20:19 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-05 20:14 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 20:01 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 20:01 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 19:44 - 2014-03-27 20:44 - 00000284 _____ () C:\Windows\Tasks\MySearchDial.job
2014-12-05 19:44 - 2014-03-27 20:39 - 00000960 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job
2014-12-05 19:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-05 19:39 - 2014-03-27 20:39 - 00000284 _____ () C:\Windows\Tasks\PriceMeterUpdater.job
2014-12-05 19:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Visicom Media
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 18:16 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-05 17:34 - 2012-07-18 20:50 - 01662097 _____ () C:\Windows\WindowsUpdate.log
2014-12-05 16:58 - 2009-07-14 05:51 - 00020188 _____ () C:\Windows\setupact.log
2014-12-05 15:34 - 2014-03-27 20:39 - 00000956 _____ () C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job
2014-12-05 15:34 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-05 15:34 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 15:33 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-05 15:33 - 2010-11-21 04:47 - 00766178 _____ () C:\Windows\PFRO.log
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 03:44 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-05 01:40 - 2014-09-29 18:57 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Seventh
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 21:22 - 2014-09-26 00:15 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-12-03 20:06 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-12-01 21:11 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 19:38 - 2014-03-19 13:23 - 00000000 ____D () C:\Users\Max\AppData\Roaming\DataMgr
2014-11-13 14:48 - 2009-07-14 06:08 - 00008442 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-07 22:51 - 2014-07-10 23:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip
2014-11-07 16:41 - 2014-04-07 15:12 - 00000000 ____D () C:\ProgramData\Package Cache

Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 14:27

==================== End Of Log ============================
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Max at 2014-12-05 20:25:22
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
coupon monkey (HKLM\...\BEAF8266-AE64-40A2-BF8D-99F4FB145C26) (Version: 2.0.1 - coupon monkey) <==== ATTENTION
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Equalify v2.5.3 (Stable) (HKLM-x32\...\{33EC4F70-9F4B-406F-BB2A-F75A285E927D}) (Version: 2.5.3.0 - Equalify)
Extended Update (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Digital Sites) (Version:  - Extended Update) <==== ATTENTION
File Opener Packages (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\File Opener Packages) (Version:  - ) <==== ATTENTION
FileOpener (HKLM-x32\...\Tweaks FileOpener) (Version: 1.1.1 - Tweaks)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Gameo (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Gameo) (Version: 0.11.7 - IronSource Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.0.1 - Reimage) <==== ATTENTION
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WSE_Vosteran (HKLM-x32\...\WSE_Vosteran) (Version:  - WSE_Vosteran) <==== ATTENTION
Zip Opener Packages (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Zip Opener Packages) (Version:  - ) <==== ATTENTION

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-11-2014 23:13:13 Removed Skype™ 6.20
02-12-2014 17:31:47 Windows Update
03-12-2014 20:25:51 Installed Adobe Flash Media Live Encoder 3.2.
03-12-2014 20:36:16 Removed Facebook Messenger 2.1.4814.0
03-12-2014 20:36:49 Entfernt Far Cry 2
03-12-2014 20:39:31 Counter-Strike: Source wird entfernt
03-12-2014 20:39:55 Configured Easy Tune 6 B12.0402.1
03-12-2014 20:40:55 Configured AutoGreen B12.0206.1
03-12-2014 20:41:44 Removed ON_OFF Charge B11.1102.1
03-12-2014 20:42:13 Removed @BIOS
03-12-2014 20:42:40 Removed Switcher 2.0.0
03-12-2014 20:43:52 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
04-12-2014 23:08:52 Installed Microsoft Keyboard Layout Creator 1.4
04-12-2014 23:54:01 Installed SharpKeys
05-12-2014 00:21:27 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
05-12-2014 00:22:36 Installed M-Audio Fast Track Pro 6.1.10 (x64)
05-12-2014 04:06:01 Gerätetreiber-Paketinstallation: SplitCam Audio-, Video- und Gamecontroller

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {360B71CC-D7AD-4F36-9097-5F64282EE324} - System32\Tasks\gameo_update => C:\Users\Max\AppData\Roaming\Gameo\gameo.exe [2014-12-01] ()
Task: {3B85420A-55C3-490C-A08E-1E99B1A22B87} - System32\Tasks\OMESupervisor => C:\Users\Max\AppData\Local\omesuperv.exe [2014-05-07] () <==== ATTENTION
Task: {76974192-EF59-4748-8421-A2CFB859175A} - System32\Tasks\WSE_Vosteran => C:\Users\Max\AppData\Roaming\WSE_Vosteran\UpdateProc\UpdateTask.exe [2014-12-05] () <==== ATTENTION
Task: {79E37BB7-5871-4C41-BE17-6419844603D9} - System32\Tasks\PriceMeterUpdater => C:\Users\Max\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {7E603449-7D01-4D95-AF15-54136F19A1D7} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {8B23752F-EDF4-4A79-8891-700CA3680080} - System32\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: {96D9F846-F57B-49ED-B91B-95C7318394D6} - System32\Tasks\Digital Sites => C:\Users\Max\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2014-12-05] () <==== ATTENTION
Task: {9BCF6CE1-6252-4933-95A8-ADCBC6A3F560} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2014-11-30] () <==== ATTENTION
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {AF5A6BBE-D68F-4CBA-AB27-5320F866706D} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2014-12-02] (Reimage®) <==== ATTENTION
Task: {D3A05750-E31C-4401-AA6E-3CC4BA12810A} - System32\Tasks\Fifth => C:\Users\Max\AppData\Roaming\Fifth\Fifth.exe [2014-05-07] () <==== ATTENTION
Task: {D60696E5-BA46-4B4B-9137-3BF743A3C76C} - System32\Tasks\MySearchDial => C:\Users\Max\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {DA1376BE-EF6F-4DFA-8F60-22C170BED113} - System32\Tasks\pricemeterdownloader => C:\Users\Max\AppData\Local\PriceMeter\pricemeterd.exe <==== ATTENTION
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Max\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Max\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\PriceMeterUpdater.job => C:\Users\Max\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\WSE_Vosteran.job => C:\Users\Max\AppData\Roaming\WSE_VO~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: DataMgr => "C:\Users\Max\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: Intermediate => "C:\Users\Max\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Max\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: SCheck => "C:\Users\Max\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: Seventh => "C:\Users\Max\AppData\Roaming\Seventh\Seventh.exe"
MSCONFIG\startupreg: Sixth => "C:\Users\Max\AppData\Roaming\Sixth\Sixth.exe"
MSCONFIG\startupreg: Snoozer => "C:\Users\Max\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Max\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: Switcher => "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max
UpdatusUser (S-1-5-21-4256948084-1049334510-1600530276-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2014 08:24:00 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=0.0.0.0-devel;lang=;guid=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1b719318-5aa1-4f7c-8135-d0627b8740e6.dmp

Error: (12/05/2014 08:19:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x165c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (12/05/2014 08:19:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x11c0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (12/05/2014 03:35:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 05:14:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe, Version: 15.0.0.239, Zeitstempel: 0x546d18b1
Name des fehlerhaften Moduls: NPSWF32_15_0_0_239.dll, Version: 15.0.0.239, Zeitstempel: 0x546d1975
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00007073
ID des fehlerhaften Prozesses: 0x1a80
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_15_0_0_239.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_239.exe2
Berichtskennung: FlashPlayerPlugin_15_0_0_239.exe3

Error: (12/05/2014 05:11:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe, Version: 15.0.0.239, Zeitstempel: 0x546d18b1
Name des fehlerhaften Moduls: NPSWF32_15_0_0_239.dll, Version: 15.0.0.239, Zeitstempel: 0x546d1975
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001899ec
ID des fehlerhaften Prozesses: 0x14a8
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_15_0_0_239.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_239.exe2
Berichtskennung: FlashPlayerPlugin_15_0_0_239.exe3

Error: (12/05/2014 05:11:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe, Version: 15.0.0.239, Zeitstempel: 0x546d18b1
Name des fehlerhaften Moduls: NPSWF32_15_0_0_239.dll, Version: 15.0.0.239, Zeitstempel: 0x546d1975
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001899ec
ID des fehlerhaften Prozesses: 0xa78
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_15_0_0_239.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_15_0_0_239.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_15_0_0_239.exe2
Berichtskennung: FlashPlayerPlugin_15_0_0_239.exe3

Error: (12/05/2014 05:02:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/05/2014 05:02:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/05/2014 05:02:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.


System errors:
=============
Error: (12/05/2014 06:11:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/05/2014 06:11:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/05/2014 03:36:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/05/2014 03:36:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/05/2014 03:34:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/05/2014 05:15:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/05/2014 05:15:54 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/05/2014 03:15:17 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (12/05/2014 03:15:17 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/05/2014 01:31:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069


Microsoft Office Sessions:
=========================
Error: (12/05/2014 08:24:00 PM) (Source: Chrome) (EventID: 1) (User: NT-AUTORITÄT)
Description: Chrome has encountered a fatal error.
ver=0.0.0.0-devel;lang=;guid=;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\1b719318-5aa1-4f7c-8135-d0627b8740e6.dmp

Error: (12/05/2014 08:19:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425165c01d010c01c7d3c07C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll993cb25e-7cb3-11e4-bb84-025536366034

Error: (12/05/2014 08:19:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d664800000030000142511c001d010c01a877f2eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll969be5f4-7cb3-11e4-bb84-025536366034

Error: (12/05/2014 03:35:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 05:14:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_239.exe15.0.0.239546d18b1NPSWF32_15_0_0_239.dll15.0.0.239546d1975c0000005000070731a8001d01041e6c20347C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll2e3a3c98-7c35-11e4-beb6-025536366034

Error: (12/05/2014 05:11:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_239.exe15.0.0.239546d18b1NPSWF32_15_0_0_239.dll15.0.0.239546d1975c0000005001899ec14a801d010418d047074C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dlld18c3590-7c34-11e4-beb6-025536366034

Error: (12/05/2014 05:11:08 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_15_0_0_239.exe15.0.0.239546d18b1NPSWF32_15_0_0_239.dll15.0.0.239546d1975c0000005001899eca7801d010417730cf13C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exeC:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dllbc9c8ee6-7c34-11e4-beb6-025536366034

Error: (12/05/2014 05:02:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Downloads\SoftonicDownloader_fuer_anti-porn.exe

Error: (12/05/2014 05:02:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Max\Downloads\SoftonicDownloader_fuer_wink.exe

Error: (12/05/2014 05:02:56 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Max\Downloads\SoftonicDownloader_fuer_morphvox.exe


CodeIntegrity Errors:
===================================
  Date: 2014-12-04 21:53:43.825
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16346.33 MB
Available physical RAM: 13494.13 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 29541.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:771.51 GB) (Free:617.83 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Machiavelli 05.12.2014 20:28
Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.



Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.



Schritt 4
Bitte starte http://filepony.de/icon/frst.pngFRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.

Bitte poste mir die Inhalte der Logs von Adwarecleaner, MBAM, JRT und FRST hier in den Thread.

Harzburch 05.12.2014 20:45
ertsen Ergebnisee
 
Das erste getan; jedoch hat der PC immer noch lange gerbaucht um runterzufahren..
die weiteren Ergebnisse kommen noch..AdwCleaner Logfile:
Code:
# AdwCleaner v4.104 - Bericht erstellt am 05/12/2014 um 20:39:20
# Aktualisiert 05/12/2014 von Xplode
# Database : 2014-12-03.1 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Max - MAX-PC
# Gestartet von : C:\Users\Max\Downloads\AdwCleaner_4.104.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : nkdytjtjsw32

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Program Files (x86)\Tweaks
Ordner Gelöscht : C:\Program Files\Reimage
Ordner Gelöscht : C:\Program Files\007
Ordner Gelöscht : C:\Users\Max\AppData\Local\Gameo
Ordner Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito
Ordner Gelöscht : C:\Users\Max\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Max\AppData\Local\PriceMeterLiveUpdate
Ordner Gelöscht : C:\Users\Max\AppData\Local\simple_new_tab
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Common\LuaRT
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\DataMgr
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\DigitalSites
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Fifth
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Intermediate
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\OfferMosquito
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\SCheck
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Seventh
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Sixth
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Snz
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\SSync
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Max\AppData\Roaming\WSE_Vosteran
[!] Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\om@offermosquito.com.xpi
[!] Ordner Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\snt@dotlabs.co.xpi
Ordner Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Ordner Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
Ordner Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Datei Gelöscht : C:\Users\Public\Desktop\FileOpener.lnk
Datei Gelöscht : C:\Windows\Reimage.ini
Datei Gelöscht : C:\Users\Max\daemonprocess.txt
Datei Gelöscht : C:\Users\Max\AppData\Local\omesuperv.exe
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\searchplugins\Mysearchdial.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\searchplugins\search.xml
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\user.js
Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\searchplugins\Vosteran.xml
Datei Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage

***** [ Tasks ] *****

Task Gelöscht : Digital Sites
Task Gelöscht : Fifth
Task Gelöscht : MySearchDial
Task Gelöscht : OMESupervisor
Task Gelöscht : pricemeterdownloader
Task Gelöscht : PriceMeterLiveUpdateUpdateTaskMachineCore
Task Gelöscht : PriceMeterLiveUpdateUpdateTaskMachineUA
Task Gelöscht : PriceMeterUpdater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdate.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00A154AE-6C33-4F1E-9057-242350540936}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{126C78A0-36E7-4697-A3AB-32706144398B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{41C35ADE-DEDA-439F-8140-D53F2C76C963}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4211E851-747F-4470-923D-6EF683EE79CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{45F8961E-1314-421E-9F00-BDDE18CF8EA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4825ACAD-F495-4CDD-9603-9C91BABB2B88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5B60D1C0-453A-485D-AE91-61FAC9203719}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{74930D00-2198-46FE-B6BC-FEEC60C666C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8D73A258-9787-4AE7-9232-41036673FD0E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D24562E-40EC-4E46-B57C-700352059B55}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B1F29F0C-2EC8-487B-97C2-8B8FEA6CEF14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C0756D99-64A1-4332-B783-A5A1B571D431}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CF0A778A-DDA0-4492-9804-EF38C9A9F1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D1C6444C-CC06-4060-A486-736DEAFD9C16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D8746A3A-A372-4C8B-96E5-B58F6474EB19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5C2DD58F-613F-4580-8AC0-F10D760AF938}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82B16A3D-F03E-4565-A532-666B219C9A53}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30D1E30D-B7F5-4C7A-8EDA-9F02966538A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89449F37-4AB2-46ED-A566-BB3A7797701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F509ADC2-B40E-470F-A7B7-45191486B5CB}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{308BD32D-3F3F-4dc6-A45A-4CAC4205E05F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKCU\Software\mysearchdial.com
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\OfferMosquito
Schlüssel Gelöscht : HKCU\Software\PriceMeterLiveUpdate
Schlüssel Gelöscht : HKCU\Software\PriceMeterUpdater
Schlüssel Gelöscht : HKCU\Software\Protector
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\gameo
Schlüssel Gelöscht : HKLM\SOFTWARE\DealPlyLive
Schlüssel Gelöscht : HKLM\SOFTWARE\Email Notifier
Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\mystarttb
Schlüssel Gelöscht : HKLM\SOFTWARE\PriceMeterLiveUpdate
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tweaks FileOpener
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Reimage

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17420

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v34.0.5 (x86 de)

[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Vosteran");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.fbdownloader.com/search.php?channel=de&q=");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Vosteran");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.aflt", "dsites_14_13_other");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEtAtCtC0BtAyEtG0FtCyEzzt[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.cr", "550538211");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.irmysearch.instlRef", "140305_a");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.AL", 2);
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "dsites_14_13_other");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEtAtCtC0BtAyEtG0FtCyEz[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.cr", "550538211");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dsites_14_13_other&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1Cz[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.id", "902B3418B060D58F");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "16156");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "140305_a");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dsites_14_13_other&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dsites_14_13_other&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.020:39:31");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.hmpgUrl", "hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzyt[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.newTabUrl", "hxxp://Vosteran.com/?f=2&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBz[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.prtnrId", "WSE_Vosteran");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.srchPrvdr", "Vosteran");
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("extensions.srchvstrn.tlbrSrchUrl", "hxxp://Vosteran.com/?f=3&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEt[...]
[fnsdk8k5.default\prefs.js] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://search.fbdownloader.com/search.php?channel=de&q=");

-\\ Google Chrome v39.0.2171.71

[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites_14_13_other&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0SzztCyBtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEtAtCtC0BtAyEtG0FtCyEzztGtCtC0FtBtGyBzzyB0CtGyCtCtBtC0Azz0BtBtA0CyBzz2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0DyEzz0BtAyB0DtGzyyD0DtDtG0Azy0B0EtGyC0A0EyDtGtBzy0CtD0CtB0E0ByDzyyE0A2Q&cr=550538211&ir=
[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.fbdownloader.com/search.php?channel=de&q={searchTerms}
[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
[C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=

*************************

AdwCleaner[R0].txt - [22398 octets] - [05/12/2014 20:38:20]
AdwCleaner[S0].txt - [21147 octets] - [05/12/2014 20:39:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21208 octets] ##########
--- --- ---

Machiavelli 05.12.2014 20:48
Poste alle Logs in einem Post ... sonst kann es sein, dass ich Dich übersehe.

Harzburch 05.12.2014 21:32
mbam
 
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 05.12.2014
Scan Time: 20:56:31
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.05.10
Rootkit Database: v2014.12.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Max

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 369575
Time Elapsed: 8 min, 12 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.OfferMosquito.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\OfferMosquito, Quarantined, [6cd2035c5428989e42315e656e96f10f],
PUP.Optional.SimpleNewTab.A, HKU\S-1-5-21-4256948084-1049334510-1600530276-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SimpleNewTab, Quarantined, [41fdc29d6c10ac8a34db3c3312f1f808],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
Trojan.Agent, C:\Windows\SysWOW64\svchosptd.exe, Quarantined, [50ee471883f95bdb6bac610db25316ea],
PUP.Optional.InstalLCore, C:\Users\Max\AppData\Local\Temp\is765589038\52614A36_stp.EXE, Quarantined, [81bd2c3395e7d75f94070c318c798b75],
PUP.Optional.Softonic.A, C:\Users\Max\Downloads\SoftonicDownloader_fuer_anti-porn.exe, Quarantined, [d965035c215b4fe70e64d765a25fae52],
PUP.Optional.Softonic.A, C:\Users\Max\Downloads\SoftonicDownloader_fuer_morphvox.exe, Quarantined, [26188dd2c2baa195531f41fb17ea2bd5],
PUP.Optional.Softonic, C:\Users\Max\Downloads\SoftonicDownloader_fuer_wink.exe, Quarantined, [1e207ee1f488df5748cc89983fc22fd1],
PUP.RiskwareTool.CK, C:\Users\Max\Downloads\Adobe Premiere Pro CS6 64bit Crack.rar, Quarantined, [261867f84537f93d1d81d596f40e6a96],

Physical Sectors: 0
(No malicious items detected)


(end)

Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Max on 05.12.2014 at 21:18:17,79
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Max\AppData\Roaming\getrighttogo"
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{07AE52A1-C22B-4032-BCFF-457D0F0CB56C}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{158BEDFE-C141-4CBC-B4D3-683AFFCC969C}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{2E1A4814-0B91-497F-B088-32AE3A6FEB2B}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{403F6A99-976D-4468-8F8A-9D1C68707316}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{407B18B5-65D4-475D-B43F-509813CB54D2}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{456022CC-8679-45DD-B64F-FF209AF2BC7C}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{4A2E239E-B6D3-44F1-8CE6-1E89CB69F197}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{893F7178-63A3-4BE8-AF32-523A703106DF}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{89A1893A-2D91-4F13-A3F4-D8270316C20D}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{8BD973EA-E84B-44B1-A75A-FA08FF1D0727}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{95FD8A35-57E2-4298-BCF9-9A0713B3291F}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{A36284BB-1F41-442E-A793-FC6EF17E521E}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{AB94A71F-C8D4-4089-B644-46E52AAF5D7A}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{C4FDA9F0-D876-4763-8348-1F8AFCD69742}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{D590706D-7892-4031-9F1E-748E1C39B396}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{ED30979B-3F26-4B85-9968-BE32E69C1A6A}
Successfully deleted: [Empty Folder] C:\Users\Max\appdata\local\{FBBEA713-D792-4CF4-A78F-B33F7953ED27}



~~~ FireFox

Emptied folder: C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\fnsdk8k5.default\minidumps [251 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.12.2014 at 21:21:50,99
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2014
Ran by Max (administrator) on MAX-PC on 05-12-2014 21:28:21
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]
FF StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=","hxxp://search.fbdownloader.com/?channel=de"
CHR DefaultSearchKeyword: Default -> Vosteran.com
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-08]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R4 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:56 - 2014-12-05 21:11 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-05 20:55 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-05 20:55 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-05 20:55 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-05 20:25 - 00037925 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-05 21:28 - 00021584 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-05 21:28 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-05 20:23 - 02117632 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:21 - 2014-12-05 20:21 - 00774944 _____ () C:\Users\Max\Downloads\ReimageRepair.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ___HD () C:\Users\Max\AppData\Roaming\GoldenGate
2014-12-05 20:19 - 2014-12-05 20:29 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-05 18:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-05 18:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-05 21:16 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\WorldofTanks
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\StormFall
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-05 21:18 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-05 21:18 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:18 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 21:15 - 2012-07-18 20:50 - 01678763 _____ () C:\Windows\WindowsUpdate.log
2014-12-05 21:11 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-05 21:11 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-05 21:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-05 21:11 - 2009-07-14 05:51 - 00021084 _____ () C:\Windows\setupact.log
2014-12-05 21:10 - 2010-11-21 04:47 - 00772180 _____ () C:\Windows\PFRO.log
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:39 - 2014-03-19 13:21 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Common
2014-12-05 20:39 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-05 20:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:32 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 20:19 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-05 20:14 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 19:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Visicom Media
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 18:16 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 03:44 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 21:22 - 2014-09-26 00:15 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-12-01 21:11 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00008946 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-07 22:51 - 2014-07-10 23:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip
2014-11-07 16:41 - 2014-04-07 15:12 - 00000000 ____D () C:\ProgramData\Package Cache

Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe
C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Max\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 14:27

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2014
Ran by Max at 2014-12-05 21:31:26
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 301.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 301.42 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0213 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0213 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

29-11-2014 23:13:13 Removed Skype™ 6.20
02-12-2014 17:31:47 Windows Update
03-12-2014 20:25:51 Installed Adobe Flash Media Live Encoder 3.2.
03-12-2014 20:36:16 Removed Facebook Messenger 2.1.4814.0
03-12-2014 20:36:49 Entfernt Far Cry 2
03-12-2014 20:39:31 Counter-Strike: Source wird entfernt
03-12-2014 20:39:55 Configured Easy Tune 6 B12.0402.1
03-12-2014 20:40:55 Configured AutoGreen B12.0206.1
03-12-2014 20:41:44 Removed ON_OFF Charge B11.1102.1
03-12-2014 20:42:13 Removed @BIOS
03-12-2014 20:42:40 Removed Switcher 2.0.0
03-12-2014 20:43:52 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
04-12-2014 23:08:52 Installed Microsoft Keyboard Layout Creator 1.4
04-12-2014 23:54:01 Installed SharpKeys
05-12-2014 00:21:27 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
05-12-2014 00:22:36 Installed M-Audio Fast Track Pro 6.1.10 (x64)
05-12-2014 04:06:01 Gerätetreiber-Paketinstallation: SplitCam Audio-, Video- und Gamecontroller
05-12-2014 19:31:43 Removed MSXML 4.0 SP2 (KB973688)
05-12-2014 19:32:09 Removed MSXML 4.0 SP2 (KB954430)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-07-18 21:24 - 2014-07-02 19:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-18 20:59 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: DataMgr => "C:\Users\Max\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: Intermediate => "C:\Users\Max\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Max\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: SCheck => "C:\Users\Max\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: Seventh => "C:\Users\Max\AppData\Roaming\Seventh\Seventh.exe"
MSCONFIG\startupreg: Sixth => "C:\Users\Max\AppData\Roaming\Sixth\Sixth.exe"
MSCONFIG\startupreg: Snoozer => "C:\Users\Max\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Max\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: Switcher => "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max
UpdatusUser (S-1-5-21-4256948084-1049334510-1600530276-1003 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-04 21:53:43.825
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 13%
Total physical RAM: 16346.33 MB
Available physical RAM: 14192.89 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 30315.22 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:771.51 GB) (Free:617.77 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

Machiavelli 05.12.2014 21:50
Zitat:
PUP.RiskwareTool.CK, C:\Users\Max\Downloads\Adobe Premiere Pro CS6 64bit Crack.rar, Quarantined, [261867f84537f93d1d81d596f40e6a96],
Was soll das?

Harzburch 05.12.2014 22:24
://
 
Der PC war nicht immer nur in meiner Hand !!
Ich habe wirlich keine Illegalen Programme bzw. Cracks, wenn das für dich nicht auch ersichtlichtlich ist !
Weiß auch nicht weshalb ich das noch oder weshalb ich es drauf habe.. :/ Aber ich habe das Programm nicht und hatte es noch nie.. eventuell kam ich mal auf ne blöde Idee, die ich nicht zuende gebracht habe..

Was ist denn mit den Viren?
Und vielen Dank das du dich dadrum kümmerst und dir das wirklich durchgelsen hast :)

Machiavelli 05.12.2014 23:27
Malware Removal Hilfe wird ab sofort gestoppt. Ich unterstütze keine illegal erworbene Software und damit sehe ich es nicht ein, Dir weiter zu helfen.

Harzburch 05.12.2014 23:35
LOL

Machiavelli 05.12.2014 23:37
Interessant.

Harzburch 05.12.2014 23:47
Was soll das denn?
Ich habe doch garnihcts mit den illegalen Programmen zu tuen!!
Ich verurteile doch auch nicht Menschen mit längst vergangenen Sachen, zb. einen trockenen Alkoholiker etc.
Ich vertstehe das nicht :(
Ich habe Probleme mit meinem PC, und habe sonst nichts mit Illegalen Programmen am Hut, im gegenteil, habe mir erst Kaspersky gekauft, und möchte mir jetzt ein etwa 500 euro Programm namens Cubase kaufen ...
und jetzt habe ich ein Problem wegen einem LEGALEM Crack?!
Ich verstehe diese Plattform nicht.. soll ich das löschen und nochmal alles neu Posten?! werde ich ansonsten wohl tuen müssen.. :/

Machiavelli 05.12.2014 23:57
Zitat:
Was soll das denn?
Mir geht es darum: Ich bin Helfer auf vielen, vielen Foren (u.a. auf englischen und niederländischen). Würde ich Dir weiterhelfen, würde ich die User, denen ich den Support wegen illegaler Software eingestellt habe, benachteiligen. Darüberhinaus, wie schon gesagt, werde ich keine Art von illegaler Software jetzt und in Zukunft unterstützen. Das ist das, warum ich Dir nicht helfen kann und will. Würde ich Dir helfen, müsste ich meinen eigenen Moralkodex durchbrechen ... damit belüge ich nicht nur mich, sondern auch Dich.

Zitat:
Ich habe doch garnihcts mit den illegalen Programmen zu tuen!!
Doch. Siehe illegale Datei, die oben genannt ist.

Zitat:
Ich verurteile doch auch nicht Menschen mit längst vergangenen Sachen, zb. einen trockenen Alkoholiker etc.
Was hat das mit dieser Sache zu tun? Du hast die illegale Datei hast Du noch auf Deinem System, wärest du ein "trockener" Anwender, würdest Du solche Dateien nicht mal auf dem System haben.

Zitat:
soll ich das löschen und nochmal alles neu Posten?! werde ich ansonsten wohl tuen müssen.. :/
Mir ist es egal. Ich bin mir sicher, dass einige Kollegen Dir helfen werden. Aber ich hab eigene Meinung zu diesem Thema und behandle jeden User gleich.

Aber, mal als letzten "Test":

Downloade dir bitte CKScanner

Wichtig: Speichere die Datei am Desktop.
  • Doppelklicke auf die CKScanner.exe und klicke auf Search For Files.
  • Danach klicke auf Save List To File.
  • Es wird eine Box aufpoppen, die dir mitteilt, dass die Datei gespeichert wurde (file saved)
  • Öffne die CKFiles.txt auf deinem Desktop und poste den Inhalt hier.

Harzburch 06.12.2014 01:47
Antwort:
 
CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\program files (x86)\steam\steamapps\common\counter-strike source\cstrike\download\maps\hoejhus10_crack.bsp
c:\program files (x86)\steam\steamapps\common\counter-strike source\cstrike\download\maps\hoejhus10_crack.nav
c:\program files (x86)\steam\steamapps\common\counter-strike source\cstrike\download\materials\sprites\store\trails\crackedbeam.vmt
c:\program files (x86)\steam\steamapps\common\counter-strike source\cstrike\download\materials\sprites\store\trails\crackedbeam.vtf
scanner sequence 3.BB.11.NAAPO0
----- EOF -----


Bitte nicht denken, das es sich bei dieser Crackliste um Illegale Sachen handelt, das sind nur Spielhacks, die legal sind, und auch auf 20% der Server gestattet sind;;; bitte nicht vorverurteilen...
Danke im Vorraus, und ich werde nochmal das System durchsuchen und alte Cracks Verbannen!
LG

was soll ich nun tuen?? hxxp://www.trojaner-board.de/images/smilies/confused.gif

Machiavelli 06.12.2014 15:18
Zitat:
was soll ich nun tuen??
Keine Ahnung.

deeprybka 06.12.2014 15:29
Ich übernehme ab hier:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Harzburch 06.12.2014 17:02
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014
Ran by Max (administrator) on MAX-PC on 06-12-2014 16:59:52
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]

Chrome:
=======
CHR HomePage: Default -> hxxp://Vosteran.com/?f=1&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR StartupUrls: Default -> "hxxp://Vosteran.com/?f=7&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=", "hxxp://search.fbdownloader.com/?channel=de"
CHR DefaultSearchKeyword: Default -> vosteran.com
CHR DefaultSearchURL: Default -> hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_ggfc_14_49_ff&cd=2XzuyEtN2Y1L1QzuzytDtB0BtAyEtCzz0BtDyCtD0DyDzz0FtN0D0Tzu0StCtDyCzytN1L2XzutAtFyCtFtCtDtFtCtDtN1L1CzutCyEtBzytDyD1V1BtN1L1G1B1V1N2Y1L1Qzu2StBtCtA0EyDyByC0AtG0B0DyEyDtGtAtA0FyEtG0FtB0BzytGyEyBzytAzzzzzzzztDzytBtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0FtC0BtBtB0AzytGyC0E0DyCtGyEtB0DyBtG0ByDtA0AtGzy0D0EtBtByB0Bzy0AyBzz0D2Q&cr=1734967931&ir=
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Facebook Desktop) - C:\Users\Max\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll No File
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.70.10) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (Kaspersky Protection) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2014-11-08]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Vosteran New Tab) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce [2014-12-06]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - No Path
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 16:59 - 2014-12-06 16:59 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-12-06 02:02 - 2014-12-06 02:03 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 01:43 - 2014-12-06 01:43 - 00000615 _____ () C:\Users\Max\Desktop\ckfiles.txt
2014-12-06 01:41 - 2014-12-06 01:41 - 00468480 _____ () C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 01:24 - 2014-12-06 01:36 - 153463376 _____ (Steinberg Media Technologies GmbH) C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 01:24 - 2014-12-06 01:29 - 58948264 _____ () C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-06 00:33 - 2014-12-06 00:33 - 00000000 ____D () C:\AV-CLS
2014-12-05 23:51 - 2014-12-05 23:51 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 23:11 - 2014-12-05 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 23:11 - 2014-12-05 23:11 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-12-05 23:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-05 23:10 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 23:10 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 23:08 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-05 23:08 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-05 23:08 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-05 23:08 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 23:03 - 2014-12-05 23:07 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-05 21:31 - 00021075 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-06 17:00 - 00022687 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-06 16:59 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-06 16:59 - 02118144 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:21 - 2014-12-05 20:21 - 00774944 _____ () C:\Users\Max\Downloads\ReimageRepair.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000000 ___HD () C:\Users\Max\AppData\Roaming\GoldenGate
2014-12-05 20:19 - 2014-12-05 20:29 - 00000000 ____D () C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-06 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-06 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-06 16:57 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\WorldofTanks
2014-11-07 00:48 - 2014-11-07 00:48 - 00000000 ____D () C:\Users\Max\AppData\Local\StormFall
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 17:00 - 2012-07-18 20:50 - 01705997 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 16:57 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 16:56 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 16:56 - 2010-11-21 04:47 - 00772934 _____ () C:\Windows\PFRO.log
2014-12-06 16:56 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 16:56 - 2009-07-14 05:51 - 00024735 _____ () C:\Windows\setupact.log
2014-12-06 02:04 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 02:04 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 01:50 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-06 01:42 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-06 01:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 01:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 01:32 - 2012-07-30 14:39 - 00010016 _____ () C:\Windows\DPINST.LOG
2014-12-06 01:32 - 2012-07-30 14:39 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-12-06 01:32 - 2012-07-30 14:39 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-12-06 01:31 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 23:43 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-12-05 23:33 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:33 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-05 23:12 - 2014-04-07 16:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA
2014-12-05 23:11 - 2012-07-18 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-05 23:11 - 2012-07-18 21:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-05 23:10 - 2012-07-18 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-05 21:18 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:39 - 2014-03-19 13:21 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Common
2014-12-05 20:39 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Visicom Media
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 21:22 - 2014-09-26 00:15 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-17 23:18 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00009450 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2013-02-25 23:32 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2012-07-18 21:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2012-07-18 21:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2012-07-18 21:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:29 - 2012-07-18 21:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 22:51 - 2014-07-10 23:39 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip
2014-11-07 16:41 - 2014-04-07 15:12 - 00000000 ____D () C:\ProgramData\Package Cache

Some content of TEMP:
====================
C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll
C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe
C:\Users\Max\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\Max\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\Max\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Max\AppData\Local\Temp\nvStInst.exe
C:\Users\Max\AppData\Local\Temp\Quarantine.exe
C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe
C:\Users\Max\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 14:27

==================== End Of Log ============================
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014
Ran by Max at 2014-12-06 17:01:02
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-07-18 21:24 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2012-07-18 20:59 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: DataMgr => "C:\Users\Max\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: Intermediate => "C:\Users\Max\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PriceMeterW => "C:\Users\Max\AppData\Local\PriceMeter\pricemeterw.exe"
MSCONFIG\startupreg: Rainlendar2 => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
MSCONFIG\startupreg: SCheck => "C:\Users\Max\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: Seventh => "C:\Users\Max\AppData\Roaming\Seventh\Seventh.exe"
MSCONFIG\startupreg: Sixth => "C:\Users\Max\AppData\Roaming\Sixth\Sixth.exe"
MSCONFIG\startupreg: Snoozer => "C:\Users\Max\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Max\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: Switcher => "C:\Program Files (x86)\Switcher\Switcher.exe" /quiet
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/06/2014 04:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/05/2014 11:54:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/05/2014 11:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/05/2014 11:10:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-12-04 21:53:43.825
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 17%
Total physical RAM: 16346.33 MB
Available physical RAM: 13508.07 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 29733.94 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:771.51 GB) (Free:625.1 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

deeprybka 06.12.2014 17:11
Hi,
bitte Deinem Kaspersky sagen, er soll beim Zoek-Download und Scan die Klappe halten - ergo:
Echtzeitschutz vor Schritt 1 deaktivieren:

Schritt 1
Download von https://sites.google.com/site/canned...b27e2-Zoek.png ZOEK (by Smeenk)
  • Speichere die zoek.exe auf dem Desktop.
  • Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
  • Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
  • Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:
    Code:
    systemspecs;
    autoclean;
    FFdefaults;
    iedefaults;
    CHRdefaults;
    emptyclsid;
    process;
    services-list;
    startupall;
    filesrcm;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
    Zitat:
    Zoek.exe is running now.
    Do not start any browser windows, they may get closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
  • Bitte poste mir das zoek-results.log.

Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Harzburch 06.12.2014 18:07
Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Max on 06.12.2014 at 17:19:51,84.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Max\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

06.12.2014 17:20:35 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Avira deleted successfully
C:\PROGRA~2\DebugMode deleted successfully
C:\PROGRA~2\ManyCam deleted successfully
C:\PROGRA~2\Rainlendar2 deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\BEAF8266-AE64-40A2-BF8D-99F4FB145C26 deleted successfully
C:\PROGRA~3\Guitar Pro 6 deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Visicom Media deleted successfully
C:\Users\Max\AppData\Roaming\Common deleted successfully
C:\Users\Max\AppData\Roaming\Splashtop deleted successfully
C:\Users\Max\AppData\Roaming\TP deleted successfully
C:\Users\Max\AppData\Local\StormFall deleted successfully
C:\Users\Max\AppData\Local\WorldofTanks deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Users\Max\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services(whitelist) ======================
Powered by E Dev

R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
R2 - [AVP15.0.0] - Kaspersky Anti-Virus Service 15.0.0 - c:\program files (x86)\kaspersky lab\kaspersky anti-virus 15.0.0\avp.exe
R2 - [cvhsvc] - Client Virtualization Handler - c:\program files (x86)\common files\microsoft shared\virtualization handler\cvhsvc.exe
R2 - [FastTrackProAudioDevMon] - Fast Track Pro Audio Device Monitor - c:\program files (x86)\m-audio\fast track pro\audiodevmon.exe
R2 - [GfExperienceService] - NVIDIA GeForce Experience Service - c:\program files\nvidia corporation\geforce experience service\gfexperienceservice.exe
R2 - [Intel(R) Capability Licensing Service Interface] - Intel(R) Capability Licensing Service Interface - c:\program files\intel\icls client\heciserver.exe
R2 - [jhi_service] - Intel(R) Dynamic Application Loader Host Interface Service - c:\program files (x86)\intel\intel(r) management engine components\dal\jhi_service.exe
R2 - [LMS] - Intel(R) Management and Security Application Local Management Service - c:\program files (x86)\intel\intel(r) management engine components\lms\lms.exe
R2 - [NvNetworkService] - NVIDIA Network Service - c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
R2 - [NvStreamSvc] - NVIDIA Streamer Service - c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
R2 - [nvsvc] - NVIDIA Display Driver Service - c:\windows\system32\nvvsvc.exe
R2 - [sftlist] - Application Virtualization Client - c:\program files (x86)\microsoft application virtualization client\sftlist.exe
R2 - [Stereo Service] - NVIDIA Stereoscopic 3D Driver Service - c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
R2 - [UMVPFSrv] - UMVPFSrv - c:\program files (x86)\common files\logishrd\lvmvfm\umvpfsrv.exe
R2 - [UNS] - Intel(R) Management and Security Application User Notification Service - c:\program files (x86)\intel\intel(r) management engine components\uns\uns.exe
R2 - [wlidsvc] - Windows Live ID Sign-in Assistant - c:\program files\common files\microsoft shared\windows live\wlidsvc.exe
R2 - [WMPNetworkSvc] - Windows Media Player-Netzwerkfreigabedienst - c:\program files\windows media player\wmpnetwk.exe
R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe
R3 - [sftvsa] - Application Virtualization Service Agent - c:\program files (x86)\microsoft application virtualization client\sftvsa.exe
S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe
S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe
S2 - [gupdate] - Google Update-Dienst (gupdate) - c:\program files (x86)\google\update\googleupdate.exe
S2 - [SeaPort] - SeaPort - c:\program files (x86)\microsoft\bingbar\seaport.exe [x]
S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe
S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
S3 - [ALG] - Gatewaydienst auf Anwendungsebene - c:\windows\system32\alg.exe
S3 - [BBSvc] - Bing Bar Update Service - c:\program files (x86)\microsoft\bingbar\bbsvc.exe [x]
S3 - [COMSysApp] - COM+-Systemanwendung - c:\windows\system32\dllhost.exe
S3 - [ehRecvr] - Windows Media Center-Empfängerdienst - c:\windows\ehome\ehrecvr.exe
S3 - [ehSched] - Windows Media Center-Planerdienst - c:\windows\ehome\ehsched.exe
S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe
S3 - [FontCache3.0.0.0] - Windows Presentation Foundation-Schriftartcache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe
S3 - [fsssvc] - Windows Live Family Safety Service - c:\program files (x86)\windows live\family safety\fsssvc.exe
S3 - [gupdatem] - Google Update-Dienst (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe
S3 - [ICCS] - Intel(R) Integrated Clock Controller Service - Intel(R) ICCS - c:\program files (x86)\intel\intel(r) integrated clock controller service\iccproxy.exe
S3 - [IDriverT] - InstallDriver Table Manager - c:\program files (x86)\common files\installshield\driver\1050\intel 32\idrivert.exe
S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe
S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe
S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe
S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe
S3 - [osppsvc] - Office Software Protection Platform - c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\osppsvc.exe
S3 - [PerfHost] - Leistungsindikator-DLL-Host - c:\windows\syswow64\perfhost.exe
S3 - [RpcLocator] - RPC-Locator - c:\windows\system32\locator.exe
S3 - [SNMPTRAP] - SNMP-Trap - c:\windows\system32\snmptrap.exe
S3 - [Steam Client Service] - Steam Client Service - c:\program files (x86)\common files\steam\steamservice.exe
S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe
S3 - [vds] - Virtueller Datenträger - c:\windows\system32\vds.exe
S3 - [VSS] - Volumeschattenkopie - c:\windows\system32\vssvc.exe
S3 - [wbengine] - Blockebenen-Sicherungsmodul - c:\windows\system32\wbengine.exe
S3 - [wmiApSrv] - WMI-Leistungsadapter - c:\windows\system32\wbem\wmiapsrv.exe
S4 - [aspnet_state] - ASP.NET-Zustandsdienst - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe
S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe
S4 - [wlcrasvc] - Windows Live Mesh remote connections service - c:\program files\windows live\mesh\wlcrasvc.exe

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.search.suggest.enabled", false);
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\prefs.js:

ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs__1729_.backup

==== Deleting Files \ Folders ======================

C:\Users\Max\.android deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Users\Max\ChromeExtensions deleted
C:\Users\Max\AppData\Roaming\WB.CFG deleted
C:\Users\Max\AppData\Roaming\GoldenGate deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\EmailNotifier deleted
C:\Users\Max\AppData\Local\cache deleted
C:\Users\Max\AppData\Local\Google\Chrome Frame\User Data\IEXPLORE\Default\ext_offermosquito deleted
C:\Users\Max\Downloads\ReimageRepair.exe deleted
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\jetpack deleted
"C:\ProgramData\{5CAFA1B7-9EEF-4cc7-B9F7-9DDB3DAA679E}" deleted
"C:\ProgramData\{701ACAF9-F102-47c2-8907-36246F4DFB51}" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 16347 MB
CPU Info: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
CPU Speed: 3397,5 MHz
Sound Card: Lautsprecher (VIA High Definiti |
Line 1/2 (2- M-Audio Fast Track |
Display Adapters: NVIDIA GeForce GTX 550 Ti | NVIDIA GeForce GTX 550 Ti | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; PnP-Monitor (Standard) |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: SAMSUNG Mobile USB Remote NDIS Network Device | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 2x (D: | J: | ) D: HL-DT-STDVDRAM GH24NS90 | J: DTSOFT BDROM
Ports: COM1 LPT1
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 771,5GB | K: 160,0GB | Q: 0,0MB
Hard Disks - Free: C: 625,0GB | K: 159,9GB | Q: 0,0MB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 05/11/12 | ALASKA - 1072009
Time Zone: Mitteleuropäische Zeit
Motherboard *: Gigabyte Technology Co., Ltd. H77M-D3H
Country: Deutschland
Language: DEU

==== System Specs (Software) ======================

Anti-Virus: Kaspersky Anti-Virus On-access scanning disabled (Outdated)
Anti-Spyware: Kaspersky Anti-Virus disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox 34.0.5
Internet Explorer Version: 11.0.9600.17420
Mozilla Firefox version: 34.0.5 (x86 de)
Google Chrome version: 39.0.2171.71
Adobe Reader version: 11.0.9.29
Flash Player version: 15.0.0.239

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-12-03 20:44:04 F9F4905664C5B42B49E78EFA12D1A6B6 20 ----a-w- C:\Windows\ˆø'
2014-11-30 06:39:57 0DD37FF1ADA43B8955C6525DE7ACFD42 802013673 ----a-w- C:\Windows\MEMORY.DMP
====== C:\Users\Max\AppData\Local\Temp ====
2014-12-06 00:32:08 05499C8E0A5EF56CE4988017F2485764 925184 ------w- C:\Users\Max\AppData\Local\Temp\eLicenserInst\eLicenser Driver Package\x64\DPInst.exe
2014-12-05 23:33:02 FFF48405C43A06F4B4A29F4562F7CD92 127488 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\OSProvider.dll
2014-12-05 23:33:02 CCF6EC908566900E9626DC3360B9E35E 112128 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismCorePS.dll
2014-12-05 23:33:02 BB9E8732FC0B76EF29DC90C63397078E 312832 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\IntlProvider.dll
2014-12-05 23:33:02 A909643B215FC0587A043C9C15959D41 186368 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismProv.dll
2014-12-05 23:33:02 A2D08E8B0AE6750DDD9D01D61BDDC818 435712 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DmiProvider.dll
2014-12-05 23:33:02 9E7E2B01C65C4E276ED55B1F1BD6CE2B 302080 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\UnattendProvider.dll
2014-12-05 23:33:02 7B38D7916A7CD058C16A0A6CA5077901 271360 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\wdscore.dll
2014-12-05 23:33:02 739968678548BA15F6B9372E8760C012 444416 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\TransmogProvider.dll
2014-12-05 23:33:02 732A13256A9BE7E15E2D58393D6B85F4 471040 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\WimProvider.dll
2014-12-05 23:33:02 703E7D07687D2751D0474E4D333E832C 1672192 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\CbsProvider.dll
2014-12-05 23:33:02 6EBC2138A3C9B3B7D1E69E0629B6C815 289792 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismCore.dll
2014-12-05 23:33:02 64B66A41B61D511E8EBE94625EC0E45A 53760 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\FolderProvider.dll
2014-12-05 23:33:02 5AE6EFCD674AC76CC1A9929F1AFA0ECE 183296 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\CompatProvider.dll
2014-12-05 23:33:02 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismHost.exe
2014-12-05 23:33:02 45FF4FA5CA5432BFCCDED4433FE2A85B 216576 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\MsiProvider.dll
2014-12-05 23:33:02 011A725B36F05E8A771626017064F2CA 271360 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\SmiProvider.dll
2014-12-05 22:42:17 18958A2E7C65349F9FB41B31E3C5A623 901363 ----a-w- C:\Users\Max\AppData\Local\Temp\Rar$EXa0.606\Multi_AV.exe
2014-12-05 22:09:01 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Users\Max\AppData\Local\Temp\nvStInst.exe
2014-12-05 20:17:40 E0DC8C6BBC787B972A9A468648DBFD85 1008128 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\libiconv2.dll
2014-12-05 20:17:40 D202BAA425176287017FFE1FB5D1B77C 103424 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\libintl3.dll
2014-12-05 20:17:40 57CAC848FA14AE38F14F9441F8933282 140288 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\pcre3.dll
2014-12-05 20:17:40 547C43567AB8C08EB30F6C6BACB479A3 79360 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\regex2.dll
2014-12-05 20:17:40 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-12-05 19:29:09 6AACB4C3D5421477B6020C40505FE3BE 116064 ----a-w- C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe
2014-12-05 19:29:05 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Max\AppData\Local\Temp\17736377.Uninstall\uninstaller.exe
2014-12-05 19:21:33 6DC42EA47296B08B1047682161051FA6 13263976 ----a-w- C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe
2014-12-05 19:20:28 DE3DD2C419C7B383E6FD7997A782D5D1 95232 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\node_modules\gameo_utils\build\Release\gameo_utils.dll
2014-12-05 19:20:28 9EE20E6E2E3F94714D44F739B9A228F4 17048240 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\plugins\NPSWF32_14_0_0_179.dll
2014-12-05 19:20:28 76DCCDD092768DAB0D19714799F21686 414208 ----a-w- C:\Users\Max\AppData\Local\Temp\nw5832_5742\node_modules\goldengate\build\Release\goldengate.dll
2014-12-05 19:19:36 FEE30971F3E6330C0A82FBFC49C47B4B 35312668 ----a-w- C:\Users\Max\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE
2014-12-03 20:44:50 8C47303CE87AEAE0E0283EC1E2072BEB 126976 ------w- C:\Users\Max\AppData\Local\Temp\{1647D81D-7ACA-444E-952E-945FDAF4A4D0}\{1E03C8BE-0848-430F-BECA-7D7709401626}\InstallHelper.dll
2014-12-03 20:38:15 F4AD2428504B14403FECF254E3B82A86 941848 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\UnSetup.exe
2014-12-03 20:38:15 3EA4B01045BB503A0ADDEFE7FBD97D5D 55128 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\InstallData\Interop.IWshRuntimeLibrary.dll
2014-12-03 20:37:09 E2169AD646E94984BDECFDDBA604C1C8 204800 ----a-w- C:\Users\Max\AppData\Local\Temp\drm_dyndata_7380009.dll
2014-12-03 20:37:08 153E62901A65D7D26113EBB58683B735 375992 ----a-w- C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
2014-12-03 20:33:12 465B712B806D518BEF251F1CD02AFC4C 74177 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\4137b8eca8706c173ba3d2bdbda97f53\FRAPS19D.EXE
2014-12-03 20:32:51 3C16B7CAAF77B766734D52093F2DCCA1 370512 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\dmr_72.exe
2014-11-27 23:01:10 E77E38246C4F8A3F372B833CF88815A4 36352 ----a-w- C:\Users\Max\AppData\Local\Temp\2186639\x64\wmi64.exe
2014-11-27 09:04:24 4BE307353A509F66785DC83AFA915330 367448 ------w- C:\Users\Max\AppData\Local\Temp\is765589038\30AB373D_stp\Couponmonkey.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-12-05 22:11:11 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 22:11:10 20C835843FCEC4DEDFCD7BFFA3B91641 470880 ----a-w- C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 22:11:08 86E39E9161C3D930D93822F1563C280D 1998168 ----a-w- C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 22:10:48 7F2B1D9656D673A6D1383A30F2F8820B 1291280 ----a-w- C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 22:10:48 71D73785949F5FD3CD18CEF3D2FD7500 2197680 ----a-w- C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 22:10:11 F21877BF9917249CA16BBAF0833434C2 615624 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 22:08:56 3CE5D0F1FC2127723B3AF13CAC41496F 32584 ----a-w- C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 22:08:55 EC054B6480A3C290A35320C518F2DA5E 303600 ----a-w- C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 22:08:55 D30378B2EACC727AC577B781F4E4E464 923792 ----a-w- C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 22:08:55 B02837FC74C47836100CABB814DE6C87 156840 ----a-w- C:\Windows\SysWOW64\nvinit.dll
2014-12-05 22:08:55 8A9D062C89C6343CC8F57AEBF607EB97 871648 ----a-w- C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 22:08:55 8695BF11BB2C0A5EBFFA5CC15FFFDC6D 11397744 ----a-w- C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 22:08:55 84DC24633E189CFF0912AA5291D3598D 4011208 ----a-w- C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 22:08:55 7CDA6A1347F4C38C18A541B0C0209274 17259664 ----a-w- C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 22:08:55 76FC4D850951BAD50BC24A5DC1DB099C 24557712 ----a-w- C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 22:08:55 36DC7A09D440B6D863E8AD87AFD17249 11336432 ----a-w- C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 22:08:55 018B444F632D7CDE2F01AAFB75149B6F 900928 ----a-w- C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 04:05:33 717E9CA09CB53DC2BBB2DAF78D713828 183808 ----a-w- C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 04:05:33 2AE2C164587549B3872E5EB109FB12F8 810496 ----a-w- C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 04:05:33 201E4F170E3B59E6AB6784122C67E926 112640 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 04:05:33 0903FEFCBD4B28C747DE7EE8201F14D1 714 ----a-w- C:\Windows\SysWOW64\ff_vfw.dll.manifest
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-12-05 22:11:11 9D6429F410597750B2DC2579B2347303 276832 ----a-w- C:\Windows\Sysnative\d3dx11_43.dll
2014-12-05 22:11:10 AD7FA9485059F4DC53C98B49CAB13F0B 511328 ----a-w- C:\Windows\Sysnative\d3dx10_43.dll
2014-12-05 22:11:08 7160FC226391C0B50C85571FA1A546E5 2401112 ----a-w- C:\Windows\Sysnative\D3DX9_43.dll
2014-12-05 22:10:48 BD6E0701DEFADBC0CB1AF58FE538E850 2800296 ----a-w- C:\Windows\Sysnative\nvspcap64.dll
2014-12-05 22:10:48 3CF726DAA01DED40935F170521DA57A7 1715224 ----a-w- C:\Windows\Sysnative\nvspbridge64.dll
2014-12-05 22:08:56 57E904259962D850CB825BAACD3C5C9F 35144 ----a-w- C:\Windows\Sysnative\nvaudcap64v.dll
2014-12-05 22:08:55 D5424A3E2384876DCB5F3685C86F8E2A 4292416 ----a-w- C:\Windows\Sysnative\nvcuvid.dll
2014-12-05 22:08:55 BDEC06F2C95004ADC3B7104DFA32B8E9 352016 ----a-w- C:\Windows\Sysnative\nvoglshim64.dll
2014-12-05 22:08:55 B26BF1B9402896AC3B756979C808B55C 20922512 ----a-w- C:\Windows\Sysnative\nvcompiler.dll
2014-12-05 22:08:55 AA6A70C2A692BDAC567BAB57521FC324 13944952 ----a-w- C:\Windows\Sysnative\nvcuda.dll
2014-12-05 22:08:55 851FBA69C8CDE4C000FD2BEC79B2EEAB 20986592 ----a-w- C:\Windows\Sysnative\nvwgf2umx.dll
2014-12-05 22:08:55 5C580DF5662F2A5974A98D461F745AA5 935240 ----a-w- C:\Windows\Sysnative\NvFBC64.dll
2014-12-05 22:08:55 4DEE167489A95AAC0D1357BB6FC3E7FD 1876296 ----a-w- C:\Windows\Sysnative\nvdispco6434475.dll
2014-12-05 22:08:55 357B2D46EE9EC3D8A794C31CAAF4EBB1 1540424 ----a-w- C:\Windows\Sysnative\nvdispgenco6434475.dll
2014-12-05 22:08:55 2CDFC8CB13FE7953E57F2B217AD58550 174856 ----a-w- C:\Windows\Sysnative\nvinitx.dll
2014-12-05 22:08:55 217AEFFF4AFB65176E4E01E791F29FDC 14032984 ----a-w- C:\Windows\Sysnative\nvopencl.dll
2014-12-05 22:08:55 20477E757C88F5630B118C2B409753DF 19966344 ----a-w- C:\Windows\Sysnative\nvd3dumx.dll
2014-12-05 22:08:55 14D26D0296CF1F2A4BF9C633401A701A 31520 ----a-w- C:\Windows\Sysnative\nvhdap64.dll
2014-12-05 22:08:55 00BC15E8285B91588AB6E496BDB04BD3 31893136 ----a-w- C:\Windows\Sysnative\nvoglv64.dll
2014-12-05 22:08:55 00BA523771F2F27AEC3DA4B024640526 964928 ----a-w- C:\Windows\Sysnative\NvIFR64.dll
====== C:\Windows\Sysnative\drivers =====
2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\Sysnative\drivers\nvvad64v.sys
2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\Sysnative\drivers\nvhda64v.sys
2014-12-05 22:08:55 185B4FFECD886A424B57B58AE173FBBE 13213512 ----a-w- C:\Windows\Sysnative\drivers\nvlddmkm.sys
2014-11-13 00:26:23 41774FF331F609EF442B7398EE6202B1 155064 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-11-07 15:37:00 CD81447AB991F3E7F1FCF59CEA07D1E0 793800 ----a-w- C:\Windows\Sysnative\drivers\klif.sys
2014-11-07 15:37:00 7ED6B6805B3E1BC9DC2418F1C5C920B4 243808 ----a-w- C:\Windows\Sysnative\drivers\klhk.sys
2014-11-07 15:37:00 2A88EFE87B5F23BA47FF7AF2DEAEB98F 141320 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-12-05 17:16:08 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service
2014-12-05 00:23:06 -------- d-----w- C:\PROGRA~2\M-Audio
2014-12-05 00:23:06 -------- d-----w- C:\PROGRA~2\COMMON~1\Digidesign
2014-12-04 23:54:15 -------- d-----w- C:\PROGRA~2\RandyRants.com
2014-12-04 23:49:03 -------- d-----w- C:\PROGRA~2\AutoHotkey
2014-12-04 23:09:12 -------- d-----w- C:\PROGRA~2\Microsoft Keyboard Layout Creator 1.4
2014-11-07 15:37:07 -------- d-----w- C:\PROGRA~2\Kaspersky Lab
======= C: =====
2014-12-05 19:38:15 8D987BE841B404B83E6CE18C33C44C88 55 ----a-w- C:\AdwCleanerDebug.txt
====== C:\Users\Max\AppData\Roaming ======
2014-12-05 22:11:46 -------- d-----w- C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 00:43:27 -------- d-----w- C:\Users\Max\AppData\Local\M-Audio
2014-12-05 00:29:02 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\M-Audio
2014-12-04 23:54:15 -------- d-----w- C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-04 23:09:27 -------- d-----w- C:\Users\Max\AppData\Local\MSKLC
2014-12-03 20:26:29 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 20:26:28 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 20:26:28 -------- d-sh--w- C:\Users\Max\AppData\Local\EmieSiteList
2014-11-20 20:12:09 -------- d-----w- C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-06 23:59:20 -------- d-----w- C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-06 23:59:20 -------- d-----w- C:\Users\Max\AppData\Local\Bao_Nguyen
====== C:\Users\Max ======
2014-12-06 01:02:38 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 00:41:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 00:24:58 81DAB3952B9FD6CB00773AD5161FAEF1 153463376 ----a-w- C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 00:24:54 01FACBE85DCDC89D142DE17A61F101BD 58948264 ----a-w- C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-05 22:51:02 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 22:10:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 22:03:11 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 20:17:17 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Max\Downloads\JRT.exe
2014-12-05 19:55:05 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 19:36:37 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 19:22:58 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\Downloads\FRST64.exe
2014-12-05 19:18:16 F1D529A60AA57EDC3A98E76480C2BB52 803152 ----a-w- C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 17:45:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 17:15:13 6B3348A473A331468C7F110E0ECD14B3 244264 ----a-w- C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 04:00:42 BB6412B73307F1C3CD32BE58A56E671D 100117000 ----a-w- C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 00:43:27 -------- d-----w- C:\ProgramData\M-Audio
2014-12-05 00:23:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 00:21:40 -------- d-----w- C:\ProgramData\AVID
2014-12-04 23:49:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-04 23:48:50 97BC6AD7EF40955712CA1E4E8E195104 2047357 ----a-w- C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-04 23:08:16 7BB68B4DB54BADDD6F1C15895BE35B5F 10597792 ----a-w- C:\Users\Max\Downloads\MSKLC.exe
2014-12-04 23:04:22 513D270678DAA215C06AAC55B68B5AF8 301688 ----a-w- C:\Users\Max\Downloads\dpclat.exe
2014-12-03 20:33:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 20:32:44 925E5FC04B298E37BCD99AF2A3B9CDD8 1174352 ----a-w- C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 20:26:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-11-27 22:57:41 2AD9820E4B17E78110A6AA06BF5C1CE2 4184008 ----a-w- C:\Users\Max\Downloads\tdsskiller.exe
2014-11-27 22:57:18 D1CF834179B085457AEB6152A260CD80 164003712 ----a-w- C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-07 15:37:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 15:37:07 -------- d-----w- C:\ProgramData\Kaspersky Lab

====== C: exe-files ==
2014-12-06 15:59:46 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0F0ANW5V\FRST64[1].exe
2014-12-06 01:02:38 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 00:41:46 64036987FDD56ACBE09AEB6570B8F128 468480 ----a-w- C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 00:32:08 05499C8E0A5EF56CE4988017F2485764 925184 ------w- C:\Users\Max\AppData\Local\Temp\eLicenserInst\eLicenser Driver Package\x64\DPInst.exe
2014-12-06 00:24:58 81DAB3952B9FD6CB00773AD5161FAEF1 153463376 ----a-w- C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 00:24:54 01FACBE85DCDC89D142DE17A61F101BD 58948264 ----a-w- C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-05 23:33:02 516A5FCE06BB388499238A5F9286CB74 96768 ----a-w- C:\Users\Max\AppData\Local\Temp\D8B43B1E-994D-4166-B434-62C281C4A8F6\DismHost.exe
2014-12-05 22:51:02 7A586C1AB5158074ACF0DDAF64C33F22 39441776 ----a-w- C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 22:42:17 18958A2E7C65349F9FB41B31E3C5A623 901363 ----a-w- C:\Users\Max\AppData\Local\Temp\Rar$EXa0.606\Multi_AV.exe
2014-12-05 22:11:56 99CD14EFE0F5A39FD6FA63B0D62F5E88 4451032 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\00006942\DAO.19113547.exe
2014-12-05 22:11:56 28970D295417AA1D81979E397BE4717F 334784 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\000067a9\DRS update.19048648.exe
2014-12-05 22:11:56 053A3499F9FA53C8CA808033C0F2B8E2 429800 ----a-w- C:\Users\Max\AppData\Local\NVIDIA\NvBackend\Packages\00006943\CoProc update.19113656.exe
2014-12-05 22:11:16 024299B2B0E1C11320A4592570D8DE20 1149760 ----a-w- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
2014-12-05 22:10:48 E4AD0AFE043D17AE714B63A55FABF4A9 3679040 ----a-w- C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
2014-12-05 22:10:48 BEB10564C6245948B59FDAA7495A02D7 86160 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedServiceHost.exe
2014-12-05 22:10:48 4DD746CD8F9EF8A8D07B13CF21FCEDB6 127296 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\LED Visualizer\NvLedVisualizer.exe
2014-12-05 22:10:45 EE15D4E3AB44C67505F25DD38DF6DA85 638784 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2014-12-05 22:10:45 C9FBCB16A6E8F829D3EBB6951DC29F77 5102912 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
2014-12-05 22:10:45 C982FE172EA1C7B840C4243C5AB3F8BE 19821376 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
2014-12-05 22:10:44 BB5C9345CB1892DF6A2728233F9B3E25 4816200 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
2014-12-05 22:10:44 5BEAC67EE916146E380099B9C6796841 597992 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\7z.exe
2014-12-05 22:10:11 F21877BF9917249CA16BBAF0833434C2 615624 ----a-w- C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 22:10:11 E135479F83909D3596A18E5F92A7E3AF 896328 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NvStereoUtilityOGL.exe
2014-12-05 22:10:11 C1A1BECD74232ADE9DEEBF46ED207446 436424 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstreg.exe
2014-12-05 22:10:11 A9425CB7D5A698EA49BE0DF55A448E68 409800 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
2014-12-05 22:10:11 89AE9D8AD1E09F6E565A8FE1ED2F30C2 834888 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStInst.exe
2014-12-05 22:10:11 31E342F7F7F573D7EA8836B62362C51A 1909064 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe
2014-12-05 22:10:11 1FB211EF360CEAAF40997A4F0E13D1EE 2612224 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe
2014-12-05 22:10:11 0F4D0B9B315AB94517E43E5FC12FAF31 1109824 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe
2014-12-05 22:10:11 0B3B2F24B4312119DF4B2F750A01E214 8357704 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\NVStWiz.exe
2014-12-05 22:10:08 D6A687B5E24257B5D3991C0D9BC45BBC 1796928 ----a-w- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
2014-12-05 22:09:57 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\SETUP.EXE
2014-12-05 22:09:01 C8269C7833D0ABA2AE2B36F9207D84A0 826712 ----a-w- C:\Users\Max\AppData\Local\Temp\nvStInst.exe
2014-12-05 22:08:56 1AA224A6535CB25057F17512EE09D3E9 18959720 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.3DVision.{F4B175E6-46FB-4D01-9B8D-95A6515A551A}\3DVision.exe
2014-12-05 22:08:55 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F18B2EE3-6801-45EE-B73D-CE2F8411DABA}\dbInstaller.exe
2014-12-05 22:08:55 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\Program Files\NVIDIA Corporation\Drs\dbInstaller.exe
2014-12-05 22:08:55 AAB541C139C9BC98D7788045031B1A5A 85383656 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{F18B2EE3-6801-45EE-B73D-CE2F8411DABA}\NvCplSetupInt.exe
2014-12-05 22:07:58 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\setup.exe
2014-12-05 22:07:54 F4B7FA4858FC2DA365B6F119E03DD7F0 2728736 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nwiz.exe
2014-12-05 22:07:54 D9DDC41CCA78407D273B70AF4C6FAB81 18184000 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamsvc.exe
2014-12-05 22:07:54 B826E3EB9EA0C93123B7D84FD5782AC3 412992 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\setup.exe
2014-12-05 22:07:54 A35F9D3872B1740148A3EAB9E6B95741 479520 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nvTaskBar.exe
2014-12-05 22:07:54 523499F8D0B0C313F7888B8D9450E4A3 197440 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Update.Core\WLMerger.exe
2014-12-05 22:07:53 EE15D4E3AB44C67505F25DD38DF6DA85 638784 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\SteamLauncher\NVIDIA.SteamLauncher.exe
2014-12-05 22:07:53 E4AD0AFE043D17AE714B63A55FABF4A9 3679040 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps64.exe
2014-12-05 22:07:53 D6A687B5E24257B5D3991C0D9BC45BBC 1796928 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Network.Service\NVNetworkService.exe
2014-12-05 22:07:53 C9FBCB16A6E8F829D3EBB6951DC29F77 5102912 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamer.exe
2014-12-05 22:07:53 C982FE172EA1C7B840C4243C5AB3F8BE 19821376 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\nvstreamsvc.exe
2014-12-05 22:07:53 BEB10564C6245948B59FDAA7495A02D7 86160 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedServiceHost.exe
2014-12-05 22:07:53 4DD746CD8F9EF8A8D07B13CF21FCEDB6 127296 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\LEDVisualizer\NvLedVisualizer.exe
2014-12-05 22:07:53 12AB2C8AAB31F84C7AB82010DDCCE1C8 2831168 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\nvspcaps.exe
2014-12-05 22:07:53 0E063925CE9A2CCF520B257D4684AB09 3999040 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\nvstreamer.exe
2014-12-05 22:07:52 F57258F04743DF38C491030652095359 521024 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShadowPlay\DXSETUP.exe
2014-12-05 22:07:52 BCB621859FA033FF3B0C0B16D3541C6E 438984 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.Driver\dbInstaller.exe
2014-12-05 22:07:52 BB5C9345CB1892DF6A2728233F9B3E25 4816200 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience\GFExperience.exe
2014-12-05 22:07:52 AAB541C139C9BC98D7788045031B1A5A 85383656 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.Driver\NvCplSetupInt.exe
2014-12-05 22:07:52 7484ABE3354FE9D818C419D47DCBE28D 916800 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService32.exe
2014-12-05 22:07:52 5BEAC67EE916146E380099B9C6796841 597992 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience\7z.exe
2014-12-05 22:07:52 53406E9988306CBD4537677C5336ABA4 889416 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\MS.NET\dotNetFx40_Full_setup.exe
2014-12-05 22:07:52 478D7132376A9B209C06CB5136F5436A 744736 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Display.NView\nvAppBar.exe
2014-12-05 22:07:52 381474F8A4477CF4951553EF530B0ED5 2465088 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Update.Core\NvBackend.exe
2014-12-05 22:07:52 1AA224A6535CB25057F17512EE09D3E9 18959720 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVision\3DVision.exe
2014-12-05 22:07:52 024299B2B0E1C11320A4592570D8DE20 1149760 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GfExperienceService\GfExperienceService64.exe
2014-12-05 22:03:11 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 20:17:40 2E0323A94915FAAB10A25F3BABF82584 157696 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-12-05 20:17:17 C254F3ECEB9B1AC795BA6B25DE008EBA 1707646 ----a-w- C:\Users\Max\Downloads\JRT.exe
2014-12-05 19:55:05 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 19:36:37 AF506E0B71016682293AC3814A7D62BA 2153472 ----a-w- C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 19:29:09 6AACB4C3D5421477B6020C40505FE3BE 116064 ----a-w- C:\Users\Max\AppData\Local\Temp\nsjB2E2.tmp.exe
2014-12-05 19:29:05 BF375A90FE0B135395E20B0EB9190C11 572739 ----a-w- C:\Users\Max\AppData\Local\Temp\17736377.Uninstall\uninstaller.exe
2014-12-05 19:22:58 F4F789173E79E7E01F83417A76538E11 2118144 ----a-w- C:\Users\Max\Downloads\FRST64.exe
2014-12-05 19:22:58 AEED85060B2A31847910E7FE2A27F433 2117632 ----a-w- C:\Users\Max\Downloads\FRST-OlderVersion\FRST64.exe
2014-12-05 19:21:33 6DC42EA47296B08B1047682161051FA6 13263976 ----a-w- C:\Users\Max\AppData\Local\Temp\ReimagePackage.exe
2014-12-05 19:19:36 FEE30971F3E6330C0A82FBFC49C47B4B 35312668 ----a-w- C:\Users\Max\AppData\Local\Temp\is765589038\7DD354DE_stp.EXE
2014-12-05 19:18:16 F1D529A60AA57EDC3A98E76480C2BB52 803152 ----a-w- C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 17:45:09 C5EA9D9AADBB111D0F65DB53C60D5478 308364224 ----a-w- C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 17:16:09 B015BE6E7E2E47EDF38186C3CCCD41CF 103588 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2014-12-05 17:16:08 B4E9C7383A705628AD491CF0F87D901F 114800 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2014-12-05 17:15:13 6B3348A473A331468C7F110E0ECD14B3 244264 ----a-w- C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 04:00:42 BB6412B73307F1C3CD32BE58A56E671D 100117000 ----a-w- C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_F33C5543CA54DFFA237A37.exe
2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_B1CA15029C1C01AF26BE17.exe
2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_853F67D554F05449430E7E.exe
2014-12-04 23:54:15 DC5DBE7298CFCC75D857F89508F2A110 4710 ----a-r- C:\Users\Max\AppData\Roaming\Microsoft\Installer\{636E94DA-99C0-448F-A931-3DAD83B4975F}\_766E8E735A97E6B647001F.exe
2014-12-04 23:49:03 4B670AE0775B0C21C293C3714AEDDBE5 50484 ----a-w- C:\Program Files (x86)\AutoHotkey\uninst.exe
2014-12-04 23:48:50 97BC6AD7EF40955712CA1E4E8E195104 2047357 ----a-w- C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-04 23:08:16 7BB68B4DB54BADDD6F1C15895BE35B5F 10597792 ----a-w- C:\Users\Max\Downloads\MSKLC.exe
2014-12-04 23:04:22 513D270678DAA215C06AAC55B68B5AF8 301688 ----a-w- C:\Users\Max\Downloads\dpclat.exe
2014-12-03 20:38:15 F4AD2428504B14403FECF254E3B82A86 941848 ----a-w- C:\Users\Max\AppData\Local\Temp\Epic-80b96b70-ff5d-42fc-84d9-381ad2a25827\Binaries\UnSetup.exe
2014-12-03 20:37:08 153E62901A65D7D26113EBB58683B735 375992 ----a-w- C:\Users\Max\AppData\Local\Temp\CmdLineExtInstallerExe.exe
2014-12-03 20:33:15 E4420337B6889E38F3C7221FDA0123E1 21730 ----a-w- C:\Fraps\uninstall.exe
2014-12-03 20:33:12 465B712B806D518BEF251F1CD02AFC4C 74177 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\Downloads\fc14996dfa99adfc7baae624196888c5\4137b8eca8706c173ba3d2bdbda97f53\FRAPS19D.EXE
2014-12-03 20:32:51 3C16B7CAAF77B766734D52093F2DCCA1 370512 ----a-w- C:\Users\Max\AppData\Local\Temp\DMR\dmr_72.exe
2014-12-03 20:32:44 925E5FC04B298E37BCD99AF2A3B9CDD8 1174352 ----a-w- C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
=== C: other files ==
2014-12-05 22:10:45 D6E22C63F1F2B2B5B5E95F70BEBDB2BC 20800 ----a-w- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
2014-12-05 22:09:57 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService64.sys
2014-12-05 22:09:57 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\InstallerCore\NVI2SystemService32.sys
2014-12-05 22:08:56 D2DF95CDE541021B7908503C6FE8F306 434832 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{0D05D2E1-8C3B-499B-9A60-2C43A5488DF7}\nvstusb32.sys
2014-12-05 22:08:56 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{96DC57F9-1714-40CD-B9D4-90BC49E22080}\NVSWCFilter32.sys
2014-12-05 22:08:56 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5D5F0A93-57D9-4C4F-A450-FABC8AC7C34E}\nvvad32v.sys
2014-12-05 22:08:56 61E742FCFC9621DFD173B7AD7841CE4C 451216 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\Display.NVIRUSB.{0D05D2E1-8C3B-499B-9A60-2C43A5488DF7}\nvstusb64.sys
2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-12-05 22:08:56 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{5D5F0A93-57D9-4C4F-A450-FABC8AC7C34E}\nvvad64v.sys
2014-12-05 22:08:56 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{96DC57F9-1714-40CD-B9D4-90BC49E22080}\NVSWCFilter64.sys
2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-12-05 22:08:55 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda64v.sys
2014-12-05 22:08:55 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda32.sys
2014-12-05 22:08:55 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda32v.sys
2014-12-05 22:08:55 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\HDAudio.Driver.{9C4D8677-F350-49F7-82BA-7332E2598DF0}\nvhda64.sys
2014-12-05 22:08:55 185B4FFECD886A424B57B58AE173FBBE 13213512 ----a-w- C:\Windows\System32\drivers\nvlddmkm.sys
2014-12-05 22:07:58 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\NVI2SystemService64.sys
2014-12-05 22:07:58 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{9E7C6CBB-1542-4099-AB41-E98ADE92883F}\NVI2SystemService32.sys
2014-12-05 22:07:57 D6E22C63F1F2B2B5B5E95F70BEBDB2BC 20800 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\amd64\server\NvStreamKms.sys
2014-12-05 22:07:57 D2DF95CDE541021B7908503C6FE8F306 434832 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb32.sys
2014-12-05 22:07:57 CE9812A9B6695E0FA4ACBDF18AC9076B 16032 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter32.sys
2014-12-05 22:07:57 C87B11EB78428853F9E8495C47E53C10 197408 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda64v.sys
2014-12-05 22:07:57 C52873704586DCA47194856EEA4D27D4 15688 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService64.sys
2014-12-05 22:07:57 BE6832BA702EBC3527D7BC7A37DAB052 33096 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NvVAD\nvvad32v.sys
2014-12-05 22:07:57 B612810DD740F53244C9E53362D7D9A0 129184 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda32.sys
2014-12-05 22:07:57 91724DB3DDD59F27000D1C159A5F67FB 162592 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda32v.sys
2014-12-05 22:07:57 81060E9F913E96F59CF1AEBC4F0618FF 163104 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\HDAudio\nvhda64.sys
2014-12-05 22:07:57 70BEBCCC9D553022E3A4AB48D793FFE7 13512 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NVI2\NVI2SystemService32.sys
2014-12-05 22:07:57 61E742FCFC9621DFD173B7AD7841CE4C 451216 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NV3DVisionUSB.Driver\nvstusb64.sys
2014-12-05 22:07:57 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3 38216 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\NvVAD\nvvad64v.sys
2014-12-05 22:07:57 1ECE29EE5DBD4401C6C4ECA7FACC5E90 19776 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\GFExperience.NvStreamSrv\x86\server\NvStreamKms.sys
2014-12-05 22:07:57 17D21ADA263B31EEDB7EA344AEA4F2E7 19616 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\ShieldWirelessController\NVSWCFilter64.sys
2014-12-05 22:07:57 12D54AD8AF6AD1A2B66E882A67CD4D7E 39056 ----a-w- C:\NVIDIA\DisplayDriver\344.75\Win8_WinVista_Win7_64\International\Miracast.VirtualAudio\nvvadarm.sys
2014-12-05 20:17:40 F56A319979F631C141F5FF02DF87FDB1 43563 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\prelim.bat
2014-12-05 20:17:40 EBAA7BD799FC68980A6A8594BB14A950 190569 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\misc.bat
2014-12-05 20:17:40 DD1E4D974B1672ABD09EFFB225791C4A 1230 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\TDL4.bat
2014-12-05 20:17:40 BC28D90D34DB7AC6BB5789BF3C9E8FDB 14957 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\get.bat
2014-12-05 20:17:40 AD2F52DC72B10AF331692E4A4DD80DFC 18670 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\medfos.bat
2014-12-05 20:17:40 AA0C656F898523BEDF2DA6923197BB80 1264 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\surfvox.bat
2014-12-05 20:17:40 8E6020C14F982CF11B3FE7DBB0CB8EDE 24738 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\searchlnk.bat
2014-12-05 20:17:40 86707BCE5CBB65D9B1C41E249B4423BA 152733 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\firefox.bat
2014-12-05 20:17:40 83F691D8398F0E37E71E9355BF730DB9 719 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\ev_clear.bat
2014-12-05 20:17:40 813FA9E2180EE3BB5EFCE744009B5611 10880 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\runvalues.bat
2014-12-05 20:17:40 38A0BDF322ACCC968B0A824C38D50157 29635 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\ask.bat
2014-12-05 20:17:40 335DFF8F23E5EC02B5426362F0F8509B 31401 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\iexplore.bat
2014-12-05 20:17:40 0C4649A62845AB5D5DBCC4998477FF6D 1813 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\delfolders.bat
2014-12-05 20:17:40 080CFDE64F31E7B50EECF4552033E84D 9937 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\mws.bat
2014-12-05 20:17:40 048407135C9B1FB6A355E256BD96160D 14192 ----a-w- C:\Users\Max\AppData\Local\Temp\jrt\chrome.bat
2014-12-03 20:45:07 A211A94BF8BF1A63B92462001A4FC10A 90 ----a-w- C:\Windows\Temp\temp\devcon.bat
2014-11-29 21:32:39 4BD976B1FCCFAE54875CD4D7BD7EC339 3921 ----a-w- C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\extensions\simplesiteblocker@example.com.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"SplitCam"="C:\Program Files (x86)\SplitCam\SplitCam.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SplitCam"="C:\Program Files (x86)\SplitCam\SplitCam.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmazonMP3DownloaderHelper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AmazonMP3DownloaderHelper"
"hkey"="HKCU"
"command"="C:\\Users\\Max\\AppData\\Local\\Program Files\\Amazon\\MP3 Downloader\\AmazonMP3DownloaderHelper.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DataMgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DataMgr"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\DataMgr\\DataMgr.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HDAudDeck"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Intermediate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Intermediate"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\Intermediate\\Intermediate.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mobilegeni daemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mobilegeni daemon"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Mobogenie\\DaemonProcess.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvBackend]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvBackend"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NVIDIA Corporation\\Update Core\\NvBackend.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PriceMeterW]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PriceMeterW"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Local\\PriceMeter\\pricemeterw.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Rainlendar2]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Rainlendar2"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Rainlendar2\\Rainlendar2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SCheck"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\SCheck\\SCheck.exe\" check "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Seventh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Seventh"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\Seventh\\Seventh.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sixth]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sixth"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\Sixth\\Sixth.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Snoozer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Snoozer"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\Snz\\Snz.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SSync"
"hkey"="HKCU"
"command"="\"C:\\Users\\Max\\AppData\\Roaming\\SSync\\SSync.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\svchospt]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="svchospt"
"hkey"="HKLM"
"command"="C:\\Windows\\SysWOW64\\svchospt.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Switcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Switcher"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Switcher\\Switcher.exe\" /quiet"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="USB3MON"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk]
"path"="C:\\Users\\Max\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\net.lnk"
"backup"="C:\\Windows\\pss\\net.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Max\\AppData\\Roaming\\WINDOW~1\\net.exe "
"item"="net"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\VIAKaraokeService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\WPCSvc]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26.11.2014 18:37]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.08.2013 15:29]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14.08.2013 15:29]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"url_advisor@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com" [07.11.2014 16:42]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
- Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
- Undetermined - content_blocker@kaspersky.com
- Simple Site Blocker - %ProfilePath%\extensions\simplesiteblocker@example.com.xpi
- 12989559-84f2-47aa-a442-5e69f9d26720 - %ProfilePath%\extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
8303B3CEC05500F763B4FA75210598BB - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll - Shockwave Flash
E09A55AB513C4D5145F1C318ED024747 - C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll - AmazonMP3DownloaderPlugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho[]
oilkkkefbalmbfppgjmgjoefbclebkce - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
oilkkkefbalmbfppgjmgjoefbclebkce - No path found[]

Google Voice Search Hotword (Beta) - Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
Vosteran New Tab - Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce

==== Chromium Fix ======================

C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage deleted successfully
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage-journal deleted successfully
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oilkkkefbalmbfppgjmgjoefbclebkce_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="hxxp://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{56E26B6C-BB82-48de-BEB0-8F3664DE7835} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH"
{7588F513-7B9E-45dc-914D-B207EFFC6D9A} Google Url="hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DataMgr deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intermediate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PriceMeterW deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Rainlendar2 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SCheck deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Seventh deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sixth deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Snoozer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSync deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Switcher deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Max\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Max\AppData\Local\Mozilla\Firefox\Profiles\fnsdk8k5.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=821 folders=166 44484454 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Max\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Max\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 06.12.2014 at 18:06:19,70 ======================

Harzburch 06.12.2014 18:13
18:08:45.0135 0x1414 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
18:08:47.0722 0x1414 ============================================================
18:08:47.0722 0x1414 Current date / time: 2014/12/06 18:08:47.0722
18:08:47.0722 0x1414 SystemInfo:
18:08:47.0722 0x1414
18:08:47.0722 0x1414 OS Version: 6.1.7601 ServicePack: 1.0
18:08:47.0722 0x1414 Product type: Workstation
18:08:47.0722 0x1414 ComputerName: MAX-PC
18:08:47.0722 0x1414 UserName: Max
18:08:47.0722 0x1414 Windows directory: C:\Windows
18:08:47.0722 0x1414 System windows directory: C:\Windows
18:08:47.0722 0x1414 Running under WOW64
18:08:47.0722 0x1414 Processor architecture: Intel x64
18:08:47.0722 0x1414 Number of processors: 8
18:08:47.0722 0x1414 Page size: 0x1000
18:08:47.0722 0x1414 Boot type: Normal boot
18:08:47.0722 0x1414 ============================================================
18:08:48.0895 0x1414 KLMD registered as C:\Windows\system32\drivers\06954410.sys
18:08:49.0203 0x1414 System UUID: {546EEF6E-57D3-5B7E-5A30-110EFBE4C9A4}
18:08:49.0533 0x1414 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:08:49.0553 0x1414 ============================================================
18:08:49.0553 0x1414 \Device\Harddisk0\DR0:
18:08:49.0553 0x1414 MBR partitions:
18:08:49.0553 0x1414 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x13FFF800
18:08:49.0553 0x1414 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x14000000, BlocksNum 0x60706000
18:08:49.0553 0x1414 ============================================================
18:08:49.0604 0x1414 C: <-> \Device\Harddisk0\DR0\Partition2
18:08:49.0623 0x1414 K: <-> \Device\Harddisk0\DR0\Partition1
18:08:49.0623 0x1414 ============================================================
18:08:49.0623 0x1414 Initialize success
18:08:49.0623 0x1414 ============================================================
18:09:15.0170 0x1470 ============================================================
18:09:15.0170 0x1470 Scan started
18:09:15.0170 0x1470 Mode: Manual; SigCheck; TDLFS;
18:09:15.0170 0x1470 ============================================================
18:09:15.0170 0x1470 KSN ping started
18:09:17.0920 0x1470 KSN ping finished: true
18:09:18.0411 0x1470 ================ Scan system memory ========================
18:09:18.0411 0x1470 System memory - ok
18:09:18.0411 0x1470 ================ Scan services =============================
18:09:18.0493 0x1470 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:09:18.0539 0x1470 1394ohci - ok
18:09:18.0559 0x1470 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:09:18.0573 0x1470 ACPI - ok
18:09:18.0586 0x1470 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:09:18.0613 0x1470 AcpiPmi - ok
18:09:18.0683 0x1470 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:09:18.0692 0x1470 AdobeARMservice - ok
18:09:18.0786 0x1470 [ F79623288F2A357AB20288B5DC4F452A, AA6F70A4C12E390E08074D6FD0EA0D1856D8274DA833E56A8811BF820A2D41D4 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:09:18.0797 0x1470 AdobeFlashPlayerUpdateSvc - ok
18:09:18.0819 0x1470 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
18:09:18.0836 0x1470 adp94xx - ok
18:09:18.0847 0x1470 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
18:09:18.0860 0x1470 adpahci - ok
18:09:18.0875 0x1470 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
18:09:18.0886 0x1470 adpu320 - ok
18:09:18.0906 0x1470 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:09:18.0935 0x1470 AeLookupSvc - ok
18:09:18.0997 0x1470 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
18:09:19.0018 0x1470 AFD - ok
18:09:19.0032 0x1470 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:09:19.0040 0x1470 agp440 - ok
18:09:19.0049 0x1470 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:09:19.0071 0x1470 ALG - ok
18:09:19.0086 0x1470 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:09:19.0093 0x1470 aliide - ok
18:09:19.0116 0x1470 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:09:19.0123 0x1470 amdide - ok
18:09:19.0132 0x1470 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
18:09:19.0145 0x1470 AmdK8 - ok
18:09:19.0148 0x1470 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
18:09:19.0163 0x1470 AmdPPM - ok
18:09:19.0172 0x1470 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:09:19.0181 0x1470 amdsata - ok
18:09:19.0196 0x1470 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
18:09:19.0207 0x1470 amdsbs - ok
18:09:19.0217 0x1470 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:09:19.0225 0x1470 amdxata - ok
18:09:19.0235 0x1470 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:09:19.0278 0x1470 AppID - ok
18:09:19.0296 0x1470 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:09:19.0326 0x1470 AppIDSvc - ok
18:09:19.0354 0x1470 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
18:09:19.0367 0x1470 Appinfo - ok
18:09:19.0377 0x1470 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
18:09:19.0386 0x1470 arc - ok
18:09:19.0398 0x1470 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
18:09:19.0407 0x1470 arcsas - ok
18:09:19.0486 0x1470 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:09:19.0496 0x1470 aspnet_state - ok
18:09:19.0517 0x1470 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:09:19.0562 0x1470 AsyncMac - ok
18:09:19.0589 0x1470 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:09:19.0596 0x1470 atapi - ok
18:09:19.0647 0x1470 [ 417B9BAB376E8E50F6770196656FD348, 8E9856FA16AF6AFA2B9619335DA54799502FFDA7B481802C3DA4A54919D2DAFB ] athur C:\Windows\system32\DRIVERS\athurx.sys
18:09:19.0720 0x1470 athur - ok
18:09:19.0772 0x1470 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:09:19.0802 0x1470 AudioEndpointBuilder - ok
18:09:19.0816 0x1470 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:09:19.0838 0x1470 AudioSrv - ok
18:09:19.0882 0x1470 [ 058734C95991F6BEBF3D3075B8776234, D94A0E5893723C0F30D8215F001039AE9D903BF8EC3782D9583DEFD9B304B0CA ] AVP15.0.0 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
18:09:19.0898 0x1470 AVP15.0.0 - ok
18:09:19.0917 0x1470 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:09:19.0933 0x1470 AxInstSV - ok
18:09:19.0961 0x1470 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
18:09:19.0987 0x1470 b06bdrv - ok
18:09:20.0004 0x1470 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:09:20.0022 0x1470 b57nd60a - ok
18:09:20.0027 0x1470 BBSvc - ok
18:09:20.0040 0x1470 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:09:20.0061 0x1470 BDESVC - ok
18:09:20.0069 0x1470 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:09:20.0099 0x1470 Beep - ok
18:09:20.0127 0x1470 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:09:20.0152 0x1470 BFE - ok
18:09:20.0175 0x1470 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:09:20.0226 0x1470 BITS - ok
18:09:20.0239 0x1470 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:09:20.0257 0x1470 blbdrive - ok
18:09:20.0277 0x1470 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:09:20.0302 0x1470 bowser - ok
18:09:20.0308 0x1470 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
18:09:20.0319 0x1470 BrFiltLo - ok
18:09:20.0326 0x1470 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
18:09:20.0336 0x1470 BrFiltUp - ok
18:09:20.0359 0x1470 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:09:20.0371 0x1470 Browser - ok
18:09:20.0384 0x1470 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:09:20.0412 0x1470 Brserid - ok
18:09:20.0425 0x1470 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:09:20.0444 0x1470 BrSerWdm - ok
18:09:20.0457 0x1470 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:09:20.0467 0x1470 BrUsbMdm - ok
18:09:20.0470 0x1470 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:09:20.0478 0x1470 BrUsbSer - ok
18:09:20.0490 0x1470 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
18:09:20.0505 0x1470 BTHMODEM - ok
18:09:20.0523 0x1470 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:09:20.0552 0x1470 bthserv - ok
18:09:20.0564 0x1470 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:09:20.0593 0x1470 cdfs - ok
18:09:20.0605 0x1470 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:09:20.0622 0x1470 cdrom - ok
18:09:20.0632 0x1470 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:09:20.0660 0x1470 CertPropSvc - ok
18:09:20.0672 0x1470 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
18:09:20.0684 0x1470 circlass - ok
18:09:20.0697 0x1470 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:09:20.0711 0x1470 CLFS - ok
18:09:20.0761 0x1470 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:09:20.0770 0x1470 clr_optimization_v2.0.50727_32 - ok
18:09:20.0796 0x1470 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:09:20.0805 0x1470 clr_optimization_v2.0.50727_64 - ok
18:09:20.0854 0x1470 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:09:20.0865 0x1470 clr_optimization_v4.0.30319_32 - ok
18:09:20.0878 0x1470 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:09:20.0890 0x1470 clr_optimization_v4.0.30319_64 - ok
18:09:20.0906 0x1470 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
18:09:20.0924 0x1470 CmBatt - ok
18:09:20.0945 0x1470 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:09:20.0952 0x1470 cmdide - ok
18:09:20.0989 0x1470 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
18:09:21.0010 0x1470 CNG - ok
18:09:21.0022 0x1470 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
18:09:21.0030 0x1470 Compbatt - ok
18:09:21.0038 0x1470 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:09:21.0049 0x1470 CompositeBus - ok
18:09:21.0051 0x1470 COMSysApp - ok
18:09:21.0114 0x1470 cpuz134 - ok
18:09:21.0120 0x1470 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
18:09:21.0128 0x1470 crcdisk - ok
18:09:21.0159 0x1470 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:09:21.0171 0x1470 CryptSvc - ok
18:09:21.0233 0x1470 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
18:09:21.0255 0x1470 cvhsvc - ok
18:09:21.0280 0x1470 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:09:21.0325 0x1470 DcomLaunch - ok
18:09:21.0342 0x1470 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:09:21.0377 0x1470 defragsvc - ok
18:09:21.0390 0x1470 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:09:21.0427 0x1470 DfsC - ok
18:09:21.0455 0x1470 [ 0B3F6C8F93C5C25977EA5A8B2E656357, 1B1C8DA8592D2B892382E062017E60BF02B1B6642822039F21446DF01FAFDEE1 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:09:21.0464 0x1470 dg_ssudbus - ok
18:09:21.0481 0x1470 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:09:21.0505 0x1470 Dhcp - ok
18:09:21.0519 0x1470 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:09:21.0546 0x1470 discache - ok
18:09:21.0564 0x1470 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
18:09:21.0572 0x1470 Disk - ok
18:09:21.0594 0x1470 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:09:21.0613 0x1470 Dnscache - ok
18:09:21.0633 0x1470 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:09:21.0674 0x1470 dot3svc - ok
18:09:21.0694 0x1470 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:09:21.0729 0x1470 DPS - ok
18:09:21.0756 0x1470 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:09:21.0768 0x1470 drmkaud - ok
18:09:21.0790 0x1470 [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:09:21.0801 0x1470 dtsoftbus01 - ok
18:09:21.0836 0x1470 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:09:21.0861 0x1470 DXGKrnl - ok
18:09:21.0875 0x1470 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:09:21.0904 0x1470 EapHost - ok
18:09:21.0981 0x1470 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
18:09:22.0086 0x1470 ebdrv - ok
18:09:22.0114 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
18:09:22.0128 0x1470 EFS - ok
18:09:22.0184 0x1470 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:09:22.0209 0x1470 ehRecvr - ok
18:09:22.0222 0x1470 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:09:22.0244 0x1470 ehSched - ok
18:09:22.0263 0x1470 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
18:09:22.0281 0x1470 elxstor - ok
18:09:22.0295 0x1470 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:09:22.0308 0x1470 ErrDev - ok
18:09:22.0327 0x1470 [ 84486624268E078255BC7AA47F0960BC, EC2540698B974572F0AC4A93D57C63295BAF66BF50F7416B9DFF5DE790EBDBE7 ] etdrv C:\Windows\etdrv.sys
18:09:22.0333 0x1470 etdrv - ok
18:09:22.0354 0x1470 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:09:22.0399 0x1470 EventSystem - ok
18:09:22.0417 0x1470 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:09:22.0447 0x1470 exfat - ok
18:09:22.0466 0x1470 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:09:22.0497 0x1470 fastfat - ok
18:09:22.0583 0x1470 [ DA3D456D51197ED22631C066B5B32569, B8B7975E6702D7FB6FC9FD1EE81CB440B2C50921C080CB1B3C44226BC4DA22A7 ] FastTrackProAudioDevMon C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
18:09:22.0638 0x1470 FastTrackProAudioDevMon - ok
18:09:22.0658 0x1470 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:09:22.0683 0x1470 Fax - ok
18:09:22.0690 0x1470 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
18:09:22.0699 0x1470 fdc - ok
18:09:22.0707 0x1470 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:09:22.0752 0x1470 fdPHost - ok
18:09:22.0758 0x1470 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:09:22.0788 0x1470 FDResPub - ok
18:09:22.0795 0x1470 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:09:22.0803 0x1470 FileInfo - ok
18:09:22.0816 0x1470 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:09:22.0856 0x1470 Filetrace - ok
18:09:22.0858 0x1470 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
18:09:22.0866 0x1470 flpydisk - ok
18:09:22.0880 0x1470 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:09:22.0893 0x1470 FltMgr - ok
18:09:22.0937 0x1470 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
18:09:22.0973 0x1470 FontCache - ok
18:09:23.0005 0x1470 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:09:23.0013 0x1470 FontCache3.0.0.0 - ok
18:09:23.0023 0x1470 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:09:23.0031 0x1470 FsDepends - ok
18:09:23.0054 0x1470 [ 07DA62C960DDCCC2D35836AEAB4FC578, C67A29E928AF59BF7FB573FAC2176C5598F595406AA90DDB4A364A15BC89A6C4 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
18:09:23.0060 0x1470 fssfltr - ok
18:09:23.0117 0x1470 [ 28DDEEEC44E988657B732CF404D504CB, 47F83018E5449CDCED3DD447991788EBAAC92C418D4513FBA9408C45E9AB8E7E ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
18:09:23.0175 0x1470 fsssvc - ok
18:09:23.0192 0x1470 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:09:23.0200 0x1470 Fs_Rec - ok
18:09:23.0231 0x1470 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:09:23.0244 0x1470 fvevol - ok
18:09:23.0264 0x1470 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
18:09:23.0272 0x1470 gagp30kx - ok
18:09:23.0310 0x1470 [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv C:\Windows\gdrv.sys
18:09:23.0316 0x1470 gdrv - ok
18:09:23.0386 0x1470 [ 024299B2B0E1C11320A4592570D8DE20, 16FB3982E718F2834D1272D400F92AD6319A0C197227C5D61AF87B3C8D2D4759 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:09:23.0422 0x1470 GfExperienceService - ok
18:09:23.0454 0x1470 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:09:23.0496 0x1470 gpsvc - ok
18:09:23.0560 0x1470 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:09:23.0568 0x1470 gupdate - ok
18:09:23.0572 0x1470 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:09:23.0579 0x1470 gupdatem - ok
18:09:23.0604 0x1470 [ 8126331FBD4ED29EB3B356F9C905064D, A58BCE904591DD762410E99960FD956FB579C2CE78FA7BF1406075D29537EF82 ] GVTDrv64 C:\Windows\GVTDrv64.sys
18:09:23.0610 0x1470 GVTDrv64 - ok
18:09:23.0616 0x1470 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:09:23.0634 0x1470 hcw85cir - ok
18:09:23.0657 0x1470 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:09:23.0680 0x1470 HdAudAddService - ok
18:09:23.0689 0x1470 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:09:23.0708 0x1470 HDAudBus - ok
18:09:23.0719 0x1470 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
18:09:23.0735 0x1470 HidBatt - ok
18:09:23.0746 0x1470 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
18:09:23.0759 0x1470 HidBth - ok
18:09:23.0762 0x1470 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
18:09:23.0773 0x1470 HidIr - ok
18:09:23.0783 0x1470 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:09:23.0810 0x1470 hidserv - ok
18:09:23.0836 0x1470 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:09:23.0844 0x1470 HidUsb - ok
18:09:23.0859 0x1470 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:09:23.0887 0x1470 hkmsvc - ok
18:09:23.0906 0x1470 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:09:23.0920 0x1470 HomeGroupListener - ok
18:09:23.0941 0x1470 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:09:23.0963 0x1470 HomeGroupProvider - ok
18:09:23.0966 0x1470 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:09:23.0975 0x1470 HpSAMD - ok
18:09:23.0999 0x1470 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:09:24.0052 0x1470 HTTP - ok
18:09:24.0062 0x1470 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:09:24.0069 0x1470 hwpolicy - ok
18:09:24.0082 0x1470 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:09:24.0093 0x1470 i8042prt - ok
18:09:24.0118 0x1470 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:09:24.0134 0x1470 iaStorV - ok
18:09:24.0171 0x1470 [ 33D4D4A24791587E83F7EE05A446FB7E, 081E48AF76D7D3A71850A4C910EFBB0B280235E2A5303178B0338230F4BA2DE2 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:09:24.0191 0x1470 ICCS - detected UnsignedFile.Multi.Generic ( 1 )
18:09:26.0890 0x1470 Detect skipped due to KSN trusted
18:09:26.0890 0x1470 ICCS - ok
18:09:26.0949 0x1470 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
18:09:26.0954 0x1470 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
18:09:29.0810 0x1470 Detect skipped due to KSN trusted
18:09:29.0810 0x1470 IDriverT - ok
18:09:29.0869 0x1470 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:09:29.0895 0x1470 idsvc - ok
18:09:29.0903 0x1470 IEEtwCollectorService - ok
18:09:29.0912 0x1470 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
18:09:29.0919 0x1470 iirsp - ok
18:09:29.0952 0x1470 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
18:09:29.0980 0x1470 IKEEXT - ok
18:09:30.0000 0x1470 [ 2D66067C7A8A0112156BCD1C0BAA7042, 89F77EEE59FF3AD2E777DA15187F1447F6E112E8831417A0DE656ACB82E7B22E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:09:30.0018 0x1470 Intel(R) Capability Licensing Service Interface - ok
18:09:30.0045 0x1470 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:09:30.0053 0x1470 intelide - ok
18:09:30.0064 0x1470 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:09:30.0073 0x1470 intelppm - ok
18:09:30.0090 0x1470 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:09:30.0122 0x1470 IPBusEnum - ok
18:09:30.0130 0x1470 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:09:30.0158 0x1470 IpFilterDriver - ok
18:09:30.0192 0x1470 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:09:30.0222 0x1470 iphlpsvc - ok
18:09:30.0231 0x1470 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:09:30.0245 0x1470 IPMIDRV - ok
18:09:30.0251 0x1470 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:09:30.0289 0x1470 IPNAT - ok
18:09:30.0294 0x1470 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:09:30.0311 0x1470 IRENUM - ok
18:09:30.0320 0x1470 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:09:30.0327 0x1470 isapnp - ok
18:09:30.0359 0x1470 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:09:30.0372 0x1470 iScsiPrt - ok
18:09:30.0379 0x1470 [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:09:30.0385 0x1470 iusb3hcs - ok
18:09:30.0399 0x1470 [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
18:09:30.0411 0x1470 iusb3hub - ok
18:09:30.0437 0x1470 [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:09:30.0457 0x1470 iusb3xhc - ok
18:09:30.0496 0x1470 [ 166FC0B36842135BC2D3C32DF70ED0D6, 83319957ECEFFF372C683C56DC6ECD34CD4B16A98F3F602E48108B124D07D975 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:09:30.0504 0x1470 jhi_service - ok
18:09:30.0517 0x1470 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:09:30.0525 0x1470 kbdclass - ok
18:09:30.0542 0x1470 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:09:30.0551 0x1470 kbdhid - ok
18:09:30.0555 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
18:09:30.0563 0x1470 KeyIso - ok
18:09:30.0602 0x1470 [ 67D1F7FA1DF9502DE12027D7C7782863, BCB92C1C11A7576FD7E91B160CBC3FB5A0C31FE028305021D7C10EC40C4D5013 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
18:09:30.0617 0x1470 kl1 - ok
18:09:30.0639 0x1470 [ 2A88EFE87B5F23BA47FF7AF2DEAEB98F, 8D702249A462F8A233B594DF1B7C843A2C90F8A0D4FA7358B096020FF2C3E115 ] klflt C:\Windows\system32\DRIVERS\klflt.sys
18:09:30.0648 0x1470 klflt - ok
18:09:30.0688 0x1470 [ 7ED6B6805B3E1BC9DC2418F1C5C920B4, 7FF90C32C95E2141A3D3B378DDE8035C8C6EB811C087A9AF7D20C735CB74142A ] klhk C:\Windows\system32\DRIVERS\klhk.sys
18:09:30.0698 0x1470 klhk - ok
18:09:30.0720 0x1470 [ CD81447AB991F3E7F1FCF59CEA07D1E0, FB6EDDCA703952FAD7FEE24A75DB5C957C45C83B17D4871D1009CA24450CB040 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
18:09:30.0742 0x1470 KLIF - ok
18:09:30.0751 0x1470 [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
18:09:30.0757 0x1470 KLIM6 - ok
18:09:30.0783 0x1470 [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
18:09:30.0789 0x1470 klkbdflt - ok
18:09:30.0806 0x1470 [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
18:09:30.0812 0x1470 klmouflt - ok
18:09:30.0814 0x1470 [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd C:\Windows\system32\DRIVERS\klpd.sys
18:09:30.0820 0x1470 klpd - ok
18:09:30.0827 0x1470 [ 5BB9E329FE48904108BBBF9C73073920, 402E88770C12C9E8D809D2A8C130CA9E5083CDB1D50C38D4CE2F0D24F2D32E82 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
18:09:30.0833 0x1470 kltdi - ok
18:09:30.0841 0x1470 [ D043624FE4AE0A4894A785097C02EF09, 2259CA9BAC73902D291176AB689C101CACE115A8A1C2E6824CC66E928FA27552 ] kneps C:\Windows\system32\DRIVERS\kneps.sys
18:09:30.0850 0x1470 kneps - ok
18:09:30.0874 0x1470 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:09:30.0883 0x1470 KSecDD - ok
18:09:30.0917 0x1470 [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:09:30.0927 0x1470 KSecPkg - ok
18:09:30.0936 0x1470 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:09:30.0966 0x1470 ksthunk - ok
18:09:30.0988 0x1470 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:09:31.0031 0x1470 KtmRm - ok
18:09:31.0053 0x1470 [ B8040D3B97B16B89701E31A17353856C, 41690ACB26536B0AA1CC3B5388F824C9C1CD9648957C8488BAE5F3D57BEE3D85 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
18:09:31.0061 0x1470 L1C - ok
18:09:31.0073 0x1470 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:09:31.0113 0x1470 LanmanServer - ok
18:09:31.0130 0x1470 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:09:31.0164 0x1470 LanmanWorkstation - ok
18:09:31.0186 0x1470 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:09:31.0224 0x1470 lltdio - ok
18:09:31.0236 0x1470 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:09:31.0278 0x1470 lltdsvc - ok
18:09:31.0286 0x1470 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:09:31.0321 0x1470 lmhosts - ok
18:09:31.0362 0x1470 [ C56E64BA70DC822B84D100A6F8D690D3, 1F511FBDDDD6E8CC83C8D0BD152BBE8C4C9E103D2DDED93564DC0FB9962DD040 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:09:31.0373 0x1470 LMS - ok
18:09:31.0398 0x1470 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
18:09:31.0408 0x1470 LSI_FC - ok
18:09:31.0413 0x1470 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
18:09:31.0423 0x1470 LSI_SAS - ok
18:09:31.0434 0x1470 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
18:09:31.0443 0x1470 LSI_SAS2 - ok
18:09:31.0449 0x1470 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
18:09:31.0459 0x1470 LSI_SCSI - ok
18:09:31.0473 0x1470 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:09:31.0512 0x1470 luafv - ok
18:09:31.0619 0x1470 [ FF3A488924B0032B1A9CA6948C1FA9E8, 6F05852B75498210926F5CDF49D2A6DD97C39CD93D32E3200D7240AADA3E7BEE ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
18:09:31.0716 0x1470 LVUVC64 - ok
18:09:31.0739 0x1470 [ 6AA6B239CFCD14870EB186FE0651A434, 8D3378CCE6E020B9F464E2160F0F1A7F16AAEBC7825370BE7A02FFAB4883DBEA ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv.sys
18:09:31.0747 0x1470 ManyCam - ok
18:09:31.0786 0x1470 [ 75D01CE9C57DB0B57114BB3B01D40A74, E7F4D3EED220EC8558B2EB934DE691AEB2AE4F195C9ACA673579C81BEF501496 ] MAUSBFASTTRACKPRO C:\Windows\system32\DRIVERS\MAudioFastTrackPro.sys
18:09:31.0795 0x1470 MAUSBFASTTRACKPRO - ok
18:09:31.0808 0x1470 MBAMSwissArmy - ok
18:09:31.0817 0x1470 [ 4C017AF4CBC57A36C75A270184CC86CB, F6FC22955BD047145B3E43400576530FE351AD68AA2A2EA4F80FF463435F5360 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
18:09:31.0823 0x1470 mcaudrv_simple - ok
18:09:31.0836 0x1470 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:09:31.0849 0x1470 Mcx2Svc - ok
18:09:31.0858 0x1470 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
18:09:31.0866 0x1470 megasas - ok
18:09:31.0873 0x1470 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
18:09:31.0886 0x1470 MegaSR - ok
18:09:31.0900 0x1470 [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:09:31.0906 0x1470 MEIx64 - ok
18:09:31.0911 0x1470 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:09:31.0947 0x1470 MMCSS - ok
18:09:31.0960 0x1470 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:09:31.0991 0x1470 Modem - ok
18:09:32.0000 0x1470 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:09:32.0029 0x1470 monitor - ok
18:09:32.0038 0x1470 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:09:32.0046 0x1470 mouclass - ok
18:09:32.0055 0x1470 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:09:32.0073 0x1470 mouhid - ok
18:09:32.0081 0x1470 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:09:32.0090 0x1470 mountmgr - ok
18:09:32.0137 0x1470 [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:09:32.0146 0x1470 MozillaMaintenance - ok
18:09:32.0160 0x1470 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:09:32.0171 0x1470 mpio - ok
18:09:32.0186 0x1470 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:09:32.0215 0x1470 mpsdrv - ok
18:09:32.0239 0x1470 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:09:32.0284 0x1470 MpsSvc - ok
18:09:32.0304 0x1470 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:09:32.0315 0x1470 MRxDAV - ok
18:09:32.0341 0x1470 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:09:32.0353 0x1470 mrxsmb - ok
18:09:32.0370 0x1470 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:09:32.0384 0x1470 mrxsmb10 - ok
18:09:32.0396 0x1470 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:09:32.0408 0x1470 mrxsmb20 - ok
18:09:32.0422 0x1470 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:09:32.0430 0x1470 msahci - ok
18:09:32.0442 0x1470 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:09:32.0452 0x1470 msdsm - ok
18:09:32.0464 0x1470 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:09:32.0477 0x1470 MSDTC - ok
18:09:32.0481 0x1470 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:09:32.0516 0x1470 Msfs - ok
18:09:32.0522 0x1470 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:09:32.0549 0x1470 mshidkmdf - ok
18:09:32.0560 0x1470 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:09:32.0567 0x1470 msisadrv - ok
18:09:32.0589 0x1470 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:09:32.0628 0x1470 MSiSCSI - ok
18:09:32.0630 0x1470 msiserver - ok
18:09:32.0645 0x1470 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:09:32.0676 0x1470 MSKSSRV - ok
18:09:32.0683 0x1470 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:09:32.0712 0x1470 MSPCLOCK - ok
18:09:32.0720 0x1470 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:09:32.0747 0x1470 MSPQM - ok
18:09:32.0765 0x1470 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:09:32.0780 0x1470 MsRPC - ok
18:09:32.0786 0x1470 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:09:32.0793 0x1470 mssmbios - ok
18:09:32.0806 0x1470 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:09:32.0833 0x1470 MSTEE - ok
18:09:32.0843 0x1470 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
18:09:32.0852 0x1470 MTConfig - ok
18:09:32.0866 0x1470 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:09:32.0874 0x1470 Mup - ok
18:09:32.0899 0x1470 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:09:32.0943 0x1470 napagent - ok
18:09:32.0975 0x1470 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:09:33.0001 0x1470 NativeWifiP - ok
18:09:33.0046 0x1470 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:09:33.0072 0x1470 NDIS - ok
18:09:33.0083 0x1470 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:09:33.0110 0x1470 NdisCap - ok
18:09:33.0118 0x1470 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:09:33.0145 0x1470 NdisTapi - ok
18:09:33.0157 0x1470 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:09:33.0183 0x1470 Ndisuio - ok
18:09:33.0194 0x1470 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:09:33.0234 0x1470 NdisWan - ok
18:09:33.0246 0x1470 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:09:33.0272 0x1470 NDProxy - ok
18:09:33.0275 0x1470 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:09:33.0312 0x1470 NetBIOS - ok
18:09:33.0325 0x1470 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:09:33.0356 0x1470 NetBT - ok
18:09:33.0363 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
18:09:33.0372 0x1470 Netlogon - ok
18:09:33.0390 0x1470 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:09:33.0426 0x1470 Netman - ok
18:09:33.0472 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:09:33.0483 0x1470 NetMsmqActivator - ok
18:09:33.0487 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:09:33.0498 0x1470 NetPipeActivator - ok
18:09:33.0515 0x1470 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:09:33.0552 0x1470 netprofm - ok
18:09:33.0557 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:09:33.0568 0x1470 NetTcpActivator - ok
18:09:33.0572 0x1470 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:09:33.0582 0x1470 NetTcpPortSharing - ok
18:09:33.0600 0x1470 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
18:09:33.0607 0x1470 nfrd960 - ok
18:09:33.0641 0x1470 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:09:33.0661 0x1470 NlaSvc - ok
18:09:33.0672 0x1470 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:09:33.0699 0x1470 Npfs - ok
18:09:33.0709 0x1470 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:09:33.0737 0x1470 nsi - ok
18:09:33.0744 0x1470 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:09:33.0782 0x1470 nsiproxy - ok
18:09:33.0844 0x1470 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:09:33.0900 0x1470 Ntfs - ok
18:09:33.0909 0x1470 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:09:33.0944 0x1470 Null - ok
18:09:33.0965 0x1470 [ C87B11EB78428853F9E8495C47E53C10, FAE479DB0812967B3FF968773BA998591B4F50BE4329B8349BCA7E6EAB1B0474 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
18:09:33.0975 0x1470 NVHDA - ok
18:09:34.0264 0x1470 [ 185B4FFECD886A424B57B58AE173FBBE, 7CFD51694091035639B900EC64FAD62CC1E5F3DC520F59CC27540B170A957C60 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:09:34.0517 0x1470 nvlddmkm - ok
18:09:34.0592 0x1470 [ D6A687B5E24257B5D3991C0D9BC45BBC, EFF23FD2C074A579CAF13C4846D1F0906D014F92517A4C6A359547F560CD296C ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:09:34.0643 0x1470 NvNetworkService - ok
18:09:34.0656 0x1470 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:09:34.0666 0x1470 nvraid - ok
18:09:34.0683 0x1470 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:09:34.0693 0x1470 nvstor - ok
18:09:34.0734 0x1470 [ D6E22C63F1F2B2B5B5E95F70BEBDB2BC, 5BE351CB15218EBC7F0C9B5919A8949BD61FEC6182123B589DF50B44C8A3CA9E ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:09:34.0740 0x1470 NvStreamKms - ok
18:09:35.0150 0x1470 [ C982FE172EA1C7B840C4243C5AB3F8BE, 7CC5BC1F9817E8E0910775FB1EC943345900829D4702538CA7A6138FDF0FAA7F ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:09:35.0647 0x1470 NvStreamSvc - ok
18:09:35.0692 0x1470 [ E1CE82592245B9E9621F17FBF457DB4E, 98B021623B10EBF7ED370BC2516D8377C09E9E2BB49BD96F492F55006B1B8CC4 ] nvsvc C:\Windows\system32\nvvsvc.exe
18:09:35.0715 0x1470 nvsvc - ok
18:09:35.0731 0x1470 [ 1FE5C1F4CCA8EAEA75C90FB2A85D9CC3, 4C3C36ADC9EC0FDED3E3FFC7918680B643652AD39458FAA8525392DAD0ABD845 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:09:35.0737 0x1470 nvvad_WaveExtensible - ok
18:09:35.0750 0x1470 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:09:35.0760 0x1470 nv_agp - ok
18:09:35.0774 0x1470 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:09:35.0820 0x1470 ohci1394 - ok
18:09:35.0974 0x1470 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:09:36.0005 0x1470 ose - ok
18:09:36.0159 0x1470 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:09:36.0286 0x1470 osppsvc - ok
18:09:36.0317 0x1470 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:09:36.0336 0x1470 p2pimsvc - ok
18:09:36.0355 0x1470 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:09:36.0374 0x1470 p2psvc - ok
18:09:36.0388 0x1470 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:09:36.0406 0x1470 Parport - ok
18:09:36.0414 0x1470 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:09:36.0422 0x1470 partmgr - ok
18:09:36.0435 0x1470 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:09:36.0462 0x1470 PcaSvc - ok
18:09:36.0470 0x1470 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:09:36.0481 0x1470 pci - ok
18:09:36.0499 0x1470 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:09:36.0506 0x1470 pciide - ok
18:09:36.0519 0x1470 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
18:09:36.0530 0x1470 pcmcia - ok
18:09:36.0544 0x1470 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:09:36.0552 0x1470 pcw - ok
18:09:36.0569 0x1470 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:09:36.0617 0x1470 PEAUTH - ok
18:09:36.0664 0x1470 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:09:36.0678 0x1470 PerfHost - ok
18:09:36.0721 0x1470 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:09:36.0798 0x1470 pla - ok
18:09:36.0830 0x1470 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:09:36.0856 0x1470 PlugPlay - ok
18:09:36.0861 0x1470 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:09:36.0879 0x1470 PNRPAutoReg - ok
18:09:36.0886 0x1470 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:09:36.0902 0x1470 PNRPsvc - ok
18:09:36.0931 0x1470 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:09:36.0969 0x1470 PolicyAgent - ok
18:09:36.0989 0x1470 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:09:37.0019 0x1470 Power - ok
18:09:37.0036 0x1470 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:09:37.0065 0x1470 PptpMiniport - ok
18:09:37.0068 0x1470 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
18:09:37.0086 0x1470 Processor - ok
18:09:37.0116 0x1470 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
18:09:37.0139 0x1470 ProfSvc - ok
18:09:37.0148 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:09:37.0156 0x1470 ProtectedStorage - ok
18:09:37.0167 0x1470 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:09:37.0206 0x1470 Psched - ok
18:09:37.0258 0x1470 [ 3A6898A1E5B03C892DAEB114275C914E, 2778E73AEC6435C34D5C590846E26C092E2E0F48185FF9160E9241F0CBAAA8B3 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
18:09:37.0262 0x1470 PxHlpa64 - detected UnsignedFile.Multi.Generic ( 1 )
18:09:40.0177 0x1470 PxHlpa64 ( UnsignedFile.Multi.Generic ) - warning
18:09:42.0970 0x1470 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
18:09:43.0016 0x1470 ql2300 - ok
18:09:43.0028 0x1470 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
18:09:43.0038 0x1470 ql40xx - ok
18:09:43.0052 0x1470 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:09:43.0070 0x1470 QWAVE - ok
18:09:43.0077 0x1470 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:09:43.0090 0x1470 QWAVEdrv - ok
18:09:43.0099 0x1470 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:09:43.0126 0x1470 RasAcd - ok
18:09:43.0145 0x1470 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:09:43.0182 0x1470 RasAgileVpn - ok
18:09:43.0194 0x1470 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:09:43.0224 0x1470 RasAuto - ok
18:09:43.0237 0x1470 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:09:43.0275 0x1470 Rasl2tp - ok
18:09:43.0292 0x1470 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:09:43.0328 0x1470 RasMan - ok
18:09:43.0341 0x1470 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:09:43.0371 0x1470 RasPppoe - ok
18:09:43.0374 0x1470 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:09:43.0403 0x1470 RasSstp - ok
18:09:43.0418 0x1470 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:09:43.0451 0x1470 rdbss - ok
18:09:43.0459 0x1470 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
18:09:43.0470 0x1470 rdpbus - ok
18:09:43.0477 0x1470 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:09:43.0503 0x1470 RDPCDD - ok
18:09:43.0512 0x1470 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:09:43.0547 0x1470 RDPENCDD - ok
18:09:43.0553 0x1470 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:09:43.0580 0x1470 RDPREFMP - ok
18:09:43.0608 0x1470 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:09:43.0632 0x1470 RDPWD - ok
18:09:43.0644 0x1470 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:09:43.0656 0x1470 rdyboost - ok
18:09:43.0665 0x1470 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:09:43.0695 0x1470 RemoteAccess - ok
18:09:43.0720 0x1470 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:09:43.0751 0x1470 RemoteRegistry - ok
18:09:43.0772 0x1470 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:09:43.0810 0x1470 RpcEptMapper - ok
18:09:43.0819 0x1470 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:09:43.0829 0x1470 RpcLocator - ok
18:09:43.0847 0x1470 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:09:43.0885 0x1470 RpcSs - ok
18:09:43.0895 0x1470 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:09:43.0924 0x1470 rspndr - ok
18:09:43.0931 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
18:09:43.0939 0x1470 SamSs - ok
18:09:43.0949 0x1470 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:09:43.0958 0x1470 sbp2port - ok
18:09:43.0971 0x1470 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:09:44.0003 0x1470 SCardSvr - ok
18:09:44.0012 0x1470 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:09:44.0038 0x1470 scfilter - ok
18:09:44.0065 0x1470 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:09:44.0118 0x1470 Schedule - ok
18:09:44.0133 0x1470 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:09:44.0160 0x1470 SCPolicySvc - ok
18:09:44.0201 0x1470 [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
18:09:44.0207 0x1470 ScreamBAudioSvc - ok
18:09:44.0244 0x1470 [ 1CA5A783B10EC897FCE91CF220D6C517, DCBCD9E90C73F883B9A55D972CF99F25373049B7684E6738E1E213A20369A5E6 ] scvad_simple C:\Windows\system32\drivers\SplitCamAudio.sys
18:09:44.0262 0x1470 scvad_simple - ok
18:09:44.0277 0x1470 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:09:44.0290 0x1470 SDRSVC - ok
18:09:44.0297 0x1470 SeaPort - ok
18:09:44.0302 0x1470 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:09:44.0334 0x1470 secdrv - ok
18:09:44.0345 0x1470 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:09:44.0373 0x1470 seclogon - ok
18:09:44.0380 0x1470 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:09:44.0409 0x1470 SENS - ok
18:09:44.0417 0x1470 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:09:44.0428 0x1470 SensrSvc - ok
18:09:44.0440 0x1470 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:09:44.0456 0x1470 Serenum - ok
18:09:44.0470 0x1470 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:09:44.0490 0x1470 Serial - ok
18:09:44.0497 0x1470 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
18:09:44.0513 0x1470 sermouse - ok
18:09:44.0527 0x1470 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:09:44.0565 0x1470 SessionEnv - ok
18:09:44.0573 0x1470 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:09:44.0584 0x1470 sffdisk - ok
18:09:44.0590 0x1470 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:09:44.0601 0x1470 sffp_mmc - ok
18:09:44.0603 0x1470 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:09:44.0618 0x1470 sffp_sd - ok
18:09:44.0620 0x1470 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
18:09:44.0629 0x1470 sfloppy - ok
18:09:44.0671 0x1470 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
18:09:44.0692 0x1470 Sftfs - ok
18:09:44.0747 0x1470 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
18:09:44.0764 0x1470 sftlist - ok
18:09:44.0780 0x1470 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
18:09:44.0792 0x1470 Sftplay - ok
18:09:44.0813 0x1470 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
18:09:44.0820 0x1470 Sftredir - ok
18:09:44.0843 0x1470 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
18:09:44.0850 0x1470 Sftvol - ok
18:09:44.0858 0x1470 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
18:09:44.0869 0x1470 sftvsa - ok
18:09:44.0899 0x1470 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:09:44.0938 0x1470 SharedAccess - ok
18:09:44.0952 0x1470 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:09:44.0987 0x1470 ShellHWDetection - ok
18:09:45.0007 0x1470 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
18:09:45.0014 0x1470 SiSRaid2 - ok
18:09:45.0029 0x1470 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
18:09:45.0038 0x1470 SiSRaid4 - ok
18:09:45.0042 0x1470 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:09:45.0081 0x1470 Smb - ok
18:09:45.0091 0x1470 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:09:45.0101 0x1470 SNMPTRAP - ok
18:09:45.0103 0x1470 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:09:45.0110 0x1470 spldr - ok
18:09:45.0147 0x1470 [ 64065FFE37680ACACE4D2C8F3CF20541, F6D2883509C6B49180385AE850A6A50052C6450B7CC3DAFDEF551895EE37D444 ] splitcam_hd_driver C:\Windows\system32\DRIVERS\splitcam_hd_driver.sys
18:09:45.0154 0x1470 splitcam_hd_driver - ok
18:09:45.0191 0x1470 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:09:45.0211 0x1470 Spooler - ok
18:09:45.0292 0x1470 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:09:45.0410 0x1470 sppsvc - ok
18:09:45.0425 0x1470 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:09:45.0454 0x1470 sppuinotify - ok
18:09:45.0479 0x1470 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:09:45.0508 0x1470 srv - ok
18:09:45.0526 0x1470 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:09:45.0548 0x1470 srv2 - ok
18:09:45.0562 0x1470 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:09:45.0573 0x1470 srvnet - ok
18:09:45.0587 0x1470 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:09:45.0619 0x1470 SSDPSRV - ok
18:09:45.0632 0x1470 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:09:45.0661 0x1470 SstpSvc - ok
18:09:45.0689 0x1470 [ EA8F41484CCC5BA6A1455C2AD3D1BE3C, B206AA8F4BA7C1E15561B4F2011FA483C5401B0300914F747804A116CCE972BF ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:09:45.0699 0x1470 ssudmdm - ok
18:09:45.0751 0x1470 [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:09:45.0768 0x1470 Steam Client Service - ok
18:09:45.0812 0x1470 [ A9425CB7D5A698EA49BE0DF55A448E68, 2DB5B00D6AAB6D0D60EFE5FE26C50FD1AB3D4F9E2BA2EAD8A0BE1F1AF9082C12 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:09:45.0825 0x1470 Stereo Service - ok
18:09:45.0836 0x1470 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
18:09:45.0843 0x1470 stexstor - ok
18:09:45.0876 0x1470 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:09:45.0914 0x1470 stisvc - ok
18:09:45.0919 0x1470 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:09:45.0926 0x1470 swenum - ok
18:09:45.0942 0x1470 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:09:45.0981 0x1470 swprv - ok
18:09:46.0023 0x1470 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:09:46.0087 0x1470 SysMain - ok
18:09:46.0096 0x1470 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:09:46.0112 0x1470 TabletInputService - ok
18:09:46.0126 0x1470 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:09:46.0182 0x1470 TapiSrv - ok
18:09:46.0188 0x1470 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:09:46.0218 0x1470 TBS - ok
18:09:46.0263 0x1470 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:09:46.0319 0x1470 Tcpip - ok
18:09:46.0372 0x1470 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:09:46.0414 0x1470 TCPIP6 - ok
18:09:46.0444 0x1470 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:09:46.0452 0x1470 tcpipreg - ok
18:09:46.0466 0x1470 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:09:46.0483 0x1470 TDPIPE - ok
18:09:46.0500 0x1470 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:09:46.0514 0x1470 TDTCP - ok
18:09:46.0526 0x1470 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:09:46.0554 0x1470 tdx - ok
18:09:46.0562 0x1470 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:09:46.0570 0x1470 TermDD - ok
18:09:46.0599 0x1470 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
18:09:46.0625 0x1470 TermService - ok
18:09:46.0638 0x1470 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:09:46.0651 0x1470 Themes - ok
18:09:46.0670 0x1470 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:09:46.0698 0x1470 THREADORDER - ok
18:09:46.0702 0x1470 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:09:46.0740 0x1470 TrkWks - ok
18:09:46.0774 0x1470 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:09:46.0804 0x1470 TrustedInstaller - ok
18:09:46.0829 0x1470 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:09:46.0847 0x1470 tssecsrv - ok
18:09:46.0856 0x1470 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:09:46.0865 0x1470 TsUsbFlt - ok
18:09:46.0868 0x1470 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
18:09:46.0886 0x1470 TsUsbGD - ok
18:09:46.0899 0x1470 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:09:46.0931 0x1470 tunnel - ok
18:09:46.0934 0x1470 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
18:09:46.0943 0x1470 uagp35 - ok
18:09:46.0957 0x1470 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:09:46.0991 0x1470 udfs - ok
18:09:47.0000 0x1470 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:09:47.0011 0x1470 UI0Detect - ok
18:09:47.0017 0x1470 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:09:47.0026 0x1470 uliagpkx - ok
18:09:47.0042 0x1470 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:09:47.0055 0x1470 umbus - ok
18:09:47.0060 0x1470 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
18:09:47.0068 0x1470 UmPass - ok
18:09:47.0124 0x1470 [ 67A95B9D129ED5399E7965CD09CF30E7, F1F2F684146F1CCB293BB9871117B8CFC1D04588A830F67CE5D3F0D034D93B2A ] UMVPFSrv C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
18:09:47.0138 0x1470 UMVPFSrv - ok
18:09:47.0205 0x1470 [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9, 0D256DC2A6B867E7077DD3A5C18FF0345D2FEEC7A2245B037530761248BC9FB1 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:09:47.0217 0x1470 UNS - ok
18:09:47.0232 0x1470 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:09:47.0277 0x1470 upnphost - ok
18:09:47.0311 0x1470 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
18:09:47.0333 0x1470 usbaudio - ok
18:09:47.0344 0x1470 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:09:47.0354 0x1470 usbccgp - ok
18:09:47.0379 0x1470 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:09:47.0396 0x1470 usbcir - ok
18:09:47.0421 0x1470 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:09:47.0429 0x1470 usbehci - ok
18:09:47.0458 0x1470 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:09:47.0475 0x1470 usbhub - ok
18:09:47.0494 0x1470 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:09:47.0502 0x1470 usbohci - ok
18:09:47.0513 0x1470 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
18:09:47.0523 0x1470 usbprint - ok
18:09:47.0559 0x1470 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
18:09:47.0570 0x1470 usbrndis6 - ok
18:09:47.0573 0x1470 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:09:47.0588 0x1470 USBSTOR - ok
18:09:47.0613 0x1470 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:09:47.0627 0x1470 usbuhci - ok
18:09:47.0641 0x1470 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:09:47.0660 0x1470 usbvideo - ok
18:09:47.0672 0x1470 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:09:47.0705 0x1470 UxSms - ok
18:09:47.0722 0x1470 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
18:09:47.0731 0x1470 VaultSvc - ok
18:09:47.0750 0x1470 [ 4006E66939B4D716C990256CF93D4BC1, 5E9366D8B684768B0188077C05B52B29D43B9A401A73D81045B9823458334223 ] VBAudioVACMME C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys
18:09:47.0756 0x1470 VBAudioVACMME - ok
18:09:47.0765 0x1470 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:09:47.0772 0x1470 vdrvroot - ok
18:09:47.0794 0x1470 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:09:47.0844 0x1470 vds - ok
18:09:47.0856 0x1470 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:09:47.0866 0x1470 vga - ok
18:09:47.0878 0x1470 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:09:47.0913 0x1470 VgaSave - ok
18:09:47.0928 0x1470 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:09:47.0940 0x1470 vhdmp - ok
18:09:48.0013 0x1470 [ E8AF45C4FE2457D003E1842806F38748, 8A76560E89BC73E9792D0AA3094A524CCAF4CC379B38EC0C96CD4FB6F9C9CCBE ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:09:48.0059 0x1470 VIAHdAudAddService - ok
18:09:48.0082 0x1470 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:09:48.0089 0x1470 viaide - ok
18:09:48.0096 0x1470 [ 05D6657A9CCFD269D05D41BFFDCE9498, BAB97FBE22442174737AA4C7A881AE69A6105AE19F1F0C5D93D9DEEAA7100C78 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:09:48.0103 0x1470 VIAKaraokeService - ok
18:09:48.0114 0x1470 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:09:48.0122 0x1470 volmgr - ok
18:09:48.0134 0x1470 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:09:48.0148 0x1470 volmgrx - ok
18:09:48.0164 0x1470 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:09:48.0178 0x1470 volsnap - ok
18:09:48.0198 0x1470 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
18:09:48.0208 0x1470 vsmraid - ok
18:09:48.0248 0x1470 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:09:48.0320 0x1470 VSS - ok
18:09:48.0332 0x1470 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:09:48.0353 0x1470 vwifibus - ok
18:09:48.0366 0x1470 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:09:48.0379 0x1470 vwififlt - ok
18:09:48.0400 0x1470 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
18:09:48.0419 0x1470 vwifimp - ok
18:09:48.0440 0x1470 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:09:48.0477 0x1470 W32Time - ok
18:09:48.0487 0x1470 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
18:09:48.0499 0x1470 WacomPen - ok
18:09:48.0514 0x1470 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:09:48.0542 0x1470 WANARP - ok
18:09:48.0545 0x1470 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:09:48.0571 0x1470 Wanarpv6 - ok
18:09:48.0612 0x1470 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:09:48.0674 0x1470 wbengine - ok
18:09:48.0686 0x1470 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:09:48.0704 0x1470 WbioSrvc - ok
18:09:48.0723 0x1470 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:09:48.0745 0x1470 wcncsvc - ok
18:09:48.0756 0x1470 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:09:48.0770 0x1470 WcsPlugInService - ok
18:09:48.0778 0x1470 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
18:09:48.0785 0x1470 Wd - ok
18:09:48.0824 0x1470 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:09:48.0848 0x1470 Wdf01000 - ok
18:09:48.0862 0x1470 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:09:48.0887 0x1470 WdiServiceHost - ok
18:09:48.0890 0x1470 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:09:48.0904 0x1470 WdiSystemHost - ok
18:09:48.0937 0x1470 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
18:09:48.0958 0x1470 WebClient - ok
18:09:48.0969 0x1470 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:09:49.0009 0x1470 Wecsvc - ok
18:09:49.0015 0x1470 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:09:49.0044 0x1470 wercplsupport - ok
18:09:49.0066 0x1470 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:09:49.0096 0x1470 WerSvc - ok
18:09:49.0106 0x1470 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:09:49.0132 0x1470 WfpLwf - ok
18:09:49.0144 0x1470 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:09:49.0151 0x1470 WIMMount - ok
18:09:49.0165 0x1470 WinDefend - ok
18:09:49.0175 0x1470 WinHttpAutoProxySvc - ok
18:09:49.0214 0x1470 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:09:49.0246 0x1470 Winmgmt - ok
18:09:49.0298 0x1470 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
18:09:49.0396 0x1470 WinRM - ok
18:09:49.0432 0x1470 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:09:49.0444 0x1470 WinUsb - ok
18:09:49.0469 0x1470 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:09:49.0511 0x1470 Wlansvc - ok
18:09:49.0550 0x1470 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:09:49.0557 0x1470 wlcrasvc - ok
18:09:49.0626 0x1470 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:09:49.0674 0x1470 wlidsvc - ok
18:09:49.0686 0x1470 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:09:49.0707 0x1470 WmiAcpi - ok
18:09:49.0723 0x1470 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:09:49.0748 0x1470 wmiApSrv - ok
18:09:49.0755 0x1470 WMPNetworkSvc - ok
18:09:49.0768 0x1470 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:09:49.0777 0x1470 WPCSvc - ok
18:09:49.0791 0x1470 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:09:49.0804 0x1470 WPDBusEnum - ok
18:09:49.0809 0x1470 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:09:49.0846 0x1470 ws2ifsl - ok
18:09:49.0857 0x1470 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:09:49.0880 0x1470 wscsvc - ok
18:09:49.0882 0x1470 WSearch - ok
18:09:49.0940 0x1470 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
18:09:50.0013 0x1470 wuauserv - ok
18:09:50.0040 0x1470 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:09:50.0050 0x1470 WudfPf - ok
18:09:50.0064 0x1470 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:09:50.0077 0x1470 WUDFRd - ok
18:09:50.0102 0x1470 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:09:50.0118 0x1470 wudfsvc - ok
18:09:50.0140 0x1470 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
18:09:50.0161 0x1470 WwanSvc - ok
18:09:50.0177 0x1470 XFDriver64 - ok
18:09:50.0192 0x1470 ================ Scan global ===============================
18:09:50.0204 0x1470 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:09:50.0232 0x1470 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:09:50.0242 0x1470 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
18:09:50.0251 0x1470 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:09:50.0263 0x1470 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:09:50.0268 0x1470 [ Global ] - ok
18:09:50.0269 0x1470 ================ Scan MBR ==================================
18:09:50.0286 0x1470 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:09:50.0428 0x1470 \Device\Harddisk0\DR0 - ok
18:09:50.0428 0x1470 ================ Scan VBR ==================================
18:09:50.0430 0x1470 [ D7E31CD7547993BD4C4DFA14B69B452B ] \Device\Harddisk0\DR0\Partition1
18:09:50.0461 0x1470 \Device\Harddisk0\DR0\Partition1 - ok
18:09:50.0462 0x1470 [ 960266048CE9D70E476D262D5BAFAA0E ] \Device\Harddisk0\DR0\Partition2
18:09:50.0482 0x1470 \Device\Harddisk0\DR0\Partition2 - ok
18:09:50.0483 0x1470 ================ Scan generic autorun ======================
18:09:50.0551 0x1470 [ 381474F8A4477CF4951553EF530B0ED5, 6C2CB69E072EC2BF8C4EBB93DB400CF9358CC7C4FDA24E3B9B422FFAD089462F ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:09:50.0610 0x1470 NvBackend - ok
18:09:50.0618 0x1470 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
18:09:50.0642 0x1470 ShadowPlay - ok
18:09:50.0688 0x1470 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:09:50.0742 0x1470 Sidebar - ok
18:09:50.0759 0x1470 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:09:50.0785 0x1470 mctadmin - ok
18:09:50.0821 0x1470 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:09:50.0855 0x1470 Sidebar - ok
18:09:50.0859 0x1470 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:09:50.0873 0x1470 mctadmin - ok
18:09:50.0874 0x1470 SplitCam - ok
18:09:50.0875 0x1470 Waiting for KSN requests completion. In queue: 169
18:09:51.0875 0x1470 Waiting for KSN requests completion. In queue: 169
18:09:52.0875 0x1470 Waiting for KSN requests completion. In queue: 169
18:09:53.0876 0x1470 Waiting for KSN requests completion. In queue: 169
18:09:54.0904 0x1470 AV detected via SS2: Kaspersky Anti-Virus, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\wmiav.exe ( 15.0.0.463 ), 0x40000 ( disabled : updated )
18:09:54.0906 0x1470 Win FW state via NFP2: enabled
18:09:57.0582 0x1470 ============================================================
18:09:57.0582 0x1470 Scan finished
18:09:57.0582 0x1470 ============================================================
18:09:57.0586 0x1468 Detected object count: 1
18:09:57.0586 0x1468 Actual detected object count: 1
18:12:03.0000 0x1468 PxHlpa64 ( UnsignedFile.Multi.Generic ) - skipped by user
18:12:03.0000 0x1468 PxHlpa64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

deeprybka 06.12.2014 18:20
Prima! :daumenhoc

So gehts weiter:

(Bitte Anleitung von ESET genau befolgen, keine Funde löschen lassen! Bitte das Log wie beschrieben suchen und posten. Erst danach ESET deinstallieren.)

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Harzburch 06.12.2014 20:40
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e418aa4558fcf047ba6c94a3610fa621
# engine=21431
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-06 06:40:15
# local_time=2014-12-06 07:40:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Anti-Virus'
# compatibility_mode=1297 16777213 100 100 7251 21963897 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 100889 169521065 0 0
# scanned=195344
# found=7
# cleaned=0
# scan_time=3619
sh=A7E55C336AB5504ED0AE3BBD292CF508769FE131 ft=1 fh=3ba8fc19ca14dfb1 vn="Variante von Win32/Adware.Adpeak.Q Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\007\nkdytjtjsw32.exe.vir"
sh=281D834970C90ECD048476AE1136529645770B59 ft=1 fh=efc6b242fb35efa3 vn="Win32/AdWare.Snoozer.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Max\AppData\Roaming\Snz\Snz.exe.vir"
sh=457335C7D7CF3B76BDA5156BDFC9D2E55F5EB26E ft=1 fh=733834ea60493ef0 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Documents\VesrchiedenesExterneFestplatte\Downloads\Integrated_CT2325506.exe"
sh=A42746BED8197CE59F7181649CD9AC70F79BB263 ft=1 fh=9db60c75f362b3ab vn="Variante von Win32/InstallCore.RA evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe"
sh=4166FF2B539249C501AD5C82ECC3D31B73B363EF ft=1 fh=c71c0011e8464a4f vn="Variante von Win32/InstallCore.JW evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\COMPUTER_BILD-Download-Manager_fuer_Cryptload_1.1.8.exe"
sh=4B61C7AD2DE57CA534748AA440347C798B716F13 ft=1 fh=1ebee16eba4b502c vn="Variante von Win32/InstallCore.SF evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\FileOpenerSetup.exe"
sh=D57F3E1A299D21C8756399BF6D3862B22D423BD4 ft=1 fh=44c22873969d6f1e vn="Win32/WinloadSDA.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\Downloads\Moorhuhn-2-Setup.exe"

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2014 02
Ran by Max at 2014-12-06 20:39:17
Running from C:\Users\Max\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Media Live Encoder 3.2 (HKLM-x32\...\{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}) (Version: 3.2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.4.4 - Atheros Communications Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version:  - Steinberg Media Technologies GmbH)
Free YouTube Download version 3.2.44.922 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.922 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Chrome Frame (HKLM-x32\...\{4F2EAFFD-6D9A-3804-A77B-5A450D3201F6}) (Version: 65.107.16494 - Google, Inc.)
Google Earth (HKLM-x32\...\{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}) (Version: 7.1.1.1888 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{6199B534-A1B6-46ED-873B-97B0ECF8F81E}) (Version: 1.23.216.0 - Intel Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.0.463 - Kaspersky Lab) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
M-Audio Fast Track Pro 6.1.10 (x64) (HKLM\...\{44BCF4BB-2486-465D-8C03-50150201B4EA}) (Version: 6.1.10 - M-Audio)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme (HKLM-x32\...\{90120000-00B2-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 de)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.69 - NVIDIA Corporation) Hidden
Spotify (HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Steinberg Cubase LE AI Elements 6 64bit (HKLM\...\{8EEEB23E-A3EB-44A4-AEE9-D2FD6F96E4A0}) (Version: 6.0.2 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 1.6.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 1.5.2.000 - Steinberg Media Technologies GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

06-12-2014 16:20:25 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-11-30 03:47 - 00000817 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1
127.0.0.1


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {7CA26CD5-634E-4153-96DB-2C60C24C953A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: {9C2B956C-1262-4E7B-96C9-596F7805E556} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9DBFEFA2-E593-41CC-950E-ED068B745302} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-26] (Adobe Systems Incorporated)
Task: {EEA4CAA1-7CDA-43BC-BF67-72E4CD82C1F1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-07-18 21:24 - 2014-11-12 22:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\kpcengine.2.3.dll
2012-07-18 20:59 - 2011-12-16 09:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-11-10 21:22 - 2014-11-26 17:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-20 01:42 - 2014-04-20 01:42 - 00468672 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-11-26 18:37 - 2014-11-26 18:37 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:AD022376

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\Services: WPCSvc => 3
MSCONFIG\startupfolder: C:^Users^Max^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^net.lnk => C:\Windows\pss\net.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AmazonMP3DownloaderHelper => C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: svchospt => C:\Windows\SysWOW64\svchospt.exe
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4256948084-1049334510-1600530276-500 - Administrator - Disabled)
Gast (S-1-5-21-4256948084-1049334510-1600530276-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4256948084-1049334510-1600530276-1002 - Limited - Enabled)
Max (S-1-5-21-4256948084-1049334510-1600530276-1000 - Administrator - Enabled) => C:\Users\Max

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/06/2014 08:35:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/06/2014 06:36:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/06/2014 06:36:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/06/2014 05:40:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2014 05:28:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x1188
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (12/06/2014 05:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 34.0.5.5443, Zeitstempel: 0x5475dd5d
Name des fehlerhaften Moduls: mozalloc.dll, Version: 34.0.5.5443, Zeitstempel: 0x5475d664
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001425
ID des fehlerhaften Prozesses: 0x10a8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/06/2014 05:39:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/06/2014 05:29:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/06/2014 05:29:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/06/2014 05:29:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/06/2014 05:29:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/06/2014 05:29:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (12/06/2014 04:56:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/05/2014 11:54:33 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/05/2014 11:26:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SeaPort" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/05/2014 11:10:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (12/06/2014 08:35:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (12/06/2014 06:36:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Downloads\esetsmartinstaller_deu.exe

Error: (12/06/2014 06:36:50 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Max\Downloads\esetsmartinstaller_deu.exe

Error: (12/06/2014 05:40:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2014 05:28:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d6648000000300001425118801d0116e1df422efC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf2efb030-7d64-11e4-bb28-025536366034

Error: (12/06/2014 05:28:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe34.0.5.54435475dd5dmozalloc.dll34.0.5.54435475d664800000030000142510a801d0116d5fc07374C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllf071bf67-7d64-11e4-bb28-025536366034

Error: (12/06/2014 04:57:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2014 11:27:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2014-12-04 21:53:43.825
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.823
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.802
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.801
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-04 21:53:43.799
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.449
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-12-03 22:29:23.418
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 25%
Total physical RAM: 16346.33 MB
Available physical RAM: 12184.09 MB
Total Pagefile: 32690.84 MB
Available Pagefile: 28322.4 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:771.51 GB) (Free:625.57 GB) NTFS
Drive k: () (Fixed) (Total:160 GB) (Free:159.89 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 94521A45)
Partition 1: (Active) - (Size=160 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=771.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014 02
Ran by Max (administrator) on MAX-PC on 06-12-2014 20:38:49
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\wmi64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\user.js
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]

Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 18:35 - 2014-12-06 18:35 - 02347384 _____ (ESET) C:\Users\Max\Downloads\esetsmartinstaller_deu.exe
2014-12-06 18:07 - 2014-12-06 18:08 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller(1).exe
2014-12-06 17:35 - 2014-12-06 17:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-06 17:20 - 2014-12-06 18:06 - 00066850 _____ () C:\zoek-results.log
2014-12-06 17:19 - 2014-12-06 17:33 - 00000000 ____D () C:\zoek_backup
2014-12-06 17:19 - 2014-12-06 17:19 - 01295360 _____ () C:\Users\Max\Desktop\zoek.exe
2014-12-06 16:59 - 2014-12-06 20:38 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-12-06 02:02 - 2014-12-06 02:03 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 01:43 - 2014-12-06 01:43 - 00000615 _____ () C:\Users\Max\Desktop\ckfiles.txt
2014-12-06 01:41 - 2014-12-06 01:41 - 00468480 _____ () C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 01:24 - 2014-12-06 01:36 - 153463376 _____ (Steinberg Media Technologies GmbH) C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 01:24 - 2014-12-06 01:29 - 58948264 _____ () C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-06 00:33 - 2014-12-06 00:33 - 00000000 ____D () C:\AV-CLS
2014-12-05 23:51 - 2014-12-05 23:51 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 23:11 - 2014-12-05 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 23:11 - 2014-12-05 23:11 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-12-05 23:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 23:10 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 23:10 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 23:08 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-05 23:08 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-05 23:08 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-05 23:08 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 23:03 - 2014-12-05 23:07 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-06 17:01 - 00021780 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-06 20:39 - 00018565 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-06 20:38 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-06 20:38 - 02119168 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-06 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-06 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-06 19:12 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 20:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 20:36 - 2012-07-18 20:50 - 01729480 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 19:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 18:32 - 2009-07-14 05:51 - 00030102 _____ () C:\Windows\setupact.log
2014-12-06 18:06 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-06 17:46 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-06 17:46 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 17:39 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 17:39 - 2010-11-21 04:47 - 00773478 _____ () C:\Windows\PFRO.log
2014-12-06 17:39 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 17:29 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-06 17:28 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-06 17:04 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-06 02:04 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 02:04 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 01:50 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-06 01:32 - 2012-07-30 14:39 - 00010016 _____ () C:\Windows\DPINST.LOG
2014-12-06 01:32 - 2012-07-30 14:39 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-12-06 01:32 - 2012-07-30 14:39 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-12-06 01:31 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 23:43 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-12-05 23:12 - 2014-04-07 16:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA
2014-12-05 23:11 - 2012-07-18 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-05 23:11 - 2012-07-18 21:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-05 23:10 - 2012-07-18 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-17 23:18 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00009702 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2013-02-25 23:32 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2012-07-18 21:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2012-07-18 21:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2012-07-18 21:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:29 - 2012-07-18 21:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 14:27

==================== End Of Log ============================
--- --- ---

--- --- ---

deeprybka 06.12.2014 20:50
Hat es Dir die Sprache verschlagen oder gibts keine Probleme mehr? :)

Harzburch 06.12.2014 21:41
Hey
Danke für die Hilfe bisher läuft alles irgendwie wieder besser !!
Vielen Dank :)))
.. Nur abundzumal sprang das Bild runter im Browser, ohne das ich gescrollt habe, und manche tabs im explorer fangen an blinken (manchmal), was ursprünglcih auch nicht so war.
mhh..
doch ich habe sogar das Gefühl das mein PC um einiges leiser geworden ist !!
Vielen Dank erstmal

Soll ich Kaspersky vllt nocheinmal Neuinstallieren? Da ich meine bei der erstinstallation eine Fehlermeldung gesehn zu haben, die ich aber schnell weggeklickt habe, und seitdem hat Kasperky auch nichts von einer Unvollständigkeit gemeldet oder so :/

deeprybka 06.12.2014 21:45
Welche Browser sind/waren denn betroffen? Kannst Du bitte mal schauen welche Addons Du im Firefox einsehen kannst.

Würde gerne wissen was das ist: {12989559-84f2-47aa-a442-5e69f9d26720}

Harzburch 06.12.2014 22:59
Modul zum Sperren von gefährlichen Webseiten; habe ich galube ich als einziges aktives AddOn.
Was das ist kann ich auch nicht Beantworten..
:/

deeprybka 06.12.2014 23:12
Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...st/frstfix.png

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Fix-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Harzburch 06.12.2014 23:21
mhh .. in welchem ordner denn abspeichern?? :O
die Textdatei? ??

deeprybka 06.12.2014 23:22
Code:
C:\Users\Max\Downloads
;)

Harzburch 06.12.2014 23:40
die FRST anwendung befindet sich im Ordner : FRSTV->Hives ??
oder meinst du : FRSTV->LOGS

??

dANKE:: iCH ÜBERLEG SCHON ZU SPENDEN !
Viel besser als irgendnen VirenProgramm
THX.. coole navigation :)

Jedes mal kommt: NO fixlist.txt found.
The fixlist should be in the same folder/directory the tool is located.

deeprybka 06.12.2014 23:46
Da Du die FRST.exe aus dem Download-Verzeichnis ausführst

Code:
Running from C:\Users\Max\Downloads
muss dort auch die Fixlist abgespeichert werden.

Harzburch 07.12.2014 00:06
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-12-2014 02
Ran by Max at 2014-12-06 23:51:03 Run:1
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
CloseProcesses:
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [AdobeBridge] => [X]
FF Extension: {12989559-84f2-47aa-a442-5e69f9d26720} - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi [2013-10-03]
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
EmptyTemp:
*****************

Processes closed successfully.
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\{12989559-84f2-47aa-a442-5e69f9d26720}.xpi => Moved successfully.
C:\ProgramData\TEMP => ":AD022376" ADS removed successfully.
EmptyTemp: => Removed 479.1 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-12-2014 02
Ran by Max (administrator) on MAX-PC on 07-12-2014 00:04:41
Running from C:\Users\Max\Downloads
Loaded Profile: Max (Available profiles: Max)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe
(M-Audio) C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2465088 2014-11-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Run: [SplitCam] => C:\Program Files (x86)\SplitCam\SplitCam.exe
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\...\Policies\Explorer: [DisallowRun] 1

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKU\S-1-5-21-4256948084-1049334510-1600530276-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/my_homepage/1024/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {56E26B6C-BB82-48de-BEB0-8F3664DE7835} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
SearchScopes: HKU\S-1-5-21-4256948084-1049334510-1600530276-1000 -> {7588F513-7B9E-45dc-914D-B207EFFC6D9A} URL = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\27.0.1453.110\npchrome_frame.dll (Google Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4256948084-1049334510-1600530276-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Max\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF user.js: detected! => C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\user.js
FF Extension: Simple Site Blocker - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\fnsdk8k5.default\Extensions\simplesiteblocker@example.com.xpi [2014-11-29]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Ngăn chặn trang web nguy hiểm - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\content_blocker@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Bàn phím ảo - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2014-11-07]
FF HKLM-x32\...\Firefox\Extensions:  - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Công cụ kiểm tra liên kết của Kaspersky - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\FFExt\url_advisor@kaspersky.com [2014-11-07]

Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-14]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-14]
CHR Extension: (Google-Suche) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-14]
CHR Extension: (OfferMosquito) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk [2014-12-06]
CHR Extension: (Google Wallet) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-07]
CHR Extension: (Google Mail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-14]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
R2 FastTrackProAudioDevMon; C:\Program Files (x86)\M-Audio\Fast Track Pro\AudioDevMon.exe [1688336 2013-05-23] (M-Audio)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-11-17] (NVIDIA Corporation)
S3 ICCS; C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [160256 2011-08-30] (Intel Corporation) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2011-12-16] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-11-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19821376 2014-11-17] (NVIDIA Corporation)
S4 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2012-01-10] (VIA Technologies, Inc.)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2012-07-30] (DT Soft Ltd)
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-12-03] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [457824 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [141320 2014-11-07] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [243808 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [793800 2014-11-07] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55904 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179296 2014-03-26] (Kaspersky Lab ZAO)
S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49264 2014-07-28] (Visicom Media Inc.)
R3 MAUSBFASTTRACKPRO; C:\Windows\System32\DRIVERS\MAudioFastTrackPro.sys [184592 2013-05-23] (M-Audio)
S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20800 2014-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
S4 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [55552 2006-02-13] (Sonic Solutions) [File not signed]
S3 scvad_simple; C:\Windows\System32\drivers\SplitCamAudio.sys [23552 2014-06-30] (Windows (R) Win 7 DDK provider)
S3 splitcam_hd_driver; C:\Windows\System32\DRIVERS\splitcam_hd_driver.sys [37496 2014-06-30] (Windows (R) Win 7 DDK provider)
R3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 VBAudioVACMME; C:\Windows\System32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 cpuz134; \??\C:\Users\Max\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-06 23:34 - 2014-12-06 23:34 - 00000355 _____ () C:\Users\Max\Downloads\Fixllist.txt
2014-12-06 22:05 - 2014-12-06 22:05 - 00000000 ____D () C:\ProgramData\Guitar Pro 6
2014-12-06 18:35 - 2014-12-06 18:35 - 02347384 _____ (ESET) C:\Users\Max\Downloads\esetsmartinstaller_deu.exe
2014-12-06 18:07 - 2014-12-06 18:08 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Desktop\tdsskiller(1).exe
2014-12-06 17:35 - 2014-12-06 17:19 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-06 17:20 - 2014-12-06 18:06 - 00066850 _____ () C:\zoek-results.log
2014-12-06 17:19 - 2014-12-06 17:33 - 00000000 ____D () C:\zoek_backup
2014-12-06 17:19 - 2014-12-06 17:19 - 01295360 _____ () C:\Users\Max\Desktop\zoek.exe
2014-12-06 16:59 - 2014-12-06 20:38 - 00000000 ____D () C:\Users\Max\Downloads\FRST-OlderVersion
2014-12-06 02:02 - 2014-12-06 02:03 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5(1).exe
2014-12-06 01:43 - 2014-12-06 01:43 - 00000615 _____ () C:\Users\Max\Desktop\ckfiles.txt
2014-12-06 01:41 - 2014-12-06 01:41 - 00468480 _____ () C:\Users\Max\Desktop\CKScanner.exe
2014-12-06 01:24 - 2014-12-06 01:36 - 153463376 _____ (Steinberg Media Technologies GmbH) C:\Users\Max\Downloads\Cubase_LE_AI_Elements_6.0.7_Update.exe
2014-12-06 01:24 - 2014-12-06 01:29 - 58948264 _____ () C:\Users\Max\Downloads\HALion_Sonic_SE_1.6.0_Update.exe
2014-12-06 00:33 - 2014-12-06 00:33 - 00000000 ____D () C:\AV-CLS
2014-12-05 23:51 - 2014-12-05 23:51 - 39441776 _____ () C:\Users\Max\Downloads\Firefox Setup 34.0.5.exe
2014-12-05 23:11 - 2014-12-05 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA Corporation
2014-12-05 23:11 - 2014-12-05 23:11 - 00001351 _____ () C:\Users\Public\Desktop\GeForce Experience.lnk
2014-12-05 23:11 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-12-05 23:11 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-12-05 23:10 - 2014-12-05 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-05 23:10 - 2014-11-17 21:02 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-05 23:10 - 2014-11-17 21:02 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-05 23:10 - 2014-11-12 21:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-05 23:08 - 2014-11-17 23:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-05 23:08 - 2014-11-17 23:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-05 23:08 - 2014-11-13 01:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-05 23:08 - 2014-11-13 01:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00038216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-05 23:08 - 2014-10-03 20:23 - 00035144 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-12-05 23:08 - 2014-10-03 20:23 - 00032584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-05 23:03 - 2014-12-05 23:07 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql(1).exe
2014-12-05 21:21 - 2014-12-05 21:21 - 00002600 _____ () C:\Users\Max\Desktop\JRT.txt
2014-12-05 21:18 - 2014-12-05 21:18 - 00000000 ____D () C:\Windows\ERUNT
2014-12-05 21:17 - 2014-12-05 21:17 - 01707646 _____ (Thisisu) C:\Users\Max\Downloads\JRT.exe
2014-12-05 21:15 - 2014-12-05 21:15 - 00002124 _____ () C:\Users\Max\Desktop\mbam.txt
2014-12-05 20:55 - 2014-12-05 20:55 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Max\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-05 20:55 - 2014-12-05 20:55 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-05 20:38 - 2014-12-05 20:39 - 00000000 ____D () C:\AdwCleaner
2014-12-05 20:38 - 2014-12-05 20:38 - 00000055 _____ () C:\AdwCleanerDebug.txt
2014-12-05 20:36 - 2014-12-05 20:36 - 02153472 _____ () C:\Users\Max\Downloads\AdwCleaner_4.104.exe
2014-12-05 20:25 - 2014-12-06 20:39 - 00029623 _____ () C:\Users\Max\Downloads\Addition.txt
2014-12-05 20:24 - 2014-12-07 00:04 - 00018007 _____ () C:\Users\Max\Downloads\FRST.txt
2014-12-05 20:24 - 2014-12-07 00:04 - 00000000 ____D () C:\FRST
2014-12-05 20:22 - 2014-12-06 20:38 - 02119168 _____ (Farbar) C:\Users\Max\Downloads\FRST64.exe
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\Desktop\Play Games Online.url
2014-12-05 20:20 - 2014-12-05 20:20 - 00000169 _____ () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Play Games Online.url
2014-12-05 20:18 - 2014-12-05 20:18 - 00803152 _____ ( ) C:\Users\Max\Downloads\FileOpenerSetup.exe
2014-12-05 18:45 - 2014-12-05 18:49 - 308364224 _____ (NVIDIA Corporation) C:\Users\Max\Downloads\344.75-desktop-win8-win7-winvista-64bit-international-whql.exe
2014-12-05 18:16 - 2014-12-06 16:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-05 18:15 - 2014-12-05 18:15 - 00244264 _____ () C:\Users\Max\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-05 05:05 - 2014-07-28 14:31 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-05 05:05 - 2014-07-28 14:31 - 00000714 _____ () C:\Windows\SysWOW64\ff_vfw.dll.manifest
2014-12-05 05:05 - 2014-06-30 06:23 - 00810496 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-05 05:05 - 2014-06-30 06:23 - 00183808 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-12-05 05:00 - 2014-12-05 05:04 - 100117000 _____ (SplitCam Co.) C:\Users\Max\Downloads\SplitCamSetup.exe
2014-12-05 03:16 - 2014-12-05 03:16 - 00000000 ____D () C:\Windows\pss
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\Users\Max\AppData\Local\M-Audio
2014-12-05 01:43 - 2014-12-05 01:43 - 00000000 ____D () C:\ProgramData\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\M-Audio
2014-12-05 01:23 - 2014-12-05 01:23 - 00000000 ____D () C:\Program Files (x86)\M-Audio
2014-12-05 01:21 - 2014-12-05 01:21 - 00000000 ____D () C:\ProgramData\AVID
2014-12-05 00:54 - 2014-12-05 00:54 - 00003047 _____ () C:\Users\Max\Desktop\SharpKeys.lnk
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RandyRants.com
2014-12-05 00:54 - 2014-12-05 00:54 - 00000000 ____D () C:\Program Files (x86)\RandyRants.com
2014-12-05 00:53 - 2014-12-05 00:53 - 00486400 _____ () C:\Users\Max\Downloads\sharpkeys35.msi
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoHotkey
2014-12-05 00:49 - 2014-12-05 00:49 - 00000000 ____D () C:\Program Files (x86)\AutoHotkey
2014-12-05 00:48 - 2014-12-05 00:48 - 02047357 _____ () C:\Users\Max\Downloads\AutoHotkey104805_Install.exe
2014-12-05 00:09 - 2014-12-05 00:09 - 00002205 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Keyboard Layout Creator 1.4.lnk
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Users\Max\AppData\Local\MSKLC
2014-12-05 00:09 - 2014-12-05 00:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Keyboard Layout Creator 1.4
2014-12-05 00:08 - 2014-12-05 00:08 - 10597792 _____ () C:\Users\Max\Downloads\MSKLC.exe
2014-12-05 00:04 - 2014-12-05 00:04 - 00301688 _____ (Thesycon GmbH) C:\Users\Max\Downloads\dpclat.exe
2014-12-03 21:48 - 2014-12-03 21:48 - 00313384 _____ () C:\Windows\Minidump\120314-24570-01.dmp
2014-12-03 21:44 - 2014-12-03 21:44 - 00000020 _____ () C:\Windows\ˆø'
2014-12-03 21:33 - 2014-12-03 21:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-12-03 21:32 - 2014-12-03 21:32 - 01174352 _____ () C:\Users\Max\Downloads\FRAPS - CHIP-Installer.exe
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieUserList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieSiteList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 __SHD () C:\Users\Max\AppData\Local\EmieBrowserModeList
2014-12-03 21:26 - 2014-12-03 21:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-12-03 21:25 - 2014-12-03 21:25 - 06537216 _____ () C:\Users\Max\Downloads\flashmedialiveencoder_3.2_wwe_signed.msi
2014-12-03 21:25 - 2014-12-03 21:25 - 01033728 _____ () C:\Users\Max\Downloads\auth_addin_win_v3.msi
2014-11-30 07:40 - 2014-11-30 07:40 - 00317504 _____ () C:\Windows\Minidump\113014-25334-01.dmp
2014-11-30 07:39 - 2014-12-03 21:48 - 802013673 _____ () C:\Windows\MEMORY.DMP
2014-11-29 21:01 - 2014-11-29 21:01 - 00000021 _____ () C:\Users\Max\Desktop\Neues Textdokument (4).txt
2014-11-27 23:57 - 2014-11-28 00:00 - 164003712 _____ () C:\Users\Max\Downloads\setup_11.0.3.8.x01_2014_11_28_01_32.exe
2014-11-27 23:57 - 2014-11-27 23:57 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Max\Downloads\tdsskiller.exe
2014-11-20 21:13 - 2014-03-08 14:36 - 65062457 _____ () C:\Users\Max\Downloads\Haftbefehl - Chabos wissen wer der Babo ist (Blockplatin 25.01.2013).hd720.mp4
2014-11-20 21:12 - 2014-11-20 21:12 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Visicom Media
2014-11-19 15:56 - 2014-11-11 04:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-19 15:56 - 2014-11-11 04:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-19 15:56 - 2014-11-11 03:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-13 01:26 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:26 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:26 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:26 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:26 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:26 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:26 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:26 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:26 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:26 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:26 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:26 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:26 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:26 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:26 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:26 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:26 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:26 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:26 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:26 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:26 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:26 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:26 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:26 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:26 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:26 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:26 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:26 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:26 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:26 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:26 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:26 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:26 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:26 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:26 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:26 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:26 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:26 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:26 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:26 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:26 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:26 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:26 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:23 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:23 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:23 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:23 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:23 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:23 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:23 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:23 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:23 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:23 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:23 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:23 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:23 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:23 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:23 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:23 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-10 21:22 - 2014-12-06 02:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-09 03:00 - 2014-11-10 20:36 - 00004611 _____ () C:\Windows\system32\lvcoinst.log
2014-11-09 03:00 - 2014-11-09 03:00 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-11-07 16:41 - 2014-11-07 16:41 - 00000000 ____D () C:\OETemp
2014-11-07 16:37 - 2014-12-07 00:02 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-11-07 16:37 - 2014-11-07 16:42 - 00793800 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-11-07 16:37 - 2014-11-07 16:42 - 00141320 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-11-07 16:37 - 2014-11-07 16:37 - 00001147 _____ () C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Windows\ELAMBKUP
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus
2014-11-07 16:37 - 2014-11-07 16:37 - 00000000 ____D () C:\Program Files (x86)\Kaspersky Lab
2014-11-07 16:37 - 2014-04-10 17:25 - 00243808 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2014-11-07 16:37 - 2013-05-06 09:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Bao_Nguyen
2014-11-07 00:59 - 2014-11-07 00:59 - 00000000 ____D () C:\Users\Max\AppData\Local\Bao_Nguyen
2014-11-07 00:49 - 2014-11-07 00:49 - 00406528 _____ () C:\Users\Max\Downloads\Switcher-2.0.0.2705.msi
2014-11-07 00:48 - 2014-11-07 00:48 - 02150188 _____ () C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager [1].exe
2014-11-07 00:47 - 2014-11-07 00:47 - 00845088 _____ ( ) C:\Users\Max\Downloads\3RVX_2.5_CB-DL-Manager.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-07 00:02 - 2013-08-14 15:29 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 00:02 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-07 00:02 - 2009-07-14 05:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-06 23:55 - 2009-07-14 05:51 - 00030270 _____ () C:\Windows\setupact.log
2014-12-06 23:54 - 2012-07-18 21:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-06 23:54 - 2010-11-21 04:47 - 00774314 _____ () C:\Windows\PFRO.log
2014-12-06 23:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-06 23:51 - 2012-07-18 20:50 - 01737761 _____ () C:\Windows\WindowsUpdate.log
2014-12-06 23:41 - 2013-08-14 15:29 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-06 23:37 - 2013-01-15 18:36 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-06 17:29 - 2012-07-18 20:56 - 00000000 ____D () C:\Users\Max
2014-12-06 17:28 - 2012-07-19 23:12 - 00000000 ____D () C:\Users\Max\AppData\Local\CrashDumps
2014-12-06 17:04 - 2012-07-19 15:47 - 00003914 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5C497AA6-8DA4-4F51-9231-255D2BE41896}
2014-12-06 02:04 - 2013-01-15 18:25 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-06 02:04 - 2013-01-15 18:25 - 00001151 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-06 01:50 - 2012-09-04 20:45 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Spotify
2014-12-06 01:32 - 2012-07-30 14:39 - 00010016 _____ () C:\Windows\DPINST.LOG
2014-12-06 01:32 - 2012-07-30 14:39 - 00000051 _____ () C:\Windows\SysWOW64\SYNSOPOS.exe.cfg
2014-12-06 01:32 - 2012-07-30 14:39 - 00000000 ____D () C:\Program Files (x86)\eLicenser
2014-12-06 01:31 - 2012-10-02 17:16 - 00000000 ____D () C:\Users\Max\Documents\Cubase LE AI Elements Projects
2014-12-05 23:43 - 2012-09-04 20:51 - 00000000 ____D () C:\Users\Max\AppData\Local\Spotify
2014-12-05 23:12 - 2014-04-07 16:12 - 00000000 ____D () C:\Users\Max\AppData\Local\NVIDIA
2014-12-05 23:11 - 2012-07-18 21:23 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-05 23:11 - 2012-07-18 21:20 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-05 23:10 - 2012-07-18 21:23 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-05 21:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-12-05 20:32 - 2014-10-06 22:03 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Equalify
2014-12-05 20:19 - 2013-08-14 15:38 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-05 18:49 - 2014-09-26 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visicom Media
2014-12-05 18:49 - 2013-10-10 13:02 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-05 04:17 - 2014-04-07 15:14 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-05 01:23 - 2012-07-30 15:10 - 00000000 ____D () C:\Program Files\M-Audio
2014-12-05 00:49 - 2011-04-12 08:54 - 00000000 ____D () C:\Windows\ShellNew
2014-12-04 00:35 - 2013-04-14 17:30 - 00000000 ____D () C:\Users\Max\AppData\Local\Facebook
2014-12-03 21:48 - 2012-10-03 18:43 - 00000000 ____D () C:\Windows\Minidump
2014-12-03 21:45 - 2012-07-18 20:59 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-03 21:42 - 2012-07-18 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-12-03 21:41 - 2012-07-18 21:01 - 00000000 ____D () C:\Program Files (x86)\GIGABYTE
2014-12-03 21:38 - 2014-04-01 01:06 - 00000000 ____D () C:\UDK
2014-12-03 21:37 - 2014-04-01 13:48 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-03 21:37 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-03 21:36 - 2013-04-29 21:31 - 00000000 ____D () C:\Fraps
2014-12-03 21:34 - 2014-03-15 16:44 - 00000000 ____D () C:\Users\Max\AppData\Local\Windows Live
2014-12-03 21:26 - 2013-01-15 21:11 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-03 21:26 - 2012-07-30 10:59 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Adobe
2014-12-03 18:34 - 2012-07-18 21:32 - 00030528 _____ () C:\Windows\GVTDrv64.sys
2014-12-03 18:33 - 2012-07-18 21:26 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\Users\Max\AppData\Roaming\Skype
2014-11-30 00:13 - 2013-11-13 22:01 - 00000000 ____D () C:\ProgramData\Skype
2014-11-29 02:23 - 2013-02-25 19:01 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-27 18:38 - 2011-04-12 08:43 - 00699884 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 18:38 - 2011-04-12 08:43 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 18:38 - 2009-07-14 06:13 - 01622300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-26 18:37 - 2013-01-15 18:36 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-26 18:37 - 2013-01-15 18:36 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-26 18:37 - 2013-01-15 18:36 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-26 01:31 - 2013-01-15 17:31 - 00000000 ____D () C:\Users\Max\AppData\Roaming\TS3Client
2014-11-17 23:18 - 2014-08-19 21:14 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-14 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-14 01:02 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 20:36 - 2013-08-14 15:29 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 20:36 - 2013-08-14 15:29 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-13 14:48 - 2009-07-14 06:08 - 00009954 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-13 14:48 - 2009-07-14 05:45 - 04848784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 02:05 - 2013-07-27 02:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:03 - 2012-07-18 21:54 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-13 01:20 - 2013-02-25 23:32 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-13 01:20 - 2013-02-25 23:32 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-13 01:20 - 2012-07-18 21:23 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 22:56 - 2012-07-18 21:24 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 22:56 - 2012-07-18 21:24 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 22:56 - 2012-07-18 21:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:29 - 2012-07-18 21:24 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-07 18:06 - 2014-03-29 00:52 - 18585842 _____ () C:\Users\Max\Downloads\Cryptload_1.1.8.zip

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-25 14:27

==================== End Of Log ============================
--- --- ---

--- --- ---

deeprybka 07.12.2014 00:19
OK, dann sind wir fertig.

Code:
Adobe Flash Player 10 ActiveX
Das bitte updaten.

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:


Alle Logs gepostet? Ja! Dann lade Dir bitte http://filepony.de/icon/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




>>clean<<
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

http://www.trojaner-board.de/extra/lesestoff.pngWie kann ich mich in Zukunft besser schützen?

Tipps, Dos & Don'ts

http://deeprybka.trojaner-board.de/b...ast/schild.pngUpdates & Software
Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.

Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.



http://deeprybka.trojaner-board.de/b...ast/schild.pngFirewall, Antivirus & Co.
http://s1.directupload.net/images/140701/eivrliwa.pngCracks, Downloads & Co.


Neben unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert.
Der Besuch dubioser Websites kann bereits Risiken bergen. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Illegale Cracks, Keygens und Serials sind ein ausgesprochen einfacher und beliebter Weg um Malware zu verbreiten.
Bei Dateien aus Peer-to-Peer- und Filesharingprogrammen oder von Filehostern kann man nie sicher sein, ob auch wirklich drin ist, was drauf steht. (Trojanisches Pferd^^)
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden zu verleiten, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
  • Surfe daher mit Vorsicht und klicke mit Verstand.
  • Sei skeptisch bei unerwarteten E-Mails, insbesondere wenn sie Anhänge enthalten. Auch wenn sie auf den ersten Blick authentisch wirken, persönliche Daten von Dir enthalten oder vermeintlich von einem bekannten Absender stammen: Lieber nochmals in Ruhe überdenken oder nachfragen, anstatt einfach mal Links oder ausführbare Anhänge öffnen oder irgendwo Deine Daten eingeben.
  • Auch in sozialen Netzwerken oder über Instant Messaging Systeme können schädliche Links oder Dateien die Runde machen. Erhältst Du von einem Deiner Freunde eine Nachricht, die merkwürdig ist oder so sensationell interessant, dass man einfach draufklicken muss, dann hat bei ihm/ihr wahrscheinlich Neugier über Verstand gesiegt und Du solltest nicht denselben Fehler machen.

Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
  • Lade Software in erster Priorität immer direkt vom Hersteller herunter. Viele Softwareportale (z.B. Softonic) packen noch unnützes Zeug mit in die Installation. Alternativ dazu wähle ein sauberes Portal wie Filepony oder heise.
  • Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
  • Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Harzburch 07.12.2014 05:45
Achso..
kann es ein, das ich über diese Seite mir zufällig was eingafangen habe?
hxxp://tinychat.com/
ist ziemlich blöde Seite,
in denen man sich gegenseitig über Webcam sieht und chatten kann ...

habe das gefühl , seitdem ich dardrauf war, ab und zu probleme mit meinem PC habe

deeprybka 07.12.2014 13:59
:glaskugel:

Wäre ich Hellseher, wäre ich vermutlich nicht mehr online hier...:rofl:

also ne reine Virenschleuder ist die Seite scheinbar nicht:
https://www.virustotal.com/en/url/30...is/1417957039/

Harzburch 07.12.2014 19:42
nur mein PC braucht immer noch c.a. 10 min zum runterfahren..

deeprybka 07.12.2014 19:49
Ja, aber das kann auch andere Gründe haben.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:27 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131