Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   BING.VC löschen (https://www.trojaner-board.de/169830-bing-vc-loeschen.html)

eganahl 17.08.2015 12:43
BING.VC löschen
 
Habe mir durch irgend eine Software den Bing.vc eingehandelt, er befindet sich auf der Startseite von Firefox und Internet Explorer. Habe schon alle mir bekannten Schadsoftware Programme durchlaufen lassen, doch bei jedem neustart von FF oder IE kommt diese Bing.vc -Seite sofort wieder.
Verwendet habe ich OTL: LogfileOTL Logfile:
Code:
OTL Extras logfile created on: 17.08.2015 13:24:50 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Egon Ganahl\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,97 Gb Total Physical Memory | 6,16 Gb Available Physical Memory | 77,29% Memory free
15,93 Gb Paging File | 13,68 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 69,97 Gb Free Space | 58,73% Space Free | Partition Type: NTFS
Drive D: | 468,73 Gb Total Space | 421,37 Gb Free Space | 89,90% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: Egon Ganahl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3B9AE7F4-8B52-4126-9F6B-89C7718970C9}" = lport=47998 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamuseragent.exe |
"{61AFC914-59C7-4179-A923-6C8BC68CE13C}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{725EDD41-38B2-4624-80C7-72A2CC75BF3F}" = lport=47995 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8C46D348-FF9D-44DF-B50D-7D4E897C697E}" = lport=35043 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{8C5F6A5D-D215-40D2-9E03-F15A045236D4}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{9F974E6A-B320-4275-BE9D-FE54B2B12E3A}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{EB315EEB-FD87-432A-AD9D-D2639993FE5C}" = lport=47984 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
"{FD743F73-B821-48B0-BCDB-A46E249046E7}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamnetworkservice.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{11B6B529-9EB8-4A87-88FA-DBE309A74810}" = dir=in | app=d:\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{1F0B562C-0FEE-4E99-A543-2D8FE7762576}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{37B57550-63CC-4065-83BE-B85569A4DC08}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{3F5D6E46-15A2-4199-AC99-B1095A87AA51}" = dir=in | app=d:\cyberlink\powerdvd10\powerdvd10.exe |
"{4A310891-4B91-48D6-ADB1-F41EDB4E0962}" = protocol=6 | dir=in | app=d:\mozilla firefox\firefox.exe |
"{79F9B2A8-2F13-432E-AC58-E173C617D7DA}" = protocol=6 | dir=in | app=c:\program files (x86)\asus\ai suite ii\asus mobilink\iphone simulator\pnsvc.exe |
"{9FC9AAD2-7C46-4673-9D4F-3A7A45830ED5}" = protocol=17 | dir=in | app=d:\mozilla firefox\firefox.exe |
"{C88FB73E-E2F6-4155-84EF-419874FBEDC9}" = dir=in | app=d:\cyberlink\powerdvd9\powerdvd9.exe |
"TCP Query User{205E1A40-060A-4F84-8C1D-74C71BBB9848}C:\program files\logitech gaming software\lcore.exe" = protocol=6 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
"UDP Query User{44BAF18C-65E8-4CB9-8742-26906F443AE3}C:\program files\logitech gaming software\lcore.exe" = protocol=17 | dir=in | app=c:\program files\logitech gaming software\lcore.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{26784146-6E05-3FF9-9335-786C7C0FB5BE}" = Microsoft .NET Framework 4.5.2
"{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}" = DxO FilmPack 3
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.2
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 355.60
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience" = NVIDIA GeForce Experience 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 352.65
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.15.0428
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.LEDVisualizer" = NVIDIA LED Visualizer 1.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GfExperienceService" = NVIDIA GeForce Experience Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.34.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 2.5.12.11
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController" = SHIELD Wireless Controller Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.30
"{BCCC97EE-E162-448C-8847-59718FF29B04}" = Intel(R) Network Connections 15.6.25.0
"CCleaner" = CCleaner
"Logitech Gaming Software" = Logitech Gaming Software 8.70
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 15.6.25.0
"sp6" = Logitech SetPoint 6.67
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02FECEE0-16B2-43DB-BC3B-C844477FC142}" = Kaspersky Total Security
"{050d4fc8-5d48-4b8f-8972-47c82c46020f}" = Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
"{10427BCB-0742-43BE-81E2-3920972946F5}" = LightScribe System Software
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}" = CyberLink BD_3D Advisor 2.0
"{34D3688E-A737-44C5-9E2A-FF73618728E1}" = AI Suite II
"{35DAA04C-1720-4BE3-A920-A03731EC6A1D}" = Google Earth Pro
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = JMicron JMB36X Driver
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3FD0C489-0F02-481a-A3E1-9754CD396761}" = Intel® Watchdog Timer Driver (Intel® WDT)
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go 7
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"{8FCCB703-3FBF-49e7-A43F-A81E27D9B07E}" = CyberLink MediaShow 6
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer 5.5
"{BA30CBCD-03DA-457A-A34B-3EF637D45D4E}" = Disk Unlocker
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint 2.5
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{e6e75766-da0f-4ba2-9788-6ea593ce702d}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"Adobe Flash Player ActiveX" = Adobe Flash Player 18 ActiveX
"Adobe Flash Player NPAPI" = Adobe Flash Player 18 NPAPI
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"ElsterFormular für Privatanwender und Unternehmer 12.0.0.5880k" = ElsterFormular-Upgrade
"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow
"InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}" = CyberLink Media Suite 10
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}" = Kaspersky Total Security
"MagniDriver" = marvell 91xx driver
"Mozilla Firefox 40.0 (x86 de)" = Mozilla Firefox 40.0 (x86 de)
"Mozilla Firefox 40.0.2 (x86 de)" = Mozilla Firefox 40.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"1baecab78b735f22" = cardXIssue
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 17.08.2015 04:56:51 | Computer Name = Büro-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 17.08.2015 05:33:31 | Computer Name = Büro-PC | Source = MsiInstaller | ID = 11316
Description =
 
Error - 17.08.2015 05:37:13 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702,
 Zeitstempel: 0x55cc03bd  Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702,
 Zeitstempel: 0x55cbf190  Ausnahmecode: 0x80000003  Fehleroffset: 0x0000e631  ID des fehlerhaften
 Prozesses: 0x7a8  Startzeit der fehlerhaften Anwendung: 0x01d0d8cfeb2a82cd  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll  Berichtskennung:
 89f2c848-44c3-11e5-b81b-f46d045831a4
 
Error - 17.08.2015 05:37:20 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702,
 Zeitstempel: 0x55cc03bd  Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702,
 Zeitstempel: 0x55cbf190  Ausnahmecode: 0x80000003  Fehleroffset: 0x0000e631  ID des fehlerhaften
 Prozesses: 0x748  Startzeit der fehlerhaften Anwendung: 0x01d0d8cfeb324b1b  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll  Berichtskennung:
 8db5d1d2-44c3-11e5-b81b-f46d045831a4
 
Error - 17.08.2015 05:37:26 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702,
 Zeitstempel: 0x55cc03bd  Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702,
 Zeitstempel: 0x55cbf190  Ausnahmecode: 0x80000003  Fehleroffset: 0x0000e631  ID des fehlerhaften
 Prozesses: 0xcc0  Startzeit der fehlerhaften Anwendung: 0x01d0d8cfeb22ba80  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll  Berichtskennung:
 91799eae-44c3-11e5-b81b-f46d045831a4
 
Error - 17.08.2015 05:37:49 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702,
 Zeitstempel: 0x55cc03bd  Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702,
 Zeitstempel: 0x55cbf190  Ausnahmecode: 0x80000003  Fehleroffset: 0x0000e631  ID des fehlerhaften
 Prozesses: 0x10bc  Startzeit der fehlerhaften Anwendung: 0x01d0d8d04c1fb96e  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll  Berichtskennung:
 9f1f9fe7-44c3-11e5-b81b-f46d045831a4
 
Error - 17.08.2015 05:38:04 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702,
 Zeitstempel: 0x55cc03bd  Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702,
 Zeitstempel: 0x55cbf190  Ausnahmecode: 0x80000003  Fehleroffset: 0x0000e631  ID des fehlerhaften
 Prozesses: 0x8d4  Startzeit der fehlerhaften Anwendung: 0x01d0d8d04c17ca11  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll  Berichtskennung:
 a81267b2-44c3-11e5-b81b-f46d045831a4
 
Error - 17.08.2015 06:44:54 | Computer Name = Büro-PC | Source = WinMgmt | ID = 10
Description =
 
Error - 17.08.2015 06:49:31 | Computer Name = Büro-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: EC Simulator.exe, Version: 1.0.0.19,
 Zeitstempel: 0x4cd8f8db  Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933,
 Zeitstempel: 0x55a69ec4  Ausnahmecode: 0x0eedfade  Fehleroffset: 0x0000c42d  ID des fehlerhaften
 Prozesses: 0x1098  Startzeit der fehlerhaften Anwendung: 0x01d0d8d9808605de  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC
 Simulator.exe  Pfad des fehlerhaften Moduls: C:\Windows\syswow64\KERNELBASE.dll  Berichtskennung:
 a36f4cca-44cd-11e5-b2ba-f46d045831a4
 
Error - 17.08.2015 06:53:48 | Computer Name = Büro-PC | Source = WinMgmt | ID = 10
Description =
 
[ System Events ]
Error - 17.08.2015 06:49:32 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies
 ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 17.08.2015 06:50:01 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit
 dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 17.08.2015 06:50:01 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
 gestartet:  %%1069
 
Error - 17.08.2015 06:50:30 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7038
Description = Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit
 dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:  %%50    Vergewissern
 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft
 Management Console (MMC).
 
Error - 17.08.2015 06:50:30 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht
 gestartet:  %%1069
 
Error - 17.08.2015 06:51:54 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht
gestartet:  %%2
 
Error - 17.08.2015 06:51:56 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde:  %%2
 
Error - 17.08.2015 06:51:56 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status
gemeldet: 11
 
Error - 17.08.2015 06:51:56 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status
gemeldet: 11
 
Error - 17.08.2015 06:51:56 | Computer Name = Büro-PC | Source = Service Control Manager | ID = 7016
Description = Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status
gemeldet: 11
 
< End of report >
--- --- ---
von Firefox sowie au Internet ExplorerOTL Logfile:
Code:
OTL logfile created on: 17.08.2015 13:24:50 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Egon Ganahl\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17959)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,97 Gb Total Physical Memory | 6,16 Gb Available Physical Memory | 77,29% Memory free
15,93 Gb Paging File | 13,68 Gb Available in Paging File | 85,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,14 Gb Total Space | 69,97 Gb Free Space | 58,73% Space Free | Partition Type: NTFS
Drive D: | 468,73 Gb Total Space | 421,37 Gb Free Space | 89,90% Space Free | Partition Type: NTFS
 
Computer Name: BÜRO-PC | User Name: Egon Ganahl | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015.08.17 13:16:59 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Egon Ganahl\Downloads\OTL.exe
PRC - [2015.08.13 04:58:03 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2015.08.07 06:22:17 | 000,410,744 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2015.07.24 06:22:16 | 002,634,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2015.07.24 06:22:13 | 001,871,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2015.07.09 19:11:40 | 000,194,000 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe
PRC - [2015.07.09 19:11:40 | 000,192,768 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avpui.exe
PRC - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.04.26 11:20:48 | 001,101,440 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
PRC - [2011.04.13 15:15:22 | 001,116,800 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
PRC - [2011.03.23 15:08:12 | 001,426,048 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
PRC - [2011.02.22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.02.22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.01.17 15:38:20 | 000,702,592 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
PRC - [2011.01.11 16:21:14 | 001,214,080 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
PRC - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
PRC - [2010.11.26 21:50:04 | 002,931,328 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
PRC - [2010.11.25 09:12:56 | 002,529,920 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
PRC - [2010.11.25 09:12:56 | 000,252,544 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
PRC - [2010.11.08 15:09:00 | 000,465,536 | ---- | M] (ASUSTek Computer Inc.) -- C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
PRC - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
PRC - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
PRC - [2010.09.24 21:29:32 | 001,115,776 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2015.07.24 06:22:16 | 000,011,920 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
MOD - [2014.12.23 16:54:24 | 000,608,040 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll
MOD - [2014.12.23 16:54:24 | 000,502,056 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
MOD - [2014.12.23 16:54:24 | 000,338,216 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
MOD - [2011.04.07 17:33:18 | 001,607,168 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
MOD - [2011.03.23 15:05:04 | 000,964,608 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
MOD - [2011.03.04 10:33:44 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
MOD - [2011.02.24 10:19:36 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
MOD - [2011.02.09 09:02:28 | 000,873,472 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
MOD - [2011.01.19 21:23:40 | 001,655,296 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
MOD - [2011.01.13 16:47:34 | 000,881,152 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
MOD - [2011.01.07 16:39:36 | 001,246,208 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
MOD - [2011.01.06 10:38:48 | 001,027,072 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
MOD - [2010.12.01 12:33:32 | 001,244,672 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
MOD - [2010.11.25 15:12:54 | 000,661,504 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
MOD - [2010.11.25 15:12:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
MOD - [2010.11.25 15:12:54 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
MOD - [2010.11.25 15:12:54 | 000,086,016 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
MOD - [2010.11.25 09:12:56 | 000,703,488 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
MOD - [2010.11.25 09:12:56 | 000,661,504 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
MOD - [2010.11.25 09:12:56 | 000,114,688 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
MOD - [2010.11.25 09:12:56 | 000,061,440 | R--- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
MOD - [2010.10.15 17:40:30 | 001,031,680 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
MOD - [2010.08.23 04:17:40 | 000,662,016 | R--- | M] () -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
MOD - [2010.08.06 18:13:48 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
MOD - [2010.08.06 18:11:20 | 000,850,944 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
MOD - [2010.06.21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
MOD - [2010.06.21 15:21:22 | 000,208,896 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
MOD - [2009.08.12 20:15:52 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
MOD - [2009.05.21 10:14:14 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2015.07.16 22:21:50 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2015.05.25 20:19:13 | 001,255,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
SRV:64bit: - [2010.08.12 15:00:20 | 000,133,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\IPROSetMonitor.exe -- (Intel® PROSet Monitoring Service)
SRV - [2015.08.14 15:12:02 | 000,269,000 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2015.08.13 04:58:15 | 000,149,160 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2015.08.07 06:22:17 | 000,410,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2015.07.24 06:22:13 | 001,871,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2015.07.24 06:22:13 | 001,155,216 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV - [2015.07.24 06:22:11 | 005,544,592 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe -- (NvStreamSvc)
SRV - [2015.07.09 19:11:40 | 000,194,000 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe -- (AVP15.0.2)
SRV - [2015.07.02 22:21:26 | 000,356,808 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2014.04.11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2014.03.21 00:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013.09.02 18:14:04 | 000,243,464 | ---- | M] (CyberLink) [Auto | Stopped] -- d:\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_4C1DB90F)
SRV - [2011.04.30 00:32:54 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.03.13 10:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2011.02.22 12:14:40 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.02.22 12:14:34 | 000,326,168 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.12.02 11:34:50 | 000,258,688 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe -- (ASDiskUnlocker)
SRV - [2010.12.02 04:15:14 | 000,915,584 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe -- (asHmComSvc)
SRV - [2010.11.03 11:30:14 | 000,918,144 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe -- (asComSvc)
SRV - [2010.10.21 11:52:26 | 000,586,880 | R--- | M] () [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2010.05.14 14:02:54 | 000,246,256 | ---- | M] (CyberLink) [Auto | Stopped] -- D:\CyberLink\PowerDVD9\NavFilter\kmsvc.exe -- (CLKMSVC10_9475A87B)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2015.07.25 01:28:44 | 000,204,648 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2015.07.09 19:11:38 | 000,190,648 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kneps.sys -- (kneps)
DRV:64bit: - [2015.07.09 19:11:38 | 000,085,360 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klwtp.sys -- (Klwtp)
DRV:64bit: - [2015.07.09 19:11:38 | 000,065,208 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\kltdi.sys -- (kltdi)
DRV:64bit: - [2015.07.09 19:11:38 | 000,040,304 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klkbdflt.sys -- (klkbdflt)
DRV:64bit: - [2015.07.09 19:11:38 | 000,039,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klmouflt.sys -- (klmouflt)
DRV:64bit: - [2015.07.09 19:11:38 | 000,024,944 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klpd.sys -- (klpd)
DRV:64bit: - [2015.07.09 19:11:36 | 000,850,608 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2015.07.09 19:11:36 | 000,225,976 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klhk.sys -- (klhk)
DRV:64bit: - [2015.07.09 19:11:36 | 000,159,960 | ---- | M] (Kaspersky Lab ZAO) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\klflt.sys -- (klflt)
DRV:64bit: - [2015.07.09 19:11:36 | 000,039,280 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\klim6.sys -- (KLIM6)
DRV:64bit: - [2015.07.09 19:11:34 | 000,478,392 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\kl1.sys -- (kl1)
DRV:64bit: - [2015.07.09 19:11:34 | 000,247,016 | ---- | M] (Kaspersky Lab UK Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\cm_km_w.sys -- (cm_km_w)
DRV:64bit: - [2015.07.09 19:11:34 | 000,064,368 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\kldisk.sys -- (kldisk)
DRV:64bit: - [2015.07.03 06:28:26 | 000,047,976 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2015.06.18 04:25:00 | 000,086,672 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2015.06.18 04:25:00 | 000,050,832 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2015.06.11 01:33:42 | 000,068,384 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGJoyXlCore.sys -- (LGJoyXlCore)
DRV:64bit: - [2015.06.11 01:33:42 | 000,026,912 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2015.06.11 01:33:40 | 000,037,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2013.05.30 18:16:40 | 000,064,280 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.04.26 11:07:36 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011.03.13 10:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 10:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 10:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 10:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 10:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 10:58:42 | 000,051,872 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AthDfu.sys -- (ATHDFU)
DRV:64bit: - [2011.03.13 10:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 10:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.08 18:17:40 | 000,369,640 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2010.12.08 18:17:38 | 000,122,856 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.08 14:57:58 | 000,014,464 | ---- | M] (ASUSTek Computer Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AiChargerPlus.sys -- (AiChargerPlus)
DRV:64bit: - [2010.10.19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.09.21 11:29:36 | 000,043,136 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\VDiskBus64.sys -- (VDiskBus)
DRV:64bit: - [2010.09.21 08:34:18 | 000,313,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1c62x64.sys -- (e1cexpress)
DRV:64bit: - [2010.08.27 19:53:22 | 000,297,000 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mv91xx.sys -- (mv91xx)
DRV:64bit: - [2010.08.17 19:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010.08.10 11:29:15 | 000,120,920 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2015.07.24 06:22:11 | 000,019,600 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Programme\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV - [2015.06.21 23:13:48 | 000,014,184 | ---- | M] (Logitech) [Kernel | Auto | Running] -- C:\Programme\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys -- (LGCoreTemp)
DRV - [2010.09.16 20:56:06 | 000,016,512 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys -- (ASFLTDrv.sys)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://de.yahoo.com/?fr=hp-avast&type=752
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://de.search.yahoo.com/yhs/search?type=752&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://de.search.yahoo.com/yhs/search?type=752&hspart=avast&hsimp=yhs-001&p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\..\SearchScopes\{40AEE201-0884-4F7F-8F54-17E01B1CC49B}: "URL" = hxxp://www.google.com/search?q={searchTerms}&amp;sourceid=ie7&amp;rls=com.microsoft:{language}:{referrer:source}&amp;ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\..\SearchScopes\{997A6696-3A88-4EC0-BC26-A41E1A13C9DB}: "URL" = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.countryCode: "DE"
FF - prefs.js..browser.search.defaultengine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaultthis.engineName: "Yahoo! (Avast)"
FF - prefs.js..browser.search.defaulturl: "https://de.search.yahoo.com/yhs/search"
FF - prefs.js..browser.search.hiddenOneOffs: "Bing,Google,Wikipedia (de)"
FF - prefs.js..browser.search.order.1: "Yahoo! (Avast)"
FF - prefs.js..browser.search.region: "DE"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! (Avast)"
FF - prefs.js..browser.search.update: false
FF - prefs.js..browser.search.update.interval: 31536000
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:40.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: fdm_ffext@freedownloadmanager.org:1.3.4
FF - prefs.js..extensions.enabledItems: longurlplease@darragh.curran:0.4.3
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: FFToolbar@bitdefender.com:2.0
FF - prefs.js..keyword.URL: "https://de.search.yahoo.com/yhs/search"
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll ()
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015.08.12 17:47:27 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015.08.12 17:47:27 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015.08.12 17:47:29 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll File not found
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015.08.12 17:47:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015.08.12 17:47:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015.08.12 17:47:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015.08.12 21:55:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0\extensions\\Components: D:\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0\extensions\\Plugins: D:\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 40.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2015.08.12 15:56:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\Extensions
[2015.08.16 22:41:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\Firefox\Profiles\51kzfsuy.default-1439675671374\extensions
[2015.08.16 22:43:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\Firefox\Profiles\51kzfsuy.default-1439675671374\extensions\staged
[2015.08.17 12:40:55 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\Firefox\Profiles\n6tmf4gm.default-1439756977122\extensions
[2015.08.17 12:15:09 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\Firefox\Profiles\n6tmf4gm.default-1439756977122\extensions\de-DE@dictionaries.addons.mozilla.org
[2015.08.17 12:15:09 | 000,000,000 | ---D | M] (Разпознаване на устройство Logitech) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\Firefox\Profiles\n6tmf4gm.default-1439756977122\extensions\DeviceDetection@logitech.com
[2015.08.16 14:43:49 | 000,007,224 | ---- | M] () (No name found) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\firefox\profiles\51kzfsuy.default-1439675671374\extensions\{197003db-974d-4618-9c29-6b814214a2e2}.xpi
[2015.04.15 14:40:40 | 000,038,626 | ---- | M] () (No name found) -- C:\Users\Egon Ganahl\AppData\Roaming\mozilla\firefox\profiles\n6tmf4gm.default-1439756977122\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi
[2015.08.16 23:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2015.08.16 23:25:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2015.08.12 17:47:27 | 000,000,000 | ---D | M] (Modul zum Sperren von gefährlichen Webseiten) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY TOTAL SECURITY 15.0.2\FFEXT\CONTENT_BLOCKER@KASPERSKY.COM
[2015.08.12 17:47:27 | 000,000,000 | ---D | M] (Sicherer Zahlungsverkehr) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY TOTAL SECURITY 15.0.2\FFEXT\ONLINE_BANKING@KASPERSKY.COM
[2015.08.12 17:47:29 | 000,000,000 | ---D | M] (Virtuelle Tastatur) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY TOTAL SECURITY 15.0.2\FFEXT\VIRTUAL_KEYBOARD@KASPERSKY.COM
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Content Blocker Plugin) - {93BC2EA7-2F17-4729-948A-D2E03FFB2412} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Programme\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (ASUSTeK Computer Inc.)
O4 - Startup: C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{95B84472-BE5B-46CC-98AE-08578117D65A}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\gopher - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015.08.15 23:00:59 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015.08.17 13:07:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2015.08.17 13:06:53 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015.08.17 13:06:51 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Desktop\mbar
[2015.08.17 12:39:44 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015.08.17 11:32:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2015.08.17 10:25:17 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\QuickScan
[2015.08.16 23:25:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2015.08.16 23:25:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015.08.16 23:09:09 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\GWX
[2015.08.16 22:34:00 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Macromedia
[2015.08.16 18:55:11 | 000,000,000 | ---D | C] -- C:\ProgramData\VIPRE
[2015.08.16 18:44:55 | 000,000,000 | ---D | C] -- C:\ProgramData\STOPzilla!
[2015.08.16 18:44:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iS3
[2015.08.16 00:03:56 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.08.15 23:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015.08.15 23:12:38 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Wise Uninstaller
[2015.08.15 23:00:35 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2015.08.15 22:59:59 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2015.08.15 22:21:50 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Intel Drivers Update Utility
[2015.08.15 22:21:47 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Intel Drivers Update Utility
[2015.08.15 14:23:08 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Programs
[2015.08.15 12:58:41 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cardxperts Rainer Kerner
[2015.08.15 12:58:15 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Deployment
[2015.08.15 12:58:15 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Apps
[2015.08.15 11:08:36 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Documents\DxO FilmPack 3
[2015.08.15 11:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\DxO Labs
[2015.08.15 11:08:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
[2015.08.15 09:49:41 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2015.08.15 09:48:22 | 000,000,000 | --SD | C] -- C:\Windows\SysWow64\GWX
[2015.08.15 09:48:21 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\GWX
[2015.08.14 23:34:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
[2015.08.14 23:30:16 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\BOM
[2015.08.14 16:30:43 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2015.08.14 16:30:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appraiser
[2015.08.14 15:11:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
[2015.08.14 14:47:59 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2015.08.14 14:46:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015.08.14 10:52:58 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\OpenOffice
[2015.08.14 10:01:18 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\GHISLER
[2015.08.14 09:57:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2015.08.14 09:56:58 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2015.08.14 09:34:18 | 000,000,000 | ---D | C] -- C:\Windows\CheckSur
[2015.08.14 09:12:48 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\ElevatedDiagnostics
[2015.08.13 21:50:08 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\NVIDIA Corporation
[2015.08.13 13:23:46 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\GHISLER
[2015.08.13 13:10:47 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Google
[2015.08.13 13:04:28 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\CrashDumps
[2015.08.13 13:01:47 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\FreeFLVConverter
[2015.08.13 12:48:02 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\elfopatch
[2015.08.13 12:46:47 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\elsterformular
[2015.08.13 12:46:47 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular
[2015.08.13 12:45:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015.08.13 12:43:18 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Adobe
[2015.08.12 22:16:30 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Zoner
[2015.08.12 22:16:30 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Zoner
[2015.08.12 22:16:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Zoner
[2015.08.12 22:16:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16
[2015.08.12 21:56:00 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Logishrd
[2015.08.12 21:52:50 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2015.08.12 21:52:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2015.08.12 21:52:45 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Leadertech
[2015.08.12 21:52:22 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2015.08.12 21:52:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2015.08.12 21:43:17 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\EIZO
[2015.08.12 21:42:32 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Downloaded Installations
[2015.08.12 21:22:23 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Documents\CyberLink
[2015.08.12 21:18:18 | 000,000,000 | ---D | C] -- C:\ProgramData\LightScribe
[2015.08.12 21:15:20 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Power2Go
[2015.08.12 19:53:04 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Microsoft Games
[2015.08.12 19:43:23 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Packages
[2015.08.12 19:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\install_clap
[2015.08.12 19:38:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
[2015.08.12 19:38:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LightScribe
[2015.08.12 19:37:09 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
[2015.08.12 19:36:51 | 000,000,000 | ---D | C] -- C:\ProgramData\CLSK
[2015.08.12 19:26:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2015.08.12 19:23:17 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\CyberLink
[2015.08.12 19:23:17 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Cyberlink
[2015.08.12 19:23:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cyberlink
[2015.08.12 19:22:48 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Desktop\GPS-Tools
[2015.08.12 19:22:33 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Desktop\Grafik-Tools
[2015.08.12 19:20:45 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2015.08.12 19:20:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
[2015.08.12 19:19:38 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2015.08.12 19:18:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2015.08.12 19:10:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2015.08.12 18:36:44 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Desktop\Tools
[2015.08.12 18:36:35 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Desktop\Spiele
[2015.08.12 18:36:21 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Desktop\Player-Tolls
[2015.08.12 18:36:11 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Desktop\Text-Tools
[2015.08.12 18:16:01 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Logitech
[2015.08.12 18:16:01 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2015.08.12 18:15:09 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2015.08.12 18:15:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015.08.12 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Logitech
[2015.08.12 18:14:25 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Logishrd
[2015.08.12 17:58:48 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\NVIDIA
[2015.08.12 17:54:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2015.08.12 17:53:50 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2015.08.12 17:53:11 | 000,112,760 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015.08.12 17:53:11 | 000,105,080 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015.08.12 17:53:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2015.08.12 17:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2015.08.12 17:49:51 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2015.08.12 17:47:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
[2015.08.12 17:47:32 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\klfphc.dll
[2015.08.12 17:47:27 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2015.08.12 17:47:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2015.08.12 17:47:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2015.08.12 17:47:23 | 000,850,608 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klif.sys
[2015.08.12 17:47:23 | 000,225,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klhk.sys
[2015.08.12 17:47:23 | 000,159,960 | ---- | C] (Kaspersky Lab ZAO) -- C:\Windows\SysNative\drivers\klflt.sys
[2015.08.12 17:45:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2015.08.12 17:31:31 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Mozilla
[2015.08.12 16:03:48 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2015.08.12 15:56:43 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Thunderbird
[2015.08.12 15:56:43 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Thunderbird
[2015.08.12 15:56:43 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Mozilla
[2015.08.12 15:42:23 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Macromedia
[2015.08.12 15:42:22 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Adobe
[2015.08.12 15:39:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel Corporation
[2015.08.12 15:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS OC Profiles
[2015.08.12 15:37:10 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Intel Corporation
[2015.08.12 15:37:10 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\BMExplorer
[2015.08.12 15:37:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2015.08.12 15:31:40 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
[2015.08.12 15:30:34 | 000,014,464 | ---- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysNative\drivers\AiChargerPlus.sys
[2015.08.12 15:30:07 | 000,184,320 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\drivers\UpdateHelper.dll
[2015.08.12 15:30:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
[2015.08.12 15:29:33 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2015.08.12 15:29:17 | 000,028,672 | R--- | C] (ASUSTek Computer Inc.) -- C:\Windows\SysWow64\AsIO.dll
[2015.08.12 15:29:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASUS
[2015.08.12 15:25:01 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\Documents\Bluetooth Folder
[2015.08.12 15:24:57 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2015.08.12 15:24:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2015.08.12 15:24:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2015.08.12 15:22:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
[2015.08.12 15:22:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2015.08.12 15:18:28 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2015.08.12 15:17:13 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2015.08.12 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2015.08.12 15:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2015.08.12 15:16:07 | 000,000,000 | ---D | C] -- C:\Windows\RaidTool
[2015.08.12 15:15:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\postureAgent
[2015.08.12 15:15:07 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2015.08.12 15:14:57 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2015.08.12 15:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2015.08.12 15:14:49 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2015.08.12 15:14:49 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2015.08.12 15:14:48 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2015.08.12 15:14:48 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2015.08.12 15:14:48 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2015.08.12 15:14:48 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2015.08.12 15:14:48 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2015.08.12 15:14:48 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2015.08.12 15:14:48 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2015.08.12 15:14:43 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2015.08.12 15:14:43 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2015.08.12 15:14:43 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2015.08.12 15:14:43 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2015.08.12 15:14:42 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2015.08.12 15:14:42 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2015.08.12 15:14:39 | 001,718,616 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2015.08.12 15:14:39 | 000,127,832 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2015.08.12 15:14:38 | 001,870,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek.dll
[2015.08.12 15:14:38 | 000,421,720 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2015.08.12 15:14:38 | 000,334,680 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2015.08.12 15:14:38 | 000,108,888 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2015.08.12 15:14:38 | 000,074,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2015.08.12 15:14:37 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2015.08.12 15:14:37 | 000,341,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2015.08.12 15:14:37 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2015.08.12 15:14:31 | 001,937,312 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2015.08.12 15:14:31 | 000,475,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2015.08.12 15:14:30 | 001,327,208 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2015.08.12 15:14:30 | 001,179,752 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2015.08.12 15:14:30 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2015.08.12 15:14:30 | 000,317,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2015.08.12 15:14:30 | 000,269,928 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2015.08.12 15:14:30 | 000,266,856 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2015.08.12 15:14:30 | 000,126,056 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2015.08.12 15:14:30 | 000,125,032 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2015.08.12 15:14:29 | 001,111,656 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2015.08.12 15:14:29 | 000,504,936 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2015.08.12 15:14:29 | 000,125,544 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2015.08.12 15:14:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2015.08.12 15:14:25 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2015.08.12 15:14:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2015.08.12 15:13:59 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2015.08.12 15:13:38 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2015.08.12 15:13:37 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\InstallShield
[2015.08.12 15:12:39 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2015.08.12 15:12:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2015.08.12 15:09:35 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015.08.12 15:09:35 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Searches
[2015.08.12 15:09:35 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015.08.12 15:09:30 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Identities
[2015.08.12 15:09:29 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Contacts
[2015.08.12 15:09:28 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\VirtualStore
[2015.08.12 15:09:24 | 000,000,000 | --SD | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Videos
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Saved Games
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Pictures
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Music
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Links
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Favorites
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Downloads
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Documents
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\Desktop
[2015.08.12 15:09:24 | 000,000,000 | R--D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Vorlagen
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\AppData\Local\Verlauf
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\AppData\Local\Temporary Internet Files
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Startmenü
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\SendTo
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Recent
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Netzwerkumgebung
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Lokale Einstellungen
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Documents\Eigene Videos
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Documents\Eigene Musik
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Eigene Dateien
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Documents\Eigene Bilder
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Druckumgebung
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Cookies
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\AppData\Local\Anwendungsdaten
[2015.08.12 15:09:24 | 000,000,000 | -HSD | C] -- C:\Users\Egon Ganahl\Anwendungsdaten
[2015.08.12 15:09:24 | 000,000,000 | -H-D | C] -- C:\Users\Egon Ganahl\AppData
[2015.08.12 15:09:24 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Temp
[2015.08.12 15:09:24 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Local\Microsoft
[2015.08.12 15:09:24 | 000,000,000 | ---D | C] -- C:\Users\Egon Ganahl\AppData\Roaming\Media Center Programs
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Vorlagen
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Startmenü
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\Program Files\Gemeinsame Dateien
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Favoriten
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Videos
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Musik
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\Users\Public\Documents\Eigene Bilder
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Dokumente
[2015.08.12 15:09:23 | 000,000,000 | -HSD | C] -- C:\ProgramData\Anwendungsdaten
[2015.08.12 15:09:22 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015.08.12 15:04:49 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
 
========== Files - Modified Within 30 Days ==========
 
[2015.08.17 13:15:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.17 13:15:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.17 13:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.08.17 13:07:31 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015.08.17 13:06:53 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015.08.17 12:59:45 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2015.08.17 12:59:45 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2015.08.17 12:58:44 | 001,648,656 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015.08.17 12:58:44 | 000,713,958 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2015.08.17 12:58:44 | 000,658,506 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015.08.17 12:58:44 | 000,154,074 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2015.08.17 12:58:44 | 000,126,186 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015.08.17 12:51:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015.08.17 12:51:52 | 2121,641,983 | -HS- | M] () -- C:\hiberfil.sys
[2015.08.17 10:27:29 | 000,001,213 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.08.16 19:06:23 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\SBRC.dat
[2015.08.15 23:00:59 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
[2015.08.15 14:30:32 | 000,277,360 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015.08.14 23:37:18 | 001,622,000 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.08.14 23:34:06 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\Biet-O-Matic.lnk
[2015.08.14 11:47:00 | 000,016,303 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2015.08.14 11:47:00 | 000,016,303 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2015.08.14 10:51:05 | 000,000,642 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\quickstart.lnk
[2015.08.13 13:42:11 | 000,001,375 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\Internet Explorer (64-bit).lnk
[2015.08.13 13:08:13 | 000,001,087 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\googleearth.lnk
[2015.08.13 12:55:29 | 000,000,606 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\pica - Verknüpfung.lnk
[2015.08.12 22:23:36 | 000,001,344 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\Zoner.lnk
[2015.08.12 21:53:06 | 000,001,354 | ---- | M] () -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2015.08.12 21:34:53 | 000,000,997 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\TOTALCMD64.lnk
[2015.08.12 21:34:01 | 000,000,612 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\MozBackup.lnk
[2015.08.12 21:19:19 | 000,000,985 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\Thunderbird.lnk
[2015.08.12 19:46:55 | 000,000,000 | ---- | M] () -- C:\Windows\lgfwup.ini
[2015.08.12 17:48:04 | 000,002,303 | ---- | M] () -- C:\Users\Egon Ganahl\Desktop\Sicherer Zahlungsverkehr.lnk
[2015.08.12 17:47:36 | 000,002,053 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Total Security.lnk
[2015.08.12 15:31:50 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2015.08.12 15:27:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2015.08.12 15:25:02 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2015.08.12 15:15:07 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[2015.08.12 15:11:25 | 000,029,047 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2015.08.12 15:11:07 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2015.08.12 15:07:00 | 000,159,772 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2015.08.12 15:07:00 | 000,159,772 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2015.08.12 15:05:33 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015.08.07 13:06:30 | 042,840,184 | ---- | M] () -- C:\Windows\SysNative\nvcompiler.dll
[2015.08.07 13:06:30 | 037,819,000 | ---- | M] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015.08.07 13:06:30 | 000,112,760 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015.08.07 13:06:30 | 000,105,080 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015.08.07 13:06:30 | 000,033,050 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2015.08.03 12:12:34 | 005,133,709 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
 
========== Files Created - No Company Name ==========
 
[2015.08.16 19:06:23 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\SBRC.dat
[2015.08.15 23:00:59 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
[2015.08.15 22:21:47 | 001,875,456 | R--- | C] () -- C:\Users\Egon Ganahl\AppData\Local\IconOverlayEx.dll
[2015.08.14 23:34:06 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\Biet-O-Matic.lnk
[2015.08.14 23:34:00 | 000,015,873 | ---- | C] () -- C:\Windows\SysWow64\Inetde.dll
[2015.08.14 16:47:20 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2015.08.14 15:11:44 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2015.08.14 11:47:00 | 000,016,303 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2015.08.14 11:47:00 | 000,016,303 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2015.08.14 10:51:05 | 000,000,642 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\quickstart.lnk
[2015.08.13 22:06:13 | 042,840,184 | ---- | C] () -- C:\Windows\SysNative\nvcompiler.dll
[2015.08.13 22:06:13 | 037,819,000 | ---- | C] () -- C:\Windows\SysWow64\nvcompiler.dll
[2015.08.13 13:11:34 | 000,002,184 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
[2015.08.13 13:10:52 | 000,001,120 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015.08.13 13:10:52 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015.08.13 13:08:13 | 000,001,087 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\googleearth.lnk
[2015.08.13 13:01:58 | 000,001,175 | ---- | C] () -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free FLV Converter.lnk
[2015.08.13 13:01:47 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\PropertyGrid.ocx
[2015.08.13 13:01:47 | 000,208,500 | ---- | C] () -- C:\Windows\SysWow64\ReyXpBasics.tlb
[2015.08.13 13:01:47 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ControlSubX.ocx
[2015.08.13 13:00:13 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2015.08.13 12:55:29 | 000,000,606 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\pica - Verknüpfung.lnk
[2015.08.12 22:23:36 | 000,001,344 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\Zoner.lnk
[2015.08.12 21:53:06 | 000,001,354 | ---- | C] () -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Produktregistrierung.lnk
[2015.08.12 21:34:53 | 000,000,997 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\TOTALCMD64.lnk
[2015.08.12 21:34:01 | 000,000,612 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\MozBackup.lnk
[2015.08.12 21:19:19 | 000,000,985 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\Thunderbird.lnk
[2015.08.12 19:30:57 | 000,000,000 | ---- | C] () -- C:\Windows\lgfwup.ini
[2015.08.12 18:40:47 | 000,001,375 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\Internet Explorer (64-bit).lnk
[2015.08.12 17:53:21 | 005,133,709 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2015.08.12 17:52:04 | 001,622,000 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2015.08.12 17:50:55 | 000,033,050 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2015.08.12 17:48:04 | 000,002,303 | ---- | C] () -- C:\Users\Egon Ganahl\Desktop\Sicherer Zahlungsverkehr.lnk
[2015.08.12 17:47:39 | 000,002,053 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Total Security.lnk
[2015.08.12 17:31:25 | 000,001,213 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015.08.12 17:31:24 | 000,001,225 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015.08.12 15:31:50 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2015.08.12 15:29:16 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2015.08.12 15:29:09 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2015.08.12 15:27:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2015.08.12 15:18:25 | 000,001,904 | ---- | C] () -- C:\Windows\SysNative\SetupBD.din
[2015.08.12 15:17:49 | 000,003,114 | ---- | C] () -- C:\Windows\SysNative\e1c62x64.din
[2015.08.12 15:15:38 | 000,008,192 | ---- | C] () -- C:\Windows\SysNative\drivers\IntelMEFWVer.dll
[2015.08.12 15:11:07 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2015.08.12 15:11:00 | 000,029,047 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2015.08.12 15:09:36 | 000,001,475 | ---- | C] () -- C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015.08.12 15:06:54 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2015.08.12 15:06:53 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2015.08.12 15:05:33 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2015.08.11 23:07:13 | 2121,641,983 | -HS- | C] () -- C:\hiberfil.sys
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015.07.10 19:51:25 | 014,177,280 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015.07.10 19:34:07 | 012,875,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2015.08.14 23:34:19 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\BOM
[2015.08.12 21:43:17 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\EIZO
[2015.08.13 12:46:53 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\elsterformular
[2015.08.13 13:01:58 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\FreeFLVConverter
[2015.08.16 00:58:58 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\GHISLER
[2015.08.12 21:52:45 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\Leadertech
[2015.08.14 10:52:58 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\OpenOffice
[2015.08.17 10:25:17 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\QuickScan
[2015.08.12 15:56:43 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\Thunderbird
[2015.08.16 00:58:56 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\Wise Uninstaller
[2015.08.12 22:16:30 | 000,000,000 | ---D | M] -- C:\Users\Egon Ganahl\AppData\Roaming\Zoner
 
========== Purity Check ==========
 

< End of report >
--- --- ---

MBAR Logfile:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17959

File system is: NTFS
Disk drives: B:\ DRIVE_FIXED, C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.310000 GHz
Memory total: 8555479040, free: 6614949888

Downloaded database version: v2015.08.17.05
Downloaded database version: v2015.08.16.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
08/17/2015 13:07:31
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\cm_km_w.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\jraid.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\AiChargerPlus.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\DRIVERS\mv91xx.sys
\SystemRoot\system32\DRIVERS\mvxxmm.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\system32\DRIVERS\klhk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\klwtp.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VDiskBus64.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\e1c62x64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\ICCWDT.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\drivers\LGJoyXlCore.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\LUsbFilt.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\DRIVERS\LGSHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\Drivers\rikvm_4C1DB90F.sys
\??\C:\Windows\system32\Drivers\rikvm_9475A87B.sys
\SystemRoot\system32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\kldisk.sys
\??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\??\C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ws2_32.dll
\Windows\System32\wininet.dll
\Windows\System32\advapi32.dll
\Windows\System32\shell32.dll
\Windows\System32\lpk.dll
\Windows\System32\clbcatq.dll
\Windows\System32\user32.dll
\Windows\System32\kernel32.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\gdi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\comdlg32.dll
\Windows\System32\usp10.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\psapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\sechost.dll
\Windows\System32\imagehlp.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
main: v2015.08.17.05
rootkit: v2015.08.16.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009753060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009753b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009753060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80069a46e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80069ab050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 44098610

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 249860096

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 128035676160 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8009754060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009754b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009754060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80069aae40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8006dec050, DeviceName: \Device\Ide\IAAStorageDevice-3\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3F62A595

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 983007232
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 983009280 Numsec = 970510336

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6b9040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b501b60, DeviceName: \Device\000000ab\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6bfb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b625060, DeviceName: \Device\000000ac\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6c06a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b6734a0, DeviceName: \Device\000000ad\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VE1" is compressed (flags = 1)
Scan finished
=======================================

Scan started
Database versions:
main: v2015.08.17.05
rootkit: v2015.08.16.01

<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 44098610

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 249860096

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 128035676160 bytes
Sector size: 512 bytes

Done!
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3F62A595

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 983007232
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 983009280 Numsec = 970510336

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6b9040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b501b60, DeviceName: \Device\000000ab\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6bfb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b625060, DeviceName: \Device\000000ac\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6c06a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b6734a0, DeviceName: \Device\000000ad\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VE1" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

schrauber 17.08.2015 13:01
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


eganahl 17.08.2015 13:39
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17959

File system is: NTFS
Disk drives: B:\ DRIVE_FIXED, C:\ DRIVE_FIXED, D:\ DRIVE_FIXED
CPU speed: 3.310000 GHz
Memory total: 8555479040, free: 6614949888

Downloaded database version: v2015.08.17.05
Downloaded database version: v2015.08.16.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
08/17/2015 13:07:31
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\kl1.sys
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\cm_km_w.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\jraid.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\DRIVERS\AiChargerPlus.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\DRIVERS\mv91xx.sys
\SystemRoot\system32\DRIVERS\mvxxmm.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\klif.sys
\SystemRoot\system32\DRIVERS\klflt.sys
\SystemRoot\system32\DRIVERS\klhk.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\klpd.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\kltdi.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\klwtp.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\klim6.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\VDiskBus64.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\kneps.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\e1c62x64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\ICCWDT.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\drivers\LGJoyXlCore.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\LUsbFilt.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\klkbdflt.sys
\SystemRoot\system32\DRIVERS\LGSHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\klmouflt.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\Drivers\rikvm_4C1DB90F.sys
\??\C:\Windows\system32\Drivers\rikvm_9475A87B.sys
\SystemRoot\system32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\kldisk.sys
\??\C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\bthmodem.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\??\C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\ws2_32.dll
\Windows\System32\wininet.dll
\Windows\System32\advapi32.dll
\Windows\System32\shell32.dll
\Windows\System32\lpk.dll
\Windows\System32\clbcatq.dll
\Windows\System32\user32.dll
\Windows\System32\kernel32.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\Wldap32.dll
\Windows\System32\difxapi.dll
\Windows\System32\msvcrt.dll
\Windows\System32\gdi32.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\comdlg32.dll
\Windows\System32\usp10.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\psapi.dll
\Windows\System32\oleaut32.dll
\Windows\System32\normaliz.dll
\Windows\System32\sechost.dll
\Windows\System32\imagehlp.dll
\Windows\System32\imm32.dll
\Windows\System32\ole32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
\Windows\System32\comctl32.dll
\Windows\System32\wintrust.dll
\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
\Windows\System32\userenv.dll
\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
\Windows\System32\crypt32.dll
\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
\Windows\System32\KernelBase.dll
\Windows\System32\msasn1.dll
\Windows\System32\profapi.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!

Scan started
Database versions:
main: v2015.08.17.05
rootkit: v2015.08.16.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8009753060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009753b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009753060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80069a46e0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80069ab050, DeviceName: \Device\Ide\IAAStorageDevice-2\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 44098610

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 249860096

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 128035676160 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa8009754060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8009754b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8009754060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80069aae40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8006dec050, DeviceName: \Device\Ide\IAAStorageDevice-3\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3F62A595

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 983007232
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 983009280 Numsec = 970510336

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6b9040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b501b60, DeviceName: \Device\000000ab\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6bfb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b625060, DeviceName: \Device\000000ac\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6c06a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b6734a0, DeviceName: \Device\000000ad\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VE1" is compressed (flags = 1)
Scan finished
=======================================

Scan started
Database versions:
main: v2015.08.17.05
rootkit: v2015.08.16.01

<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 44098610

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 249860096

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 128035676160 bytes
Sector size: 512 bytes

Done!
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3F62A595

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 983007232
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 983009280 Numsec = 970510336

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6b9040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bb790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b501b60, DeviceName: \Device\000000ab\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6bfb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6bf060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b625060, DeviceName: \Device\000000ac\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800b6c06a0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800b6be060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800b6734a0, DeviceName: \Device\000000ad\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-6FD3BDAC075B4FB7AFF1E38C299C6345DDA51088.bin.VE1" is compressed (flags = 1)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-08-2015
durchgeführt von Egon Ganahl (2015-08-17 14:35:03)
Gestartet von C:\Users\Egon Ganahl\Downloads
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1972276942-304031086-505706886-500 - Administrator - Disabled)
Egon Ganahl (S-1-5-21-1972276942-304031086-505706886-1000 - Administrator - Enabled) => C:\Users\Egon Ganahl
Gast (S-1-5-21-1972276942-304031086-505706886-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.28 - ASUSTeK Computer Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.4.5.0 - Asmedia Technology)
Biet-O-Matic v2.14.12 (HKLM-x32\...\Biet-O-Matic v2.14.12) (Version: 2.14.12 - BOM Development Team)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
cardXIssue (HKU\S-1-5-21-1972276942-304031086-505706886-1000\...\1baecab78b735f22) (Version: 1.7.6.59 - cardxperts Rainer Kerner)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
CyberLink BD_3D Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: 2.0.6410 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2919.52 - CyberLink Corp.)
Disk Unlocker (HKLM-x32\...\{BA30CBCD-03DA-457A-A34B-3EF637D45D4E}) (Version: 2.0.5 - ASUS)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.96.0 - DxO Labs)
ElsterFormular-Upgrade (HKLM-x32\...\ElsterFormular für Privatanwender und Unternehmer 12.0.0.5880k) (Version: 16.2.17437 - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Network Connections 15.6.25.0 (HKLM\...\PROSetDX) (Version: 15.6.25.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.17.58.2 - JMicron Technology Corp.)
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
LightScribe System Software (HKLM-x32\...\{10427BCB-0742-43BE-81E2-3920972946F5}) (Version: 1.18.23.1 - LightScribe)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.82 - Logitech)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1045 - Marvell)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 40.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0 (x86 de)) (Version: 40.0 - Mozilla)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6251 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

15-08-2015 22:31:30 Installed ScreenManager Pro for LCD.
15-08-2015 22:32:07 Removed ScreenManager Pro for LCD.
15-08-2015 22:32:31 Installed ScreenManager Pro for LCD.
16-08-2015 18:44:20 Installed STOPzilla AntiVirus 7.
16-08-2015 19:31:48 Installed STOPzilla AntiMalware.
16-08-2015 19:39:21 Removed STOPzilla AntiVirus 7.
16-08-2015 19:42:55 Installed STOPzilla AntiMalware.
16-08-2015 22:45:21 Removed Browser Configuration Utility.
16-08-2015 22:46:05 Windows Defender Checkpoint
17-08-2015 10:10:14 Removed EIZO ScreenSlicer.
17-08-2015 10:10:49 Konfiguriert YouCam
17-08-2015 10:27:30 Gerätetreiber-Paketinstallation: Agnitum Netzwerkdienst
17-08-2015 10:27:33 Gerätetreiber-Paketinstallation: Agnitum Netzwerkadapter

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {13B6247C-5734-4074-AADF-9AFAEFC78911} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: {19ED6F30-0044-44BF-A526-6324252DA048} - System32\Tasks\avastBCLRestart_firefox.exe => Firefox.exe
Task: {285C669D-AD76-4431-B09B-8CB89B2885A0} - System32\Tasks\{1F977B5B-AAD2-4666-900F-77306C992A03} => pcalua.exe -a "C:\Users\Egon Ganahl\Downloads\STOPzillaASM_Setup.exe" -d "C:\Users\Egon Ganahl\Downloads"
Task: {30F7A0E4-00AB-49C0-B391-FD6830D79BF3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-14] (Adobe Systems Incorporated)
Task: {692701EF-AAFE-4E1B-87B9-18FFC7B30AC3} - System32\Tasks\{EB2835B7-9C9A-425F-8763-D90A7AAA6371} => pcalua.exe -a D:\ElsterFormular\bin\installationsverwaltung.exe -d D:\ElsterFormular\bin
Task: {6B560027-6537-4ED3-AE98-90D6A2A71818} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {82F15172-FCCD-4813-B96A-1EF0C570B933} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {C22A403A-5666-4ABD-92A9-9A7348BD8969} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {E09480F9-AB79-4AD1-A035-532B7443633D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {F75F98F2-62DC-4749-996A-6BB15327D90E} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {F8D24735-ADA4-47B8-8840-0C86E1711F3E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-12 17:53 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-11-03 11:30 - 2010-11-03 11:30 - 00918144 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2010-12-02 04:15 - 2010-12-02 04:15 - 00915584 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
2015-08-12 15:30 - 2010-10-21 11:52 - 00586880 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2015-08-15 22:21 - 2015-06-20 17:14 - 01875456 ____R () C:\Users\Egon Ganahl\AppData\Local\IconOverlayEx.dll
2015-08-12 19:23 - 2009-07-02 16:02 - 00244904 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-08-12 15:29 - 2015-08-17 12:51 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2015-08-12 15:29 - 2010-06-29 04:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\kpcengine.2.3.dll
2015-08-12 17:54 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-12 15:30 - 2010-11-25 15:12 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2015-08-12 15:30 - 2010-11-25 15:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2015-08-12 15:30 - 2010-11-25 15:12 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2015-08-12 15:30 - 2010-11-25 15:12 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2015-08-12 15:30 - 2010-11-25 09:12 - 00061440 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2015-08-12 15:30 - 2010-11-25 09:12 - 00661504 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2015-08-12 15:30 - 2010-11-25 09:12 - 00703488 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2015-08-12 15:30 - 2010-11-25 09:12 - 00114688 ____R () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2015-08-12 15:31 - 2011-03-04 10:33 - 00053248 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2015-08-12 15:31 - 2009-05-21 10:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2015-08-12 15:30 - 2011-02-24 10:19 - 00143360 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2015-08-12 15:30 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2015-08-12 15:30 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2015-08-12 15:30 - 2011-02-09 09:02 - 00873472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2015-08-12 15:30 - 2010-10-15 17:40 - 01031680 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Update\Update.dll
2015-08-12 15:30 - 2011-03-23 15:05 - 00964608 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2015-08-12 15:30 - 2011-01-19 21:23 - 01655296 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2015-08-12 15:31 - 2010-12-01 12:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2015-08-12 15:31 - 2011-01-06 10:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2015-08-12 15:30 - 2011-01-13 16:47 - 00881152 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2015-08-12 15:30 - 2011-04-07 17:33 - 01607168 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2015-08-12 15:30 - 2011-01-07 16:39 - 01246208 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2015-08-12 15:30 - 2010-08-06 18:11 - 00850944 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2015-08-12 15:30 - 2010-08-06 18:13 - 00886272 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2015-08-12 15:29 - 2010-08-23 04:17 - 00662016 ____R () C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMLib.dll
2015-08-12 15:30 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\ImageHelper.dll
2015-08-14 20:29 - 2015-08-14 20:29 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c152a64e30c5b94894d75ac86aa7aad2\IsdiInterop.ni.dll
2015-08-12 15:13 - 2011-04-30 00:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2015-07-20 19:59 - 2015-07-20 19:59 - 00153712 _____ () D:\Mozilla Thunderbird\NSLDAP32V60.dll
2015-07-20 19:59 - 2015-07-20 19:59 - 00023152 _____ () D:\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00502056 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00338216 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com\nponlinebanking.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 00608040 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1972276942-304031086-505706886-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{79F9B2A8-2F13-432E-AC58-E173C617D7DA}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
FirewallRules: [{4A310891-4B91-48D6-ADB1-F41EDB4E0962}] => (Allow) D:\Mozilla Firefox\firefox.exe
FirewallRules: [{9FC9AAD2-7C46-4673-9D4F-3A7A45830ED5}] => (Allow) D:\Mozilla Firefox\firefox.exe
FirewallRules: [{61AFC914-59C7-4179-A923-6C8BC68CE13C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8C5F6A5D-D215-40D2-9E03-F15A045236D4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EB315EEB-FD87-432A-AD9D-D2639993FE5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{FD743F73-B821-48B0-BCDB-A46E249046E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B9AE7F4-8B52-4126-9F6B-89C7718970C9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8C46D348-FF9D-44DF-B50D-7D4E897C697E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{725EDD41-38B2-4624-80C7-72A2CC75BF3F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{205E1A40-060A-4F84-8C1D-74C71BBB9848}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{44BAF18C-65E8-4CB9-8742-26906F443AE3}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{11B6B529-9EB8-4A87-88FA-DBE309A74810}] => (Allow) D:\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{C88FB73E-E2F6-4155-84EF-419874FBEDC9}] => (Allow) D:\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{3F5D6E46-15A2-4199-AC99-B1095A87AA51}] => (Allow) D:\Cyberlink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{37B57550-63CC-4065-83BE-B85569A4DC08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1F0B562C-0FEE-4E99-A543-2D8FE7762576}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/17/2015 12:53:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 12:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: EC Simulator.exe, Version: 1.0.0.19, Zeitstempel: 0x4cd8f8db
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18933, Zeitstempel: 0x55a69ec4
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1098
Startzeit der fehlerhaften Anwendung: 0xEC Simulator.exe0
Pfad der fehlerhaften Anwendung: EC Simulator.exe1
Pfad des fehlerhaften Moduls: EC Simulator.exe2
Berichtskennung: EC Simulator.exe3

Error: (08/17/2015 12:44:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 11:38:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702, Zeitstempel: 0x55cc03bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702, Zeitstempel: 0x55cbf190
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e631
ID des fehlerhaften Prozesses: 0x8d4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (08/17/2015 11:37:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702, Zeitstempel: 0x55cc03bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702, Zeitstempel: 0x55cbf190
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e631
ID des fehlerhaften Prozesses: 0x10bc
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (08/17/2015 11:37:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702, Zeitstempel: 0x55cc03bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702, Zeitstempel: 0x55cbf190
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e631
ID des fehlerhaften Prozesses: 0xcc0
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (08/17/2015 11:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702, Zeitstempel: 0x55cc03bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702, Zeitstempel: 0x55cbf190
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e631
ID des fehlerhaften Prozesses: 0x748
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (08/17/2015 11:37:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.2.5702, Zeitstempel: 0x55cc03bd
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.2.5702, Zeitstempel: 0x55cbf190
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e631
ID des fehlerhaften Prozesses: 0x7a8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (08/17/2015 11:33:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: Büro-PC)
Description: Programm: Kaspersky Total Security -- Fehler 1316. Das angegebene Konto ist bereits vorhanden.

Error: (08/17/2015 10:56:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (08/17/2015 12:51:56 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (08/17/2015 12:51:56 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (08/17/2015 12:51:56 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "ASDiskUnlocker" hat einen ungültigen aktuellen Status gemeldet: 11

Error: (08/17/2015 12:51:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%2

Error: (08/17/2015 12:51:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/17/2015 12:50:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Druckwarteschlange" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/17/2015 12:50:30 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "Spooler" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/17/2015 12:50:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069

Error: (08/17/2015 12:50:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (08/17/2015 12:49:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office:
=========================
Error: (08/17/2015 12:53:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 12:49:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: EC Simulator.exe1.0.0.194cd8f8dbKERNELBASE.dll6.1.7601.1893355a69ec40eedfade0000c42d109801d0d8d9808605deC:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exeC:\Windows\syswow64\KERNELBASE.dlla36f4cca-44cd-11e5-b2ba-f46d045831a4

Error: (08/17/2015 12:44:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (08/17/2015 11:38:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.2.570255cc03bdmozglue.dll40.0.2.570255cbf190800000030000e6318d401d0d8d04c17ca11C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dlla81267b2-44c3-11e5-b81b-f46d045831a4

Error: (08/17/2015 11:37:49 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.2.570255cc03bdmozglue.dll40.0.2.570255cbf190800000030000e63110bc01d0d8d04c1fb96eC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dll9f1f9fe7-44c3-11e5-b81b-f46d045831a4

Error: (08/17/2015 11:37:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.2.570255cc03bdmozglue.dll40.0.2.570255cbf190800000030000e631cc001d0d8cfeb22ba80C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dll91799eae-44c3-11e5-b81b-f46d045831a4

Error: (08/17/2015 11:37:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.2.570255cc03bdmozglue.dll40.0.2.570255cbf190800000030000e63174801d0d8cfeb324b1bC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dll8db5d1d2-44c3-11e5-b81b-f46d045831a4

Error: (08/17/2015 11:37:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.2.570255cc03bdmozglue.dll40.0.2.570255cbf190800000030000e6317a801d0d8cfeb2a82cdC:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dll89f2c848-44c3-11e5-b81b-f46d045831a4

Error: (08/17/2015 11:33:31 AM) (Source: MsiInstaller) (EventID: 11316) (User: Büro-PC)
Description: Programm: Kaspersky Total Security -- Fehler 1316. Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (08/17/2015 10:56:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity:
===================================
Date: 2015-08-14 16:59:21.047
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:59:21.016
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:59:16.538
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:59:16.538
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:55:39.688
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:55:39.641
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:55:35.445
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:55:35.445
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\LGBusEnum.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:52:25.917
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2015-08-14 16:52:25.886
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8159.14 MB
Verfügbarer physikalischer RAM: 6088.87 MB
Summe virtueller Speicher: 16316.48 MB
Verfügbarer virtueller Speicher: 13685.7 MB

==================== Laufwerke ================================

Drive b: (Volume) (Fixed) (Total:462.78 GB) (Free:266.65 GB) NTFS
Drive c: () (Fixed) (Total:119.14 GB) (Free:69.88 GB) NTFS
Drive d: (Volume) (Fixed) (Total:468.73 GB) (Free:421.37 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 44098610)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 3F62A595)
Partition 1: (Active) - (Size=468.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=462.8 GB) - (Type=07 NTFS)

==================== Ende von Ergebnis ============================

schrauber 18.08.2015 07:15
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307




Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

eganahl 18.08.2015 09:42
Bing.vc
 
Hallo Schrauber,
kann es denn sein das sich Bing.vc aufgelöst hat oder warum sehe ich nichts mehr wenn ich FF oder IE starte? Ist es möglich das eines dieser Programme den Code gelöscht hat??
Wäre ja zu schön....nur um Deine Mühe zu belohnen müsste ich Dir auch was gutes tun, nur was!

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x64
Ran by Egon Ganahl on 18.08.2015 at 10:29:28,62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Users\Egon Ganahl\AppData\Roaming\mozilla\firefox\profiles\ev1mev4h.default\user.js





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.08.2015 at 10:31:20,93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
# AdwCleaner v5.001 - Bericht erstellt 18/08/2015 um 10:37:12
# Aktualisiert 17/08/2015 von Xplode
# Datenbank : 2015-08-16.2 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Egon Ganahl - BÜRO-PC
# Gestarted von : C:\Users\Egon Ganahl\Downloads\adwcleaner_5.001.exe
# Option : Suchlauf

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


*************************

C:\AdwCleaner[C1].txt - [4747 Bytes] - [17/08/2015 12:40:55]
C:\AdwCleaner[C2].txt - [1118 Bytes] - [17/08/2015 12:49:32]
C:\AdwCleaner[C3].txt - [1212 Bytes] - [18/08/2015 10:18:00]
C:\AdwCleaner[S1].txt - [4457 Bytes] - [17/08/2015 12:39:46]
C:\AdwCleaner[S2].txt - [824 Bytes] - [17/08/2015 12:48:22]
C:\AdwCleaner[S3].txt - [1383 Bytes] - [18/08/2015 09:56:46]
C:\AdwCleaner[S4].txt - [1041 Bytes] - [18/08/2015 10:16:29]
C:\AdwCleaner[S5].txt - [1037 Bytes] - [18/08/2015 10:37:12]

########## EOF - C:\AdwCleaner[S5].txt - [1099 Bytes] ##########

schrauber 18.08.2015 18:45
Dann machen wir noch Kontrollscans :)



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

eganahl 19.08.2015 12:12
Hallo Schrauber sind meine letzten Werte angekommen???? Habe das Problem das wenn ich all die Test mache und die Logs eintrage komme ich nie bis zum Ende, das trojaner-board hat mich bis dahin schon wieder raus geschmissen. Bei der Neueinwahl ist von meinem mühsam gesammelten Daten nichts mehr vorhanden. Mein zweiter Versuch ist ebenso gescheitert.

MfG
eganahl

schrauber 20.08.2015 06:34
Versuch mal die Logs einzeln zu posten.

eganahl 20.08.2015 12:01
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=711f424ff002984f988988154f1ac081
# end=init
# utc_time=2015-08-19 10:02:34
# local_time=2015-08-19 12:02:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25346
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=711f424ff002984f988988154f1ac081
# end=updated
# utc_time=2015-08-19 10:05:22
# local_time=2015-08-19 12:05:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=711f424ff002984f988988154f1ac081
# engine=25346
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-19 10:53:59
# local_time=2015-08-19 12:53:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Total Security'
# compatibility_mode=1301 16777213 100 100 49425 67560469 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 67479 191611489 0 0
# scanned=348497
# found=0
# cleaned=0
# scan_time=2916
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=711f424ff002984f988988154f1ac081
# end=init
# utc_time=2015-08-20 09:59:14
# local_time=2015-08-20 11:59:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25364
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=711f424ff002984f988988154f1ac081
# end=updated
# utc_time=2015-08-20 10:00:04
# local_time=2015-08-20 12:00:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=711f424ff002984f988988154f1ac081
# engine=25364
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-20 10:32:50
# local_time=2015-08-20 12:32:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Total Security'
# compatibility_mode=1301 16777213 100 100 9511 67645600 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 8789 191696620 0 0
# scanned=276319
# found=0
# cleaned=0
# scan_time=1965
Code:
Results of screen317's Security Check version 1.006 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Total Security 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 18.0.0.232 
 Mozilla Firefox (40.0.2)
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-08-2015
durchgeführt von Egon Ganahl (Administrator) auf BÜRO-PC (20-08-2015 12:54:38)
Gestartet von C:\Users\Egon Ganahl\Downloads
Geladene Profile: Egon Ganahl (Verfügbare Profile: Egon Ganahl)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) D:\Tools\CCleaner\CCleaner.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) D:\Mozilla Thunderbird\thunderbird.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11613288 2010-11-19] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3111880 2015-07-23] (Logitech, Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2010-11-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [465536 2010-11-08] (ASUSTek Computer Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1972276942-304031086-505706886-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=752&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-1972276942-304031086-505706886-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKU\S-1-5-21-1972276942-304031086-505706886-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=752&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-03-13] (Atheros Commnucations)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-07-23] (Logitech, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{95B84472-BE5B-46CC-98AE-08578117D65A}: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Egon Ganahl\AppData\Roaming\Mozilla\Firefox\Profiles\ev1mev4h.default
FF DefaultSearchUrl: hxxps://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: hxxps://de.yahoo.com/?fr=hp-avast&type=752
FF Keyword.URL: hxxps://de.search.yahoo.com/yhs/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-14] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\text-tools\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\text-tools\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-14] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\text-tools\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-08-12] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-08-12] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-08-12] ()
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\text-tools\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1972276942-304031086-505706886-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> d:\text-tools\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-06-08] (Tracker Software Products (Canada) Ltd.)
FF Extension: German Dictionary - C:\Users\Egon Ganahl\AppData\Roaming\Mozilla\Firefox\Profiles\ev1mev4h.default\Extensions\de-DE@dictionaries.addons.mozilla.org [2015-08-18]
FF Extension: Logitech Device Detection - C:\Users\Egon Ganahl\AppData\Roaming\Mozilla\Firefox\Profiles\ev1mev4h.default\Extensions\DeviceDetection@logitech.com [2015-08-18]
FF Extension: Browser-Security - C:\Users\Egon Ganahl\AppData\Roaming\Mozilla\Firefox\Profiles\ev1mev4h.default\Extensions\firefox@browser-security.de.xpi [2015-08-18]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Egon Ganahl\AppData\Roaming\Mozilla\Firefox\Profiles\ev1mev4h.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-08-18]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-08-12]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-08-12]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-08-12]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [258688 2010-12-02] (ASUSTeK Computer Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.14\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [Datei ist nicht signiert]
S2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.2\avp.exe [194000 2015-07-09] (Kaspersky Lab ZAO)
S2 CLKMSVC10_4C1DB90F; d:\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243464 2013-09-02] (CyberLink)
S2 CLKMSVC10_9475A87B; D:\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [246256 2010-05-14] (CyberLink)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-04-16] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [244904 2009-07-02] () [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 MBAMScheduler; "\mbamscheduler.exe" [X]
S2 MBAMService; "\mbamservice.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [334208 2010-11-21] (Microsoft Corporation)
R5 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R5 amdxata; C:\Windows\System32\drivers\amdxata.sys [27008 2011-03-11] (Advanced Micro Devices)
R3 ASFLTDrv.sys; C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [16512 2010-09-16] (ASUSTeK Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R5 atapi; C:\Windows\System32\drivers\atapi.sys [24128 2009-07-14] (Microsoft Corporation)
R5 CLFS; C:\Windows\System32\CLFS.sys [367552 2015-03-04] (Microsoft Corporation)
R5 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-07-09] (Kaspersky Lab UK Ltd)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [459336 2015-06-03] (Microsoft Corporation)
R5 Disk; C:\Windows\System32\drivers\disk.sys [73280 2009-07-14] (Microsoft Corporation)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [70224 2009-07-14] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [289664 2010-11-21] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [23408 2012-03-01] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [223752 2013-01-24] (Microsoft Corporation)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-08-17] ()
R5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [14720 2010-11-21] (Microsoft Corporation)
R5 iaStor; C:\Windows\System32\DRIVERS\iaStor.sys [557848 2011-04-26] (Intel Corporation)
R5 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [120920 2010-08-10] (JMicron Technology Corp.)
R5 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-07-09] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-07-09] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-07-09] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-07-09] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-07-09] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-07-09] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-07-09] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-07-09] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-07-09] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-07-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-07-09] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-07-09] (Kaspersky Lab ZAO)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [95680 2015-07-15] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [155584 2015-07-15] (Microsoft Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\System32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [94656 2015-07-15] (Microsoft Corporation)
R5 msahci; C:\Windows\System32\drivers\msahci.sys [31104 2010-11-21] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [15424 2009-07-14] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [60496 2009-07-14] (Microsoft Corporation)
R5 mv91xx; C:\Windows\System32\DRIVERS\mv91xx.sys [297000 2010-08-27] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [950128 2012-08-22] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [75120 2012-03-17] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [184704 2010-11-21] (Microsoft Corporation)
R5 pciide; C:\Windows\System32\drivers\pciide.sys [12352 2009-07-14] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50768 2009-07-14] (Microsoft Corporation)
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [213888 2010-11-21] (Microsoft Corporation)
R5 spldr; C:\Windows\System32\Drivers\spldr.sys [19008 2009-07-14] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [1903552 2014-04-05] (Microsoft Corporation)
R1 VDiskBus; C:\Windows\System32\DRIVERS\VDiskBus64.sys [43136 2010-09-21] (ASUSTeK Computer Inc.)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [36432 2009-07-14] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [71552 2010-11-21] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [363392 2010-11-21] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [295808 2010-11-21] (Microsoft Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [785624 2013-06-26] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Code:
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-20 12:47 - 2015-08-20 12:47 - 00000000 ____D C:\Users\Egon Ganahl\Downloads\FRST-OlderVersion
2015-08-20 09:51 - 2015-08-20 12:43 - 00042193 _____ C:\Windows\WindowsUpdate.log
2015-08-20 09:50 - 2015-08-20 09:50 - 06058664 _____ (WiseCleaner.com ) C:\Users\Egon Ganahl\Downloads\WiseCare365_DE(1).exe
2015-08-19 23:22 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 23:22 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 23:22 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-19 23:22 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 17:41 - 2015-08-19 17:41 - 00069112 _____ C:\Users\Egon Ganahl\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-19 17:23 - 2015-08-19 17:23 - 05708712 _____ (WiseCleaner.com ) C:\Users\Egon Ganahl\Downloads\WiseCare365_DE.exe
2015-08-19 12:57 - 2015-08-19 12:57 - 00045475 _____ C:\Users\Egon Ganahl\Downloads\Addition.txt
2015-08-19 11:14 - 2015-08-19 11:14 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-18 22:15 - 2015-08-20 12:54 - 00020785 _____ C:\Users\Egon Ganahl\Downloads\FRST.txt
2015-08-18 22:14 - 2015-08-20 12:47 - 02173952 _____ (Farbar) C:\Users\Egon Ganahl\Downloads\FRST64.exe
2015-08-18 22:09 - 2015-08-18 22:09 - 00852684 _____ C:\Users\Egon Ganahl\Downloads\SecurityCheck.exe
2015-08-18 21:05 - 2015-08-18 21:06 - 02870984 _____ (ESET) C:\Users\Egon Ganahl\Downloads\esetsmartinstaller_deu.exe
2015-08-18 18:43 - 2015-08-18 18:43 - 00040480 _____ C:\Users\Egon Ganahl\Documents\Zielbaumdurchforstung.odt
2015-08-18 18:27 - 2015-08-18 18:27 - 00000867 _____ C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2015-08-18 18:27 - 2015-08-18 18:27 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2015-08-18 18:19 - 2015-08-18 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer
2015-08-18 15:00 - 2015-08-18 15:00 - 00000000 ____D C:\Windows\pss
2015-08-18 10:37 - 2015-08-18 10:37 - 00001167 _____ C:\AdwCleaner[S5].txt
2015-08-18 10:36 - 2015-08-18 10:36 - 00000882 _____ C:\Users\Egon Ganahl\Desktop\Downloads.lnk
2015-08-18 10:18 - 2015-08-18 10:18 - 00001212 _____ C:\AdwCleaner[C3].txt
2015-08-18 10:16 - 2015-08-18 10:16 - 00001041 _____ C:\AdwCleaner[S4].txt
2015-08-18 10:15 - 2015-08-18 10:15 - 01573888 _____ C:\Users\Egon Ganahl\Downloads\adwcleaner_5.001.exe
2015-08-18 09:56 - 2015-08-18 09:57 - 00001383 _____ C:\AdwCleaner[S3].txt
2015-08-17 23:52 - 2015-08-17 23:52 - 00002544 _____ C:\Windows\diagwrn.xml
2015-08-17 23:52 - 2015-08-17 23:52 - 00001890 _____ C:\Windows\diagerr.xml
2015-08-17 22:18 - 2015-08-17 22:19 - 01791580 _____ (Malwarebytes Corporation) C:\Users\Egon Ganahl\Downloads\JRT.exe
2015-08-17 19:46 - 2015-08-17 19:46 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-08-17 19:42 - 2015-08-17 19:42 - 00000658 _____ C:\Windows\system32\.crusader
2015-08-17 19:39 - 2015-08-17 19:43 - 00000000 ____D C:\ProgramData\HitmanPro
2015-08-17 19:38 - 2015-08-17 19:39 - 11032736 _____ (SurfRight B.V.) C:\Users\Egon Ganahl\Downloads\HitmanPro_x64.exe
2015-08-17 17:09 - 2015-08-17 18:39 - 00000000 ____D C:\Users\Public\Documents\Stronghold AntiMalware
2015-08-17 17:08 - 2015-08-17 17:08 - 07481032 _____ (Security Stronghold ) C:\Users\Egon Ganahl\Downloads\StrongholdAntiMalware.exe
2015-08-17 14:31 - 2015-08-20 12:54 - 00000000 ____D C:\FRST
2015-08-17 13:07 - 2015-08-17 13:15 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-17 13:06 - 2015-08-17 13:06 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Egon Ganahl\Downloads\mbar-1.09.1.1004.exe
2015-08-17 13:06 - 2015-08-17 13:06 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-17 12:49 - 2015-08-17 12:49 - 00001118 _____ C:\AdwCleaner[C2].txt
2015-08-17 12:48 - 2015-08-17 12:48 - 00000824 _____ C:\AdwCleaner[S2].txt
2015-08-17 12:40 - 2015-08-17 12:40 - 00004747 _____ C:\AdwCleaner[C1].txt
2015-08-17 12:39 - 2015-08-17 12:48 - 00000000 ____D C:\AdwCleaner
2015-08-17 12:39 - 2015-08-17 12:40 - 00004457 _____ C:\AdwCleaner[S1].txt
2015-08-17 12:15 - 2015-08-14 16:17 - 00000828 _____ C:\Users\Egon Ganahl\Documents\indexfile.txt
2015-08-17 11:32 - 2015-08-17 11:32 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-08-17 10:45 - 2015-08-17 10:52 - 00000312 _____ C:\Windows\system32\config\afw_hm.conf
2015-08-17 10:45 - 2015-08-17 10:52 - 00000004 _____ C:\Windows\system32\config\afw_db.conf
2015-08-17 10:25 - 2015-08-17 20:59 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\QuickScan
2015-08-16 23:25 - 2015-08-18 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-16 23:25 - 2015-08-16 23:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-16 23:09 - 2015-08-16 23:09 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\GWX
2015-08-16 23:08 - 2015-08-17 12:43 - 00003150 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-16 22:34 - 2015-08-16 22:34 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Macromedia
2015-08-16 19:06 - 2015-08-16 19:06 - 00000000 _____ C:\Windows\system32\SBRC.dat
2015-08-16 18:55 - 2015-08-16 18:55 - 00000000 ____D C:\ProgramData\VIPRE
2015-08-16 18:44 - 2015-08-16 21:53 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-08-16 00:03 - 2015-08-17 13:07 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-15 23:18 - 2015-08-17 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-15 23:00 - 2015-08-15 23:00 - 00000000 _____ C:\autoexec.bat
2015-08-15 22:21 - 2015-08-16 00:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Intel Drivers Update Utility
2015-08-15 22:21 - 2015-08-15 22:23 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Intel Drivers Update Utility
2015-08-15 14:49 - 2015-08-15 14:49 - 00000000 ____D C:\Users\Egon Ganahl\Downloads\FixWin
2015-08-15 12:58 - 2015-08-15 13:00 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Deployment
2015-08-15 12:58 - 2015-08-15 12:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\cardxperts Rainer Kerner
2015-08-15 12:58 - 2015-08-15 12:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Apps\2.0
2015-08-15 11:08 - 2015-08-15 11:08 - 00000000 ____D C:\Users\Egon Ganahl\Documents\DxO FilmPack 3
2015-08-15 11:08 - 2015-08-15 11:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DxO FilmPack 3
2015-08-15 11:08 - 2015-08-15 11:08 - 00000000 ____D C:\ProgramData\DxO Labs
2015-08-15 09:49 - 2015-08-15 09:49 - 00000000 ___RD C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-08-15 09:48 - 2015-08-16 00:58 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-15 09:48 - 2015-08-15 09:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-08-14 23:35 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2015-08-14 23:35 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2015-08-14 23:34 - 2015-08-14 23:34 - 00000793 _____ C:\Users\Public\Desktop\Biet-O-Matic.lnk
2015-08-14 23:34 - 2015-08-14 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Biet-O-Matic
2015-08-14 23:34 - 2003-01-07 03:22 - 00015873 _____ C:\Windows\SysWOW64\Inetde.dll
2015-08-14 23:34 - 2000-12-06 00:00 - 00109248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mswinsck.ocx
2015-08-14 23:34 - 2000-10-02 00:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb6de.dll
2015-08-14 23:34 - 2000-04-03 20:06 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winskde.dll
2015-08-14 23:34 - 2000-04-03 20:05 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll
2015-08-14 23:34 - 1999-07-14 14:07 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stdftde.dll
2015-08-14 23:34 - 1998-07-06 00:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscmcde.dll
2015-08-14 23:34 - 1998-07-06 00:00 - 00022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctde.dll
2015-08-14 23:34 - 1998-06-24 00:00 - 00209192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Tabctl32.ocx
2015-08-14 23:30 - 2015-08-14 23:34 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\BOM
2015-08-14 17:21 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-14 17:21 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-14 17:21 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-14 17:21 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-14 17:21 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-14 17:21 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-14 17:21 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-14 17:21 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-14 17:21 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-14 17:21 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-14 17:21 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-14 17:21 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-14 17:21 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-14 17:21 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-14 17:21 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-14 17:21 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-14 17:21 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-14 17:21 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-14 17:21 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-14 17:21 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-14 17:21 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-14 17:21 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-14 17:21 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-14 17:21 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-14 17:21 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-14 17:21 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-14 17:21 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-14 17:21 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-14 17:21 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-14 17:21 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-14 17:21 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-14 17:21 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-14 17:21 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-14 17:21 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-14 17:21 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-14 17:21 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-14 17:21 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-14 17:21 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-14 17:21 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-14 17:21 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-14 17:21 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-14 17:21 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-14 17:21 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-14 17:21 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-14 17:21 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-14 17:21 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-14 17:21 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-14 17:21 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-14 17:21 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-14 17:21 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-14 17:21 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-14 17:21 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-14 17:21 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-14 17:21 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-14 17:21 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-14 17:21 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-14 17:21 - 2011-02-25 08:19 - 02871808 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-08-14 17:21 - 2011-02-25 07:30 - 02616320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-08-14 17:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2015-08-14 17:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2015-08-14 17:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2015-08-14 17:20 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2015-08-14 17:20 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2015-08-14 17:20 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2015-08-14 17:20 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2015-08-14 17:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2015-08-14 17:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2015-08-14 17:20 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2015-08-14 17:20 - 2013-11-26 10:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-14 17:20 - 2013-11-23 00:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-14 17:20 - 2012-07-06 22:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-08-14 17:20 - 2012-02-11 08:36 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2015-08-14 17:20 - 2012-02-11 08:36 - 00067072 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2015-08-14 17:20 - 2011-04-28 05:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-08-14 17:20 - 2011-03-11 08:41 - 00410496 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorV.sys
2015-08-14 17:20 - 2011-03-11 08:41 - 00166272 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvstor.sys
2015-08-14 17:20 - 2011-03-11 08:41 - 00148352 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvraid.sys
2015-08-14 17:20 - 2011-03-11 08:41 - 00107904 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdsata.sys
2015-08-14 17:20 - 2011-03-11 08:41 - 00027008 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdxata.sys
2015-08-14 17:20 - 2011-03-11 08:33 - 02565632 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2015-08-14 17:20 - 2011-03-11 08:30 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\fsutil.exe
2015-08-14 17:20 - 2011-03-11 07:33 - 01699328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2015-08-14 17:20 - 2011-03-11 07:31 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2015-08-14 17:20 - 2011-03-11 06:37 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2015-08-14 17:09 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-14 17:09 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-14 17:09 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-14 17:09 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-14 17:09 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-14 17:09 - 2015-02-03 05:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-08-14 17:09 - 2015-02-03 05:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-08-14 16:47 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2015-08-14 16:47 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2015-08-14 16:47 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2015-08-14 16:47 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2015-08-14 16:47 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2015-08-14 16:47 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2015-08-14 16:47 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2015-08-14 16:47 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2015-08-14 16:38 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 16:38 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 16:30 - 2015-08-14 16:30 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 16:30 - 2015-08-14 16:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 16:26 - 2015-01-09 01:44 - 00419936 _____ C:\Windows\SysWOW64\locale.nls
2015-08-14 16:26 - 2015-01-09 01:43 - 00419936 _____ C:\Windows\system32\locale.nls
2015-08-14 15:33 - 2015-02-04 05:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-08-14 15:33 - 2015-02-04 04:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-08-14 15:11 - 2015-08-20 12:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-14 15:11 - 2015-08-14 15:12 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-14 15:11 - 2015-08-14 15:12 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-14 15:11 - 2015-08-14 15:12 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-14 15:11 - 2015-08-14 15:11 - 00000000 ____D C:\Windows\system32\Macromed
2015-08-14 14:46 - 2015-08-14 14:47 - 00000000 ____D C:\Windows\system32\MRT
2015-08-14 14:46 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-08-14 11:47 - 2015-08-14 11:47 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-08-14 11:47 - 2015-08-14 11:47 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-08-14 11:47 - 2015-08-14 11:47 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-08-14 11:47 - 2015-08-14 11:47 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-08-14 11:47 - 2015-08-14 11:47 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-14 11:47 - 2015-08-14 11:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-08-14 11:42 - 2015-08-14 11:42 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-08-14 11:42 - 2015-08-14 11:42 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2015-08-14 10:52 - 2015-08-14 10:52 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\OpenOffice
2015-08-14 10:01 - 2015-08-14 10:01 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\GHISLER
2015-08-14 09:34 - 2015-08-14 09:34 - 00000000 ____D C:\Windows\CheckSur
2015-08-13 23:08 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2015-08-13 22:07 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-13 22:06 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-13 22:06 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-13 22:06 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-13 21:50 - 2015-08-13 21:50 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\NVIDIA Corporation
2015-08-13 14:26 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2015-08-13 14:26 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2015-08-13 14:26 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2015-08-13 14:26 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2015-08-13 14:26 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2015-08-13 14:26 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2015-08-13 14:26 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2015-08-13 14:26 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2015-08-13 13:42 - 2015-08-13 13:42 - 00003162 _____ C:\Windows\System32\Tasks\avastBCLRestart_firefox.exe
2015-08-13 13:23 - 2015-08-16 00:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\GHISLER
2015-08-13 13:10 - 2015-08-20 09:54 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-13 13:10 - 2015-08-13 13:10 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-13 13:10 - 2015-08-13 13:10 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Google
2015-08-13 13:08 - 2015-08-13 13:08 - 00001087 _____ C:\Users\Egon Ganahl\Desktop\googleearth.lnk
2015-08-13 13:04 - 2015-08-18 14:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\CrashDumps
2015-08-13 13:02 - 2015-01-09 05:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-08-13 13:02 - 2015-01-09 05:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-08-13 13:02 - 2015-01-09 05:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-08-13 13:02 - 2015-01-09 04:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-08-13 13:01 - 2015-08-13 13:01 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\FreeFLVConverter
2015-08-13 13:01 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-13 13:01 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-13 13:01 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-13 13:01 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-13 13:01 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-13 13:01 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-13 13:01 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-13 13:01 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-13 13:01 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-13 13:01 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-13 13:01 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-13 13:01 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-13 13:01 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-13 13:01 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-13 13:01 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-13 13:01 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-13 13:01 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-13 13:01 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-13 13:01 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-13 13:01 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-13 13:01 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-13 13:01 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-13 13:01 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-13 13:01 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-13 13:01 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-13 13:01 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-13 13:01 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-13 13:01 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-13 13:01 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-13 13:01 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-13 13:01 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-13 13:01 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-13 13:01 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-13 13:01 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-13 13:01 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-13 13:01 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-13 13:01 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-13 13:01 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-13 13:01 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-13 13:01 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-13 13:01 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-13 13:01 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-13 13:01 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-13 13:01 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-13 13:01 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-13 13:01 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-13 13:01 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-13 13:01 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-13 13:01 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-13 13:01 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-13 13:01 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-13 13:01 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-13 13:01 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-13 13:01 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-13 13:01 - 2015-07-10 19:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-13 13:01 - 2015-07-10 19:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-13 13:01 - 2015-07-10 19:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-13 13:01 - 2015-07-10 19:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-13 13:01 - 2015-07-10 19:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-13 13:01 - 2015-07-10 19:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-13 13:01 - 2015-06-03 22:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-08-13 13:01 - 2015-06-03 22:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-08-13 13:01 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-08-13 13:01 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-08-13 13:01 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-08-13 13:01 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-08-13 13:01 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-08-13 13:01 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-08-13 13:01 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-08-13 13:01 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-08-13 13:01 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-08-13 13:01 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-08-13 13:01 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-08-13 13:01 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-08-13 13:01 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-08-13 13:01 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-08-13 13:01 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-08-13 13:01 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-08-13 13:01 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-08-13 13:01 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-08-13 13:01 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-08-13 13:01 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-08-13 13:01 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-08-13 13:01 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-08-13 13:01 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-08-13 13:01 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-08-13 13:01 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-08-13 13:01 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-08-13 13:01 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-08-13 13:01 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-08-13 13:01 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-08-13 13:01 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-08-13 13:01 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-08-13 13:01 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-08-13 13:01 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-08-13 13:01 - 2015-02-03 05:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-08-13 13:01 - 2015-02-03 05:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-08-13 13:01 - 2015-02-03 05:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-08-13 13:01 - 2015-02-03 05:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-08-13 13:01 - 2015-02-03 05:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2015-08-13 13:01 - 2015-02-03 05:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2015-08-13 13:01 - 2015-02-03 05:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-08-13 13:01 - 2015-02-03 05:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2015-08-13 13:01 - 2015-02-03 05:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-08-13 13:01 - 2015-02-03 05:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2015-08-13 13:01 - 2015-02-03 05:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2015-08-13 13:01 - 2015-02-03 05:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2015-08-13 13:01 - 2015-02-03 05:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2015-08-13 13:01 - 2015-02-03 05:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2015-08-13 13:01 - 2015-02-03 05:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2015-08-13 13:01 - 2015-02-03 05:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-08-13 13:01 - 2015-02-03 05:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2015-08-13 13:01 - 2015-02-03 05:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2015-08-13 13:01 - 2015-02-03 05:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2015-08-13 13:01 - 2015-02-03 04:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-08-13 13:01 - 2014-12-11 19:47 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-08-13 13:01 - 2014-11-01 00:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-08-13 13:01 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2015-08-13 13:01 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2015-08-13 13:01 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-08-13 13:01 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2015-08-13 13:01 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-08-13 13:01 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-08-13 13:01 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2015-08-13 13:01 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2015-08-13 13:01 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2015-08-13 13:01 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2015-08-13 13:01 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2015-08-13 13:01 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2015-08-13 13:01 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2015-08-13 13:01 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2015-08-13 13:01 - 2012-01-04 12:44 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2015-08-13 13:01 - 2012-01-04 10:58 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2015-08-13 13:01 - 2011-11-17 08:35 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2015-08-13 13:01 - 2011-11-17 07:35 - 00314880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2015-08-13 13:01 - 2011-09-22 11:05 - 01081616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx
2015-08-13 13:01 - 2011-09-22 11:05 - 00364544 _____ C:\Windows\SysWOW64\PropertyGrid.ocx
2015-08-13 13:01 - 2011-09-22 11:05 - 00208500 _____ C:\Windows\SysWOW64\ReyXpBasics.tlb
2015-08-13 13:01 - 2011-09-22 11:05 - 00152848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMDLG32.OCX
2015-08-13 13:01 - 2011-09-22 11:05 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2015-08-13 13:01 - 2011-09-22 11:05 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2015-08-13 13:01 - 2011-09-22 11:05 - 00084512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PICCLP32.OCX
2015-08-13 13:01 - 2011-09-22 11:05 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2015-08-13 13:01 - 2011-09-22 11:05 - 00024576 _____ C:\Windows\SysWOW64\ControlSubX.ocx
2015-08-13 13:01 - 2011-09-22 11:05 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCCLPFR.DLL
2015-08-13 13:01 - 2011-06-16 07:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2015-08-13 13:01 - 2011-06-16 06:33 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2015-08-13 13:01 - 2011-06-15 12:02 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2015-08-13 13:01 - 2011-06-15 12:02 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2015-08-13 13:01 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2015-08-13 13:01 - 2011-06-15 12:02 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2015-08-13 13:01 - 2011-06-15 10:55 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2015-08-13 13:01 - 2011-06-15 10:55 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2015-08-13 13:01 - 2011-06-15 10:55 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2015-08-13 13:01 - 2011-06-15 10:55 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2015-08-13 13:01 - 2011-06-15 10:55 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2015-08-13 13:01 - 2011-05-04 07:25 - 02315776 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2015-08-13 13:01 - 2011-05-04 07:22 - 02223616 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2015-08-13 13:01 - 2011-05-04 07:22 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2015-08-13 13:01 - 2011-05-04 07:22 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2015-08-13 13:01 - 2011-05-04 07:22 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2015-08-13 13:01 - 2011-05-04 07:22 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2015-08-13 13:01 - 2011-05-04 07:19 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2015-08-13 13:01 - 2011-05-04 07:19 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2015-08-13 13:01 - 2011-05-04 07:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2015-08-13 13:01 - 2011-05-04 06:34 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2015-08-13 13:01 - 2011-05-04 06:32 - 01401344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2015-08-13 13:01 - 2011-05-04 06:32 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2015-08-13 13:01 - 2011-05-04 06:32 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2015-08-13 13:01 - 2011-05-04 06:32 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2015-08-13 13:01 - 2011-05-04 06:32 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2015-08-13 13:01 - 2011-05-04 06:28 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2015-08-13 13:01 - 2011-05-04 06:28 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2015-08-13 13:01 - 2011-05-04 06:28 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2015-08-13 13:01 - 2010-12-23 12:42 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2015-08-13 13:01 - 2010-12-23 12:42 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2015-08-13 13:01 - 2010-12-23 12:36 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2015-08-13 13:01 - 2010-12-23 07:54 - 00850944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2015-08-13 13:01 - 2010-12-23 07:54 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2015-08-13 13:01 - 2010-12-23 07:50 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2015-08-13 13:00 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-13 13:00 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-13 13:00 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-13 13:00 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-13 13:00 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-13 13:00 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-13 13:00 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-13 13:00 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-13 13:00 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-13 13:00 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-08-13 13:00 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-08-13 13:00 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-13 13:00 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-13 13:00 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-13 13:00 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-13 13:00 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-08-13 13:00 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-08-13 13:00 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-08-13 13:00 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-08-13 13:00 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-08-13 13:00 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-08-13 13:00 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-08-13 13:00 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-08-13 13:00 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-08-13 13:00 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-08-13 13:00 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-08-13 13:00 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-08-13 13:00 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-08-13 13:00 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-08-13 13:00 - 2015-06-03 22:17 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-08-13 13:00 - 2015-04-27 21:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-08-13 13:00 - 2015-04-27 21:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-08-13 13:00 - 2015-04-27 21:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-08-13 13:00 - 2015-04-27 21:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-08-13 13:00 - 2015-04-27 21:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-08-13 13:00 - 2015-04-27 21:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-08-13 13:00 - 2015-04-27 21:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-08-13 13:00 - 2015-04-27 21:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-08-13 13:00 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-08-13 13:00 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-08-13 13:00 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-08-13 13:00 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-08-13 13:00 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-08-13 13:00 - 2015-02-03 05:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-08-13 13:00 - 2015-02-03 05:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll
2015-08-13 13:00 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-08-13 13:00 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-08-13 13:00 - 2014-12-19 05:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-08-13 13:00 - 2014-12-19 03:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-08-13 13:00 - 2014-12-06 06:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-08-13 13:00 - 2014-12-06 05:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll
2015-08-13 13:00 - 2014-12-06 05:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll
2015-08-13 13:00 - 2014-11-11 03:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-08-13 13:00 - 2014-10-14 04:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2015-08-13 13:00 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2015-08-13 13:00 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2015-08-13 13:00 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2015-08-13 13:00 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2015-08-13 13:00 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2015-08-13 13:00 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2015-08-13 13:00 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2015-08-13 13:00 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2015-08-13 13:00 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2015-08-13 13:00 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2015-08-13 13:00 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-08-13 13:00 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-13 13:00 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-13 13:00 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2015-08-13 13:00 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2015-08-13 13:00 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2015-08-13 13:00 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2015-08-13 13:00 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2015-08-13 13:00 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2015-08-13 13:00 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2015-08-13 13:00 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2015-08-13 13:00 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2015-08-13 13:00 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2015-08-13 13:00 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2015-08-13 13:00 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2015-08-13 13:00 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2015-08-13 13:00 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2015-08-13 13:00 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2015-08-13 13:00 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2015-08-13 13:00 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2015-08-13 13:00 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2015-08-13 13:00 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2015-08-13 13:00 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2015-08-13 13:00 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2015-08-13 13:00 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2015-08-13 13:00 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2015-08-13 13:00 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2015-08-13 13:00 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2015-08-13 13:00 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2015-08-13 13:00 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2015-08-13 13:00 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2015-08-13 13:00 - 2013-10-19 04:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2015-08-13 13:00 - 2013-10-19 03:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2015-08-13 13:00 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2015-08-13 13:00 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2015-08-13 13:00 - 2013-10-04 04:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2015-08-13 13:00 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2015-08-13 13:00 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2015-08-13 13:00 - 2013-10-04 03:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2015-08-13 13:00 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2015-08-13 13:00 - 2013-07-25 11:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2015-08-13 13:00 - 2013-07-25 10:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2015-08-13 13:00 - 2013-07-12 12:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2015-08-13 13:00 - 2013-07-03 06:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2015-08-13 13:00 - 2013-07-03 06:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2015-08-13 13:00 - 2013-06-26 00:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2015-08-13 13:00 - 2013-04-26 01:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2015-08-13 13:00 - 2013-04-01 00:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2015-08-13 13:00 - 2013-02-12 06:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-08-13 13:00 - 2012-11-29 01:02 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2015-08-13 13:00 - 2012-11-29 01:02 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2015-08-13 13:00 - 2012-11-29 01:02 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2015-08-13 13:00 - 2012-11-02 07:59 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2015-08-13 13:00 - 2012-11-02 07:11 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2015-08-13 13:00 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2015-08-13 13:00 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll
2015-08-13 13:00 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll
2015-08-13 13:00 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2015-08-13 13:00 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2015-08-13 13:00 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2015-08-13 13:00 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2015-08-13 13:00 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys
2015-08-13 13:00 - 2012-08-22 20:12 - 00950128 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-13 13:00 - 2012-07-04 22:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\RNDISMP.sys
2015-08-13 13:00 - 2012-03-01 08:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2015-08-13 13:00 - 2012-03-01 08:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2015-08-13 13:00 - 2012-03-01 07:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2015-08-13 13:00 - 2011-12-30 08:26 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2015-08-13 13:00 - 2011-12-30 07:27 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2015-08-13 13:00 - 2011-03-11 08:34 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-08-13 13:00 - 2011-03-11 08:34 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-08-13 13:00 - 2011-03-11 07:33 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-08-13 13:00 - 2011-03-11 07:33 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-08-13 13:00 - 2011-03-03 08:24 - 00357888 _____ (Microsoft Corporation)

eganahl 20.08.2015 12:03
Code:
C:\Windows\system32\dnsapi.dll
2015-08-13 13:00 - 2011-03-03 08:24 - 00183296 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2015-08-13 13:00 - 2011-03-03 08:21 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2015-08-13 13:00 - 2011-03-03 07:38 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2015-08-13 13:00 - 2011-03-03 07:36 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2015-08-13 12:59 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-13 12:59 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-13 12:59 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-13 12:59 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-13 12:59 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-13 12:59 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-13 12:59 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-13 12:59 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-13 12:59 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-13 12:59 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-13 12:59 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-13 12:59 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-13 12:59 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-13 12:59 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-13 12:59 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-08-13 12:59 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-08-13 12:59 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-08-13 12:59 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-08-13 12:59 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-08-13 12:59 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-08-13 12:59 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-08-13 12:59 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-08-13 12:59 - 2015-02-25 05:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-08-13 12:59 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-08-13 12:59 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-08-13 12:59 - 2015-01-17 04:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-08-13 12:59 - 2015-01-17 04:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-08-13 12:59 - 2014-11-26 05:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-08-13 12:59 - 2014-11-26 05:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-08-13 12:59 - 2014-11-11 05:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-08-13 12:59 - 2014-11-11 04:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-08-13 12:59 - 2014-11-08 05:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-13 12:59 - 2014-11-08 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-13 12:59 - 2014-10-30 04:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2015-08-13 12:59 - 2014-10-30 03:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2015-08-13 12:59 - 2014-10-25 03:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2015-08-13 12:59 - 2014-10-25 03:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2015-08-13 12:59 - 2014-10-03 04:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2015-08-13 12:59 - 2014-10-03 04:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2015-08-13 12:59 - 2014-10-03 04:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2015-08-13 12:59 - 2014-10-03 04:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2015-08-13 12:59 - 2014-10-03 04:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2015-08-13 12:59 - 2014-10-03 03:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2015-08-13 12:59 - 2014-10-03 03:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2015-08-13 12:59 - 2014-10-03 03:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2015-08-13 12:59 - 2014-10-03 03:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2015-08-13 12:59 - 2014-10-03 03:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2015-08-13 12:59 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2015-08-13 12:59 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2015-08-13 12:59 - 2014-08-12 04:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2015-08-13 12:59 - 2014-08-12 03:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2015-08-13 12:59 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-08-13 12:59 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2015-08-13 12:59 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2015-08-13 12:59 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2015-08-13 12:59 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2015-08-13 12:59 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-08-13 12:59 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2015-08-13 12:59 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2015-08-13 12:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2015-08-13 12:59 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2015-08-13 12:59 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2015-08-13 12:59 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2015-08-13 12:59 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2015-08-13 12:59 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2015-08-13 12:59 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2015-08-13 12:59 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2015-08-13 12:59 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2015-08-13 12:59 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2015-08-13 12:59 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2015-08-13 12:59 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2015-08-13 12:59 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2015-08-13 12:59 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2015-08-13 12:59 - 2013-09-08 04:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2015-08-13 12:59 - 2013-09-08 04:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2015-08-13 12:59 - 2013-07-26 04:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2015-08-13 12:59 - 2013-07-26 03:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2015-08-13 12:59 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2015-08-13 12:59 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2015-08-13 12:59 - 2013-04-26 07:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-08-13 12:59 - 2013-04-26 06:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2015-08-13 12:59 - 2013-04-10 08:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2015-08-13 12:59 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2015-08-13 12:59 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2015-08-13 12:59 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2015-08-13 12:59 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2015-08-13 12:59 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2015-08-13 12:59 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2015-08-13 12:59 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2015-08-13 12:59 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2015-08-13 12:59 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2015-08-13 12:59 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2015-08-13 12:59 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2015-08-13 12:59 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2015-08-13 12:59 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2015-08-13 12:59 - 2012-11-23 05:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2015-08-13 12:59 - 2012-09-26 00:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2015-08-13 12:59 - 2012-09-26 00:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2015-08-13 12:59 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe
2015-08-13 12:59 - 2012-07-05 00:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2015-08-13 12:59 - 2012-07-05 00:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2015-08-13 12:59 - 2012-07-05 00:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2015-08-13 12:59 - 2012-07-04 23:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2015-08-13 12:59 - 2012-07-04 23:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2015-08-13 12:59 - 2012-04-26 07:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2015-08-13 12:59 - 2012-04-26 07:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2015-08-13 12:59 - 2012-03-17 09:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2015-08-13 12:59 - 2011-08-17 07:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2015-08-13 12:59 - 2011-08-17 07:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2015-08-13 12:59 - 2011-08-17 06:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2015-08-13 12:59 - 2011-08-17 06:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2015-08-13 12:59 - 2011-05-24 13:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2015-08-13 12:59 - 2011-05-24 12:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2015-08-13 12:59 - 2011-05-24 12:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2015-08-13 12:59 - 2011-05-24 12:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2015-08-13 12:59 - 2011-05-24 12:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2015-08-13 12:59 - 2011-04-29 05:06 - 00467456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-13 12:59 - 2011-04-29 05:05 - 00410112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2015-08-13 12:59 - 2011-04-29 05:05 - 00168448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2015-08-13 12:59 - 2011-02-05 19:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2015-08-13 12:59 - 2011-02-05 19:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2015-08-13 12:59 - 2011-02-05 19:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2015-08-13 12:59 - 2011-02-03 13:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2015-08-13 12:58 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-13 12:58 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-13 12:58 - 2014-12-08 05:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-08-13 12:58 - 2014-12-08 04:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-08-13 12:58 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2015-08-13 12:58 - 2013-10-12 04:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2015-08-13 12:58 - 2013-10-12 04:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2015-08-13 12:58 - 2013-10-12 04:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2015-08-13 12:58 - 2013-10-12 04:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2015-08-13 12:58 - 2013-10-12 03:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2015-08-13 12:58 - 2013-10-12 03:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2015-08-13 12:58 - 2013-10-12 03:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2015-08-13 12:58 - 2013-10-12 03:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2015-08-13 12:58 - 2013-05-13 07:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2015-08-13 12:58 - 2013-05-13 05:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2015-08-13 12:58 - 2013-05-13 05:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2015-08-13 12:58 - 2013-05-13 05:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2015-08-13 12:58 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2015-08-13 12:58 - 2011-12-16 10:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2015-08-13 12:58 - 2011-12-16 09:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2015-08-13 12:58 - 2011-05-03 07:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-13 12:58 - 2011-05-03 06:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-13 12:58 - 2011-02-18 12:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2015-08-13 12:58 - 2011-02-18 07:39 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2015-08-13 12:58 - 2011-02-12 13:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2015-08-13 12:57 - 2015-03-04 06:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-08-13 12:57 - 2015-03-04 06:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-08-13 12:57 - 2015-03-04 06:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-08-13 12:57 - 2012-05-14 07:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-08-13 12:57 - 2011-10-15 08:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2015-08-13 12:57 - 2011-10-15 07:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2015-08-13 12:57 - 2011-08-27 07:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2015-08-13 12:57 - 2011-08-27 06:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2015-08-13 12:57 - 2011-02-23 06:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2015-08-13 12:55 - 2015-08-13 12:55 - 00000606 _____ C:\Users\Egon Ganahl\Desktop\pica - Verknüpfung.lnk
2015-08-13 12:54 - 2012-06-06 08:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2015-08-13 12:54 - 2012-06-06 07:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-13 12:50 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-13 12:50 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-13 12:50 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-13 12:50 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-13 12:50 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-13 12:50 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-13 12:50 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-13 12:50 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-13 12:50 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-13 12:50 - 2013-10-12 04:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-08-13 12:50 - 2013-10-12 04:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-08-13 12:50 - 2013-10-12 04:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-08-13 12:50 - 2013-10-12 04:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-08-13 12:50 - 2013-10-12 04:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-08-13 12:50 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2015-08-13 12:48 - 2015-08-13 12:49 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\elfopatch
2015-08-13 12:47 - 2015-08-13 12:47 - 00003152 _____ C:\Windows\System32\Tasks\{EB2835B7-9C9A-425F-8763-D90A7AAA6371}
2015-08-13 12:46 - 2015-08-13 12:46 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\elsterformular
2015-08-13 12:46 - 2015-08-13 12:46 - 00000000 ____D C:\ProgramData\elsterformular
2015-08-13 12:45 - 2015-08-15 12:16 - 00000000 ____D C:\ProgramData\Adobe
2015-08-13 12:43 - 2015-08-13 12:47 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Adobe
2015-08-12 22:23 - 2015-08-12 22:23 - 00001344 _____ C:\Users\Egon Ganahl\Desktop\Zoner.lnk
2015-08-12 22:16 - 2015-08-12 22:16 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Zoner
2015-08-12 22:16 - 2015-08-12 22:16 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Zoner
2015-08-12 22:16 - 2015-08-12 22:16 - 00000000 ____D C:\ProgramData\Zoner
2015-08-12 21:56 - 2015-08-12 21:56 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Logishrd
2015-08-12 21:52 - 2015-08-12 21:56 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2015-08-12 21:52 - 2015-08-12 21:56 - 00000000 ____D C:\Program Files\Common Files\Logishrd
2015-08-12 21:52 - 2015-08-12 21:52 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Leadertech
2015-08-12 21:52 - 2015-08-12 21:52 - 00000000 ____D C:\Program Files\Logitech
2015-08-12 21:43 - 2015-08-12 21:43 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\EIZO
2015-08-12 21:42 - 2015-08-15 11:05 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Downloaded Installations
2015-08-12 21:34 - 2015-08-12 21:34 - 00000997 _____ C:\Users\Egon Ganahl\Desktop\TOTALCMD64.lnk
2015-08-12 21:34 - 2015-08-12 21:34 - 00000612 _____ C:\Users\Egon Ganahl\Desktop\MozBackup.lnk
2015-08-12 21:22 - 2015-08-12 21:22 - 00000000 ____D C:\Users\Egon Ganahl\Documents\CyberLink
2015-08-12 21:21 - 2015-08-12 21:21 - 00000000 ____D C:\Users\Public\CyberLink
2015-08-12 21:19 - 2015-08-12 21:19 - 00000985 _____ C:\Users\Egon Ganahl\Desktop\Thunderbird.lnk
2015-08-12 21:18 - 2015-08-12 21:18 - 00000000 ____D C:\ProgramData\LightScribe
2015-08-12 21:15 - 2015-08-12 21:15 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Power2Go
2015-08-12 20:35 - 2012-02-17 08:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2015-08-12 20:35 - 2012-02-17 07:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2015-08-12 20:35 - 2012-02-17 06:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2015-08-12 19:53 - 2015-08-14 09:48 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Microsoft Games
2015-08-12 19:43 - 2015-08-12 19:43 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Packages
2015-08-12 19:38 - 2015-08-12 19:47 - 00000000 ____D C:\ProgramData\install_clap
2015-08-12 19:38 - 2015-08-12 19:38 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2015-08-12 19:37 - 2015-08-17 18:40 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2015-08-12 19:36 - 2015-08-12 19:37 - 00000000 ____D C:\ProgramData\CLSK
2015-08-12 19:30 - 2015-08-12 19:46 - 00000000 _____ C:\Windows\lgfwup.ini
2015-08-12 19:30 - 2011-09-22 11:05 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2015-08-12 19:30 - 2001-08-29 21:00 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wbemdisp.tlb
2015-08-12 19:30 - 2000-05-22 16:58 - 00115920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2015-08-12 19:30 - 1998-07-22 00:00 - 00102160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6KO.DLL
2015-08-12 19:25 - 2015-08-12 19:42 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll
2015-08-12 19:25 - 2015-08-12 19:42 - 00029480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2015-08-12 19:25 - 2015-08-12 19:24 - 00353576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll
2015-08-12 19:23 - 2015-08-12 21:22 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\CyberLink
2015-08-12 19:23 - 2015-08-12 21:22 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Cyberlink
2015-08-12 19:23 - 2015-08-12 19:23 - 00000000 ____D C:\Program Files (x86)\Cyberlink
2015-08-12 19:22 - 2015-08-15 11:25 - 00000000 ___RD C:\Users\Egon Ganahl\Desktop\Grafik-Tools
2015-08-12 19:22 - 2015-08-13 13:05 - 00000000 ____D C:\Users\Egon Ganahl\Desktop\GPS-Tools
2015-08-12 19:20 - 2015-08-17 10:10 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-08-12 19:20 - 2015-08-17 10:10 - 00000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-08-12 19:20 - 2015-08-17 10:10 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-08-12 19:20 - 2015-08-12 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Blu-ray Disc Suite
2015-08-12 19:19 - 2015-08-12 21:23 - 00000000 ____D C:\ProgramData\CyberLink
2015-08-12 19:18 - 2015-08-12 19:47 - 00000000 ____D C:\ProgramData\Temp
2015-08-12 19:10 - 2015-08-12 21:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-08-12 19:10 - 2015-08-12 21:55 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2015-08-12 18:40 - 2015-08-13 13:42 - 00001375 _____ C:\Users\Egon Ganahl\Desktop\Internet Explorer (64-bit).lnk
2015-08-12 18:36 - 2015-08-20 10:13 - 00000000 ____D C:\Users\Egon Ganahl\Desktop\Tools
2015-08-12 18:36 - 2015-08-18 23:18 - 00000000 ____D C:\Users\Egon Ganahl\Desktop\Text-Tools
2015-08-12 18:36 - 2015-08-14 10:52 - 00000000 ___RD C:\Users\Egon Ganahl\Desktop\Spiele
2015-08-12 18:36 - 2015-08-12 18:36 - 00000000 ____D C:\Users\Egon Ganahl\Desktop\Player-Tolls
2015-08-12 18:16 - 2015-08-12 21:55 - 00000000 ____D C:\ProgramData\LogiShrd
2015-08-12 18:16 - 2015-08-12 18:16 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Logitech
2015-08-12 18:15 - 2015-08-13 12:48 - 00000000 ____D C:\ProgramData\Package Cache
2015-08-12 18:15 - 2015-08-12 19:10 - 00000000 ____D C:\Program Files\Logitech Gaming Software
2015-08-12 18:14 - 2015-08-12 21:52 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Logitech
2015-08-12 18:14 - 2015-08-12 21:50 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Logishrd
2015-08-12 18:13 - 2015-08-12 18:13 - 82596072 _____ (Logitech Inc.) C:\Users\Egon Ganahl\Downloads\LGS_8.70.315_x64_Logitech.exe
2015-08-12 17:58 - 2015-08-13 21:50 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\NVIDIA
2015-08-12 17:54 - 2015-08-12 17:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-12 17:54 - 2015-07-24 06:21 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-12 17:54 - 2015-07-24 06:21 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-08-12 17:54 - 2015-07-24 06:21 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-08-12 17:54 - 2015-07-24 06:21 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-12 17:54 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2015-08-12 17:54 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2015-08-12 17:54 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2015-08-12 17:54 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2015-08-12 17:54 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2015-08-12 17:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2015-08-12 17:53 - 2015-08-20 09:54 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-12 17:53 - 2015-08-13 22:07 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-08-12 17:53 - 2015-08-07 13:06 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-12 17:53 - 2015-08-07 13:06 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-12 17:53 - 2015-08-07 06:34 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-12 17:53 - 2015-08-07 06:34 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-12 17:53 - 2015-08-07 06:34 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-12 17:53 - 2015-08-07 06:34 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-12 17:53 - 2015-08-07 06:34 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-12 17:53 - 2015-08-07 06:34 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-12 17:53 - 2015-08-03 12:12 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-08-12 17:52 - 2015-08-14 23:37 - 01622000 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-12 17:51 - 2015-08-13 22:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-12 17:50 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-12 17:50 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-12 17:50 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-12 17:50 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-12 17:50 - 2015-08-07 13:06 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-12 17:50 - 2015-08-07 13:06 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-12 17:50 - 2015-07-25 01:28 - 01567576 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-08-12 17:50 - 2015-07-25 01:28 - 00204648 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-08-12 17:50 - 2015-07-25 01:28 - 00040280 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-08-12 17:50 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-08-12 17:50 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-08-12 17:50 - 2015-07-03 06:28 - 00069992 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-08-12 17:50 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-08-12 17:50 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-12 17:49 - 2015-08-12 17:54 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-08-12 17:48 - 2015-08-12 17:48 - 00002303 _____ C:\Users\Egon Ganahl\Desktop\Sicherer Zahlungsverkehr.lnk
2015-08-12 17:47 - 2015-08-20 10:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-08-12 17:47 - 2015-08-12 17:47 - 00002053 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2015-08-12 17:47 - 2015-08-12 17:47 - 00000000 ____D C:\Windows\ELAMBKUP
2015-08-12 17:47 - 2015-08-12 17:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2015-08-12 17:47 - 2015-08-12 17:47 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-08-12 17:47 - 2015-07-09 19:11 - 00850608 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2015-08-12 17:47 - 2015-07-09 19:11 - 00225976 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klhk.sys
2015-08-12 17:47 - 2015-07-09 19:11 - 00159960 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2015-08-12 17:47 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-08-12 17:45 - 2015-08-12 17:48 - 292456168 _____ (NVIDIA Corporation) C:\Users\Egon Ganahl\Downloads\353.62-desktop-win8-win7-winvista-64bit-international-whql.exe
2015-08-12 17:39 - 2015-08-12 17:41 - 204170304 _____ C:\Users\Egon Ganahl\Downloads\kts15.0.1.415de-de.exe
2015-08-12 17:31 - 2015-08-17 23:45 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-12 17:31 - 2015-08-17 23:45 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-08-12 17:31 - 2015-08-16 00:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Mozilla
2015-08-12 16:03 - 2015-08-19 17:26 - 00000000 ____D C:\Windows\Panther
2015-08-12 15:56 - 2015-08-12 17:31 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Mozilla
2015-08-12 15:56 - 2015-08-12 16:04 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\Thunderbird
2015-08-12 15:56 - 2015-08-12 15:56 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Thunderbird
2015-08-12 15:42 - 2015-08-13 12:43 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Adobe
2015-08-12 15:42 - 2015-08-12 15:42 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Macromedia
2015-08-12 15:37 - 2015-08-12 15:38 - 00000000 ____D C:\ProgramData\Atheros
2015-08-12 15:37 - 2015-08-12 15:37 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Intel Corporation
2015-08-12 15:37 - 2015-08-12 15:37 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\BMExplorer
2015-08-12 15:31 - 2015-08-12 15:31 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ICCWDT_01009.Wdf
2015-08-12 15:31 - 2015-08-12 15:31 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2015-08-12 15:31 - 2009-07-14 08:21 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2015-08-12 15:30 - 2015-08-12 15:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2015-08-12 15:30 - 2010-11-08 14:57 - 00014464 _____ (ASUSTek Computer Inc.) C:\Windows\system32\Drivers\AiChargerPlus.sys
2015-08-12 15:30 - 2008-12-02 20:05 - 00184320 _____ (ASUSTeK) C:\Windows\SysWOW64\Drivers\UpdateHelper.dll
2015-08-12 15:29 - 2015-08-12 15:33 - 00000000 ____D C:\Program Files (x86)\ASUS
2015-08-12 15:29 - 2015-08-12 15:31 - 00000090 _____ C:\setup.log
2015-08-12 15:29 - 2015-08-12 15:30 - 00000000 ____D C:\Windows\System32\Tasks\ASUS
2015-08-12 15:29 - 2015-08-12 15:29 - 00000000 ____D C:\ProgramData\ASUS
2015-08-12 15:29 - 2010-11-25 09:12 - 00011832 ____N C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2015-08-12 15:29 - 2010-08-24 09:16 - 00013440 ____R C:\Windows\SysWOW64\Drivers\AsIO.sys
2015-08-12 15:29 - 2010-06-29 09:41 - 00028672 ____R (ASUSTek Computer Inc.) C:\Windows\SysWOW64\AsIO.dll
2015-08-12 15:27 - 2015-08-12 15:27 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_btath_hcrp_01009.Wdf
2015-08-12 15:25 - 2015-08-12 15:38 - 00000000 ____D C:\Users\Egon Ganahl\Documents\Bluetooth Folder
2015-08-12 15:24 - 2015-08-12 15:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
2015-08-12 15:24 - 2015-08-12 15:25 - 00000000 ____D C:\Program Files (x86)\Bluetooth Suite
2015-08-12 15:22 - 2015-08-12 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Asmedia Technology
2015-08-12 15:22 - 2015-08-12 15:22 - 00000000 ____D C:\Program Files (x86)\ASM104xUSB3
2015-08-12 15:18 - 2015-08-12 15:18 - 00000000 ____D C:\Program Files\Intel
2015-08-12 15:18 - 2010-05-07 11:41 - 00314568 ____R (Intel Corporation) C:\Windows\system32\PROUnstl.exe
2015-08-12 15:18 - 2006-01-12 08:52 - 00001904 ____N C:\Windows\system32\SetupBD.din
2015-08-12 15:17 - 2010-09-21 08:34 - 00313520 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2015-08-12 15:17 - 2010-07-30 18:56 - 00068264 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2015-08-12 15:17 - 2010-07-26 19:30 - 00091840 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2015-08-12 15:17 - 2009-12-23 13:12 - 00003114 _____ C:\Windows\system32\e1c62x64.din
2015-08-12 15:17 - 2009-05-26 04:05 - 00036472 _____ (Intel Corporation) C:\Windows\system32\NicCo36.dll
2015-08-12 15:16 - 2015-08-12 15:16 - 00000000 ____D C:\Windows\RaidTool
2015-08-12 15:16 - 2015-08-12 15:16 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
2015-08-12 15:16 - 2015-08-12 15:16 - 00000000 ____D C:\Program Files (x86)\Marvell
2015-08-12 15:16 - 2010-08-10 11:29 - 00120920 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2015-08-12 15:16 - 2009-07-14 03:15 - 00315904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Difx6ee8.rra
2015-08-12 15:15 - 2015-08-12 15:15 - 00016896 _____ (ASUS) C:\Windows\AsTaskSched.dll
2015-08-12 15:15 - 2011-02-22 11:59 - 00008192 _____ C:\Windows\system32\Drivers\IntelMEFWVer.dll
2015-08-12 15:15 - 2010-10-19 16:34 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2015-08-12 15:14 - 2015-08-12 15:15 - 00000000 ___HD C:\Program Files (x86)\Temp
2015-08-12 15:14 - 2015-08-12 15:14 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-08-12 15:14 - 2015-08-12 15:14 - 00000000 ____D C:\Program Files\Realtek
2015-08-12 15:14 - 2015-08-12 15:14 - 00000000 ____D C:\Program Files (x86)\Realtek
2015-08-12 15:14 - 2010-11-23 12:44 - 01247848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-08-12 15:14 - 2010-11-23 12:16 - 02565736 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-08-12 15:14 - 2010-11-22 05:39 - 00626792 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-08-12 15:14 - 2010-11-18 09:01 - 02813544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2015-08-12 15:14 - 2010-11-18 09:01 - 02186344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-08-12 15:14 - 2010-11-18 05:49 - 00121744 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2015-08-12 15:14 - 2010-11-15 16:56 - 02580824 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib.dll
2015-08-12 15:14 - 2010-11-15 16:56 - 01870680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek.dll
2015-08-12 15:14 - 2010-11-11 07:27 - 00083048 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2015-08-12 15:14 - 2010-11-08 12:36 - 00544768 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-08-12 15:14 - 2010-11-08 01:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-08-12 15:14 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-08-12 15:14 - 2010-11-08 01:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-08-12 15:14 - 2010-11-08 01:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-08-12 15:14 - 2010-11-08 01:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-08-12 15:14 - 2010-11-08 01:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-08-12 15:14 - 2010-11-03 12:31 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-08-12 15:14 - 2010-11-03 12:31 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-08-12 15:14 - 2010-11-03 12:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 01327208 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 01179752 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 01111656 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00504936 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00491112 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00475752 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00317032 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00269928 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00266856 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00126056 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00125544 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2015-08-12 15:14 - 2010-11-03 12:29 - 00125032 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2015-08-12 15:14 - 2010-11-02 03:35 - 01718616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2015-08-12 15:14 - 2010-11-02 03:35 - 00127832 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2015-08-12 15:14 - 2010-11-02 03:34 - 00421720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2015-08-12 15:14 - 2010-11-02 03:34 - 00108888 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2015-08-12 15:14 - 2010-11-02 03:34 - 00074584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2015-08-12 15:14 - 2010-10-29 04:29 - 01937312 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-08-12 15:14 - 2010-10-28 04:46 - 01251944 ____R (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2015-08-12 15:14 - 2010-10-03 07:46 - 00341336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2015-08-12 15:14 - 2010-09-27 03:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-08-12 15:14 - 2010-07-22 10:48 - 00220496 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFNHK64.dll
2015-08-12 15:14 - 2010-07-22 10:48 - 00081232 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFCOM64.dll
2015-08-12 15:14 - 2010-07-22 10:48 - 00078160 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\system32\SFAPO64.dll
2015-08-12 15:14 - 2010-07-22 10:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2015-08-12 15:14 - 2010-07-22 10:37 - 00200800 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-08-12 15:14 - 2010-05-06 11:34 - 00334680 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2015-08-12 15:14 - 2009-11-24 03:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-08-12 15:14 - 2009-11-24 03:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-08-12 15:14 - 2009-11-24 03:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-08-12 15:14 - 2009-11-24 03:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-08-12 15:14 - 2009-11-18 12:42 - 02197264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2015-08-12 15:14 - 2009-11-17 12:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-08-12 15:13 - 2015-08-17 18:40 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-12 15:13 - 2015-08-12 15:13 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-08-12 15:13 - 2015-08-12 15:13 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Roaming\InstallShield
2015-08-12 15:13 - 2011-04-26 11:07 - 00557848 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2015-08-12 15:12 - 2015-08-12 15:31 - 00000000 ____D C:\Program Files (x86)\Intel
2015-08-12 15:12 - 2010-12-23 05:09 - 00053248 ____R (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2015-08-12 15:11 - 2015-08-12 15:11 - 00029047 _____ C:\Windows\Ascd_tmp.ini
2015-08-12 15:11 - 2015-08-12 15:11 - 00001769 _____ C:\Windows\Language_trs.ini
2015-08-12 15:09 - 2015-08-17 23:45 - 00001409 _____ C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-12 15:09 - 2015-08-17 22:35 - 00000000 ____D C:\Users\Egon Ganahl
2015-08-12 15:09 - 2015-08-12 17:58 - 00000000 ____D C:\Users\Egon Ganahl\AppData\Local\VirtualStore
2015-08-12 15:09 - 2015-08-12 15:09 - 00000020 ___SH C:\Users\Egon Ganahl\ntuser.ini
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Vorlagen
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Startmenü
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Netzwerkumgebung
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Lokale Einstellungen
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Eigene Dateien
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Druckumgebung
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Documents\Eigene Musik
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Documents\Eigene Bilder
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\AppData\Local\Verlauf
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\AppData\Local\Anwendungsdaten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Egon Ganahl\Anwendungsdaten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\ProgramData\Favoriten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-08-12 15:09 - 2015-08-12 15:09 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-08-12 15:09 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 15:09 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Egon Ganahl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-12 15:06 - 2015-08-12 15:06 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2015-08-12 15:06 - 2015-08-12 15:06 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2015-08-12 15:05 - 2015-08-12 15:05 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-08-20 11:33 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-20 11:33 - 2009-07-14 06:45 - 00021664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-20 09:58 - 2010-11-21 08:50 - 00713958 _____ C:\Windows\system32\perfh007.dat
2015-08-20 09:58 - 2010-11-21 08:50 - 00154074 _____ C:\Windows\system32\perfc007.dat
2015-08-20 09:58 - 2009-07-14 07:13 - 01648656 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-20 09:56 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2015-08-20 09:54 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-19 17:05 - 2009-07-14 06:45 - 00304808 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-18 18:25 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-08-17 10:24 - 2009-07-14 05:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-17 10:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-08-16 22:13 - 2011-07-20 18:32 - 00000000 ____D C:\temp
2015-08-16 17:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\TAPI
2015-08-16 00:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\registration
2015-08-15 15:42 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-15 10:17 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\AppCompat
2015-08-14 17:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-08-14 17:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-08-14 16:58 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-14 16:58 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-14 16:51 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-08-14 16:41 - 2010-11-21 09:00 - 00000000 ____D C:\Program Files\Windows Journal
2015-08-14 16:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\tracing
2015-08-14 16:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-08-14 16:21 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-08-14 15:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\zh-HK
2015-08-14 15:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\tr-TR
2015-08-14 15:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\zh-HK
2015-08-14 15:12 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\tr-TR
2015-08-12 18:28 - 2009-07-14 05:20 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 16:03 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2015-08-12 16:03 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2015-08-12 15:25 - 2011-03-13 10:53 - 00246804 _____ C:\Windows\system32\Drivers\AtherosBt.bin
2015-08-12 15:16 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2015-08-12 15:09 - 2011-07-18 14:05 - 00000000 __SHD C:\Recovery
2015-08-12 15:09 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-12 15:09 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2015-08-12 15:06 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-08-12 15:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2008-02-05 13:28 - 2008-02-05 13:28 - 0000051 _____ () C:\Users\Egon Ganahl\AppData\Local\setup.txt

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-08-12 18:59

==================== Ende von Ergebnis ============================
[/CODE]

Hoffe das es dieses mal geklappt hat!
Danke

schrauber 21.08.2015 07:06
Bestehen aktuell noch Probleme?

eganahl 21.08.2015 16:57
Zur Zeit läuft alles in geordneten Bahnen, hoffe das sich der BING.vc nicht irgend wo versteckt hat und auf einmal wieder in Erscheinung tritt.
Wie Du an den Log`s gesehen hast verwende ich Kaspersky Internet Security 2015, hat mich aber vor dem Problem nicht geschützt.
Nochmals vielen Dank!

schrauber 22.08.2015 10:35
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

http://deeprybka.trojaner-board.de/b...ast/schild.pngAbsicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:
http://filepony.de/icon/emsisoft_anti_malware.png
Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131