Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Ständiger Befall von unerwünschten Programmen und Treiberprobleme unter Windows 7 (https://www.trojaner-board.de/173087-staendiger-befall-unerwuenschten-programmen-treiberprobleme-windows-7-a.html)

Thorstie 15.11.2015 11:49
Ständiger Befall von unerwünschten Programmen und Treiberprobleme unter Windows 7
 
Hallo Zusammen,

ich habe vor einigen Wochen eine Mahnung von einer augescheinlichen Amazonrechung bzw. Mahnung geöffnet. Im Dateianhang war eine DOS Datei. Bis ich richtig geschalten habe war es schon zu spät. Seit dem erkennt mein Kaspersky ständig bei neuem Hochfahren von Windows 7 unerwünschte Programme unter ProgrammData. Nach dem Desinfizieren kann man nichts mehr öffenen. Die Fehlermeldungen beziehen sich immer auf Dteien mit der Endung .dll! Auch die Rescue Disk von Kas. konnte nichts bewirken. Kennt sich jemand mit dem Problem und könnte mir helfen :kloppen:

Beste Grüße
Thorstie

deeprybka 15.11.2015 12:37
:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.



Los geht's:

Schritt 1
http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://deeprybka.trojaner-board.de/tdss/codetags.gif

Thorstie 15.11.2015 15:57
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (15-11-2015 15:51:30)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(NVIDIA Corporation) C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4278728 2015-11-11] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [son-bet] => C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe [135488 2015-10-25] (Realtek Semiconductor Corp.) <===== ACHTUNG
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Wondershare] => C:\Users\Thorsten\AppData\Roaming\twbgusbd\wadjswag.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [essay-weekend] => C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe [146432 2015-10-26] (Realtek Semiconductor Corp.) <===== ACHTUNG
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [gaasfet-3] => C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe [580608 2015-11-15] (American Megatrends, Inc)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\dfmea-4.lnk [2015-11-15]
ShortcutTarget: dfmea-4.lnk -> C:\Users\Thorsten\AppData\Roaming\dfmea-1\dfmea-04.exe (Intel(R) Corporation)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-15] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-15] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S1 bfrzcslo; \??\C:\Windows\system32\drivers\bfrzcslo.sys [X]
S1 hjaqokbf; \??\C:\Windows\system32\drivers\hjaqokbf.sys [X]
S1 ilnicvuq; \??\C:\Windows\system32\drivers\ilnicvuq.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S1 lwohbkep; \??\C:\Windows\system32\drivers\lwohbkep.sys [X]
S1 oflhqklh; \??\C:\Windows\system32\drivers\oflhqklh.sys [X]
S1 pzlwhhvl; \??\C:\Windows\system32\drivers\pzlwhhvl.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 15:51 - 2015-11-15 15:51 - 00027704 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-15 15:51 - 2015-11-15 15:51 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-15 15:51 - 02198528 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-15 11:41 - 2015-11-15 11:41 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\dfmea-1
2015-11-15 11:39 - 2015-11-15 11:41 - 00000000 ____D C:\ProgramData\oyn
2015-11-15 11:29 - 2015-11-15 11:29 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasfet-54
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 13:34 - 2015-11-15 11:37 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-15 15:00 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-15 15:00 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-15 15:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-15 13:31 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-10-16 09:41 - 2015-10-16 09:41 - 00000781 _____ C:\Users\Public\Desktop\World of Tanks 0.9.10.lnk
2015-10-16 09:41 - 2015-10-16 09:41 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-15 15:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-15 15:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-15 14:59 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-15 13:39 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:45 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-15 11:45 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-15 11:43 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-15 11:43 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-15 11:43 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-15 11:40 - 2015-02-19 10:30 - 01713301 _____ C:\Windows\WindowsUpdate.log
2015-11-15 11:37 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-15 11:37 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-15 11:37 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-15 11:37 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-15 11:37 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-15 11:37 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-15 11:37 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-15 11:37 - 2015-02-19 10:51 - 00202130 _____ C:\Windows\PFRO.log
2015-11-15 11:37 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-15 11:37 - 2009-07-14 05:51 - 00152505 _____ C:\Windows\setupact.log
2015-11-12 12:42 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-08 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft
2015-10-26 07:27 - 2015-02-19 11:16 - 00000000 __SHD C:\Users\Thorsten\AppData\Roaming\twbgusbd
2015-10-19 06:23 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder
2015-10-16 09:37 - 2015-08-23 12:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2015-10-16 09:37 - 2015-08-23 12:06 - 00000000 ____D C:\Program Files (x86)\OMC ModPack Client

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe


Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\CopyTransManagerMDHelper(1).exe
C:\Users\Thorsten\AppData\Local\Temp\CopyTransManagerMDHelper.exe
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp8se1g.dll
C:\Users\Thorsten\AppData\Local\Temp\GURA7A3.exe
C:\Users\Thorsten\AppData\Local\Temp\GURC679.exe
C:\Users\Thorsten\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Thorsten\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Thorsten\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Thorsten\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Thorsten\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Thorsten\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Thorsten\AppData\Local\Temp\nvStInst.exe
C:\Users\Thorsten\AppData\Local\Temp\Quarantine.exe
C:\Users\Thorsten\AppData\Local\Temp\sonarinst.exe
C:\Users\Thorsten\AppData\Local\Temp\sqlite3.dll
C:\Users\Thorsten\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Thorsten\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Thorsten (2015-11-15 15:52:13)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TEC-IT TBarCode Office 10 (HKLM\...\{B9C3D27C-D72A-4F48-A0A4-8E1758219735}) (Version: 10.6.0.13858 - TEC-IT Datenverarbeitung GmbH)
TECIT.TBarCode.ExcelAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\29813F0DC48E97541FBED4F14E3701CDE7C4C491) (Version: 1.0.0.0 - TECIT.TBarCode.ExcelAddIn)
TECIT.TBarCode.WordAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\71AE37307294CC1A34110ADBD07E07D1842629B9) (Version: 9.0.0.12803 - TECIT.TBarCode.WordAddIn)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000001-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-11-2015 22:47:40 DirectX wurde installiert
03-11-2015 07:50:55 Windows Update
08-11-2015 19:00:13 Windows-Sicherung
12-11-2015 08:06:39 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {23E47DB0-3544-4C4E-8122-3AF142D39CF2} - System32\Tasks\{FE343B28-0C3E-4572-A125-602BA17006E1} => pcalua.exe -a C:\Users\Thorsten\AppData\Roaming\mystartsearch\UninstallManager.exe -c  -ptid=sien
Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-11-01 22:48 - 2015-11-15 15:00 - 00348360 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll
2015-11-15 11:37 - 2015-11-15 11:37 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpp8se1g.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 06:35 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-10-01 19:30 - 2015-10-01 19:30 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\8db6991b5800d6791b92d33532627df2\PSIClient.ni.dll
2015-02-28 08:27 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-10-25 10:01 - 2015-10-25 10:01 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-25 10:01 - 2015-10-25 10:01 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{441BCDAB-F2FF-4FF2-9DA3-2944B02B50C9}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe] => (Allow) C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe
FirewallRules: [UDP Query User{030134B2-6BFA-4A00-8F5E-871122E4D09F}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe] => (Allow) C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{FA6D628A-9597-4D38-AFE0-C133A800113A}] => (Allow) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{A711E2D2-D963-4A6C-9C11-ABE0EFE722CA}] => (Allow) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/15/2015 11:37:32 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/15/2015 11:26:07 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/14/2015 10:20:45 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/14/2015 09:36:39 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/13/2015 07:08:03 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/13/2015 07:06:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.DllNotFoundException
Stapel:

Server stack trace:
  bei System.Net.UnsafeNclNativeMethods.SafeNetHandles_SECURITY.EnumerateSecurityPackagesW(Int32& pkgnum, SafeFreeContextBuffer_SECURITY& handle)
  bei System.Net.SafeFreeContextBuffer.EnumeratePackages(SecurDll Dll, Int32& pkgnum, SafeFreeContextBuffer& pkgArray)
  bei System.Net.SSPIAuthType.EnumerateSecurityPackages(Int32& pkgnum, SafeFreeContextBuffer& pkgArray)
  bei System.Net.SSPIWrapper.EnumerateSecurityPackages(SSPIInterface SecModule)
  bei System.Net.SSPIWrapper.GetVerifyPackageInfo(SSPIInterface secModule, String packageName, Boolean throwIfMissing)
  bei System.Net.NTAuthentication.Initialize(Boolean isServer, String package, NetworkCredential credential, String spn, ContextFlags requestedContextFlags, ChannelBinding channelBinding)
  bei System.Net.NTAuthentication..ctor(Boolean isServer, String package, NetworkCredential credential, String spn, ContextFlags requestedContextFlags, ChannelBinding channelBinding)
  bei System.Net.Security.NegoState.ValidateCreateContext(String package, Boolean isServer, NetworkCredential credential, String servicePrincipalName, ChannelBinding channelBinding, ProtectionLevel protectionLevel, TokenImpersonationLevel impersonationLevel)
  bei System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, ChannelBinding binding, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
  bei System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
  bei System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
  bei System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorBase.InitiateUpgrade(Stream stream)
  bei System.ServiceModel.Channels.ConnectionUpgradeHelper.InitiateUpgrade(StreamUpgradeInitiator upgradeInitiator, IConnection& connection, ClientFramingDecoder decoder, IDefaultCommunicationTimeouts defaultTimeouts, TimeoutHelper& timeoutHelper)
  bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)
  bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection connection, TimeoutHelper& timeoutHelper)
  bei System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
  bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
  bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
  bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
  bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
  bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
  bei IAStorDataMgrSvcInterfaces.IPublisher.Subscribe()
  bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
  bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()
  bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/13/2015 07:04:25 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/13/2015 01:15:27 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/13/2015 07:20:48 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/12/2015 09:38:49 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/15/2015 03:21:16 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISLAP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 03:15:56 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISDESKTOP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 03:08:09 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISLAP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:56:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISLAP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:51:51 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISDESKTOP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:45:51 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISDESKTOP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:44:10 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISLAP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:37:47 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISDESKTOP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:32:13 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISLAP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (11/15/2015 02:20:14 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "CHRISLAP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{720D4403-8F43-45B4-901C-BD8E031074EB}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 8185.51 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 20487.79 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:87.22 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1191.28 GB) NTFS
Drive e: (KRD10) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
So erstmal recht herzlichen Dank für den schnellen Einstieg. Müßte so passen? :party:

deeprybka 15.11.2015 18:08
Bei Dir ist jetzt mit dem PC erstmal Online-Shopping-Pause. ;)

Alle wichtigen Online-Passwörter bitte von einem sauberen PC oder Handy ändern.

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Thorstie 15.11.2015 19:23
Teil 1
 
Code:
1.0.5 Jul 24 2015 12:29:57
19:10:05.0982 0x1868  ============================================================
19:10:05.0982 0x1868  Current date / time: 2015/11/15 19:10:05.0982
19:10:05.0982 0x1868  SystemInfo:
19:10:05.0982 0x1868 
19:10:05.0982 0x1868  OS Version: 6.1.7601 ServicePack: 1.0
19:10:05.0982 0x1868  Product type: Workstation
19:10:05.0982 0x1868  ComputerName: PC-THORSTEN
19:10:05.0982 0x1868  UserName: Thorsten
19:10:05.0982 0x1868  Windows directory: C:\Windows
19:10:05.0982 0x1868  System windows directory: C:\Windows
19:10:05.0982 0x1868  Running under WOW64
19:10:05.0982 0x1868  Processor architecture: Intel x64
19:10:05.0982 0x1868  Number of processors: 8
19:10:05.0983 0x1868  Page size: 0x1000
19:10:05.0983 0x1868  Boot type: Normal boot
19:10:05.0983 0x1868  ============================================================
19:10:06.0113 0x1868  KLMD registered as C:\Windows\system32\drivers\39642311.sys
19:10:06.0297 0x1868  System UUID: {A274F541-6CED-3FC5-C90F-A0BA68BD3406}
19:10:07.0052 0x1868  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:10:07.0094 0x1868  Drive \Device\Harddisk1\DR1 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:10:07.0103 0x1868  ============================================================
19:10:07.0103 0x1868  \Device\Harddisk0\DR0:
19:10:07.0107 0x1868  MBR partitions:
19:10:07.0107 0x1868  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:10:07.0107 0x1868  \Device\Harddisk1\DR1:
19:10:07.0107 0x1868  MBR partitions:
19:10:07.0107 0x1868  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:10:07.0107 0x1868  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
19:10:07.0107 0x1868  ============================================================
19:10:07.0108 0x1868  C: <-> \Device\Harddisk1\DR1\Partition2
19:10:07.0354 0x1868  D: <-> \Device\Harddisk0\DR0\Partition1
19:10:07.0354 0x1868  ============================================================
19:10:07.0354 0x1868  Initialize success
19:10:07.0354 0x1868  ============================================================
19:10:15.0420 0x0664  ============================================================
19:10:15.0420 0x0664  Scan started
19:10:15.0420 0x0664  Mode: Manual;
19:10:15.0420 0x0664  ============================================================
19:10:15.0420 0x0664  KSN ping started
19:10:17.0780 0x0664  KSN ping finished: true
19:10:20.0196 0x0664  ================ Scan system memory ========================
19:10:20.0196 0x0664  System memory - ok
19:10:20.0197 0x0664  ================ Scan services =============================
19:10:20.0238 0x0664  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:10:20.0247 0x0664  1394ohci - ok
19:10:20.0277 0x0664  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:10:20.0288 0x0664  ACPI - ok
19:10:20.0292 0x0664  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
19:10:20.0294 0x0664  AcpiPmi - ok
19:10:20.0301 0x0664  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:10:20.0304 0x0664  Adobe LM Service - ok
19:10:20.0312 0x0664  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:10:20.0316 0x0664  AdobeARMservice - ok
19:10:20.0349 0x0664  [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:10:20.0357 0x0664  AdobeFlashPlayerUpdateSvc - ok
19:10:20.0378 0x0664  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
19:10:20.0393 0x0664  adp94xx - ok
19:10:20.0410 0x0664  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
19:10:20.0421 0x0664  adpahci - ok
19:10:20.0431 0x0664  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
19:10:20.0438 0x0664  adpu320 - ok
19:10:20.0447 0x0664  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
19:10:20.0450 0x0664  AeLookupSvc - ok
19:10:20.0458 0x0664  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters    C:\Program Files\IDT\WDM\AESTSr64.exe
19:10:20.0462 0x0664  AESTFilters - ok
19:10:20.0483 0x0664  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD            C:\Windows\system32\drivers\afd.sys
19:10:20.0499 0x0664  AFD - ok
19:10:20.0506 0x0664  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:10:20.0509 0x0664  agp440 - ok
19:10:20.0515 0x0664  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
19:10:20.0519 0x0664  ALG - ok
19:10:20.0523 0x0664  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:10:20.0525 0x0664  aliide - ok
19:10:20.0530 0x0664  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:10:20.0532 0x0664  amdide - ok
19:10:20.0538 0x0664  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
19:10:20.0542 0x0664  AmdK8 - ok
19:10:20.0548 0x0664  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:10:20.0551 0x0664  AmdPPM - ok
19:10:20.0558 0x0664  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
19:10:20.0563 0x0664  amdsata - ok
19:10:20.0574 0x0664  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:10:20.0581 0x0664  amdsbs - ok
19:10:20.0586 0x0664  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
19:10:20.0588 0x0664  amdxata - ok
19:10:20.0594 0x0664  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID          C:\Windows\system32\drivers\appid.sys
19:10:20.0597 0x0664  AppID - ok
19:10:20.0601 0x0664  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:10:20.0604 0x0664  AppIDSvc - ok
19:10:20.0610 0x0664  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo        C:\Windows\System32\appinfo.dll
19:10:20.0614 0x0664  Appinfo - ok
19:10:20.0622 0x0664  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:10:20.0626 0x0664  Apple Mobile Device Service - ok
19:10:20.0633 0x0664  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\DRIVERS\arc.sys
19:10:20.0637 0x0664  arc - ok
19:10:20.0644 0x0664  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:10:20.0649 0x0664  arcsas - ok
19:10:20.0655 0x0664  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
19:10:20.0658 0x0664  asahci64 - ok
19:10:20.0673 0x0664  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:10:20.0676 0x0664  aspnet_state - ok
19:10:20.0681 0x0664  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger  C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:10:20.0683 0x0664  AsrAppCharger - ok
19:10:20.0687 0x0664  [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
19:10:20.0690 0x0664  AsrRamDisk - ok
19:10:20.0694 0x0664  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:10:20.0697 0x0664  AsyncMac - ok
19:10:20.0701 0x0664  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
19:10:20.0703 0x0664  atapi - ok
19:10:20.0731 0x0664  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:10:20.0752 0x0664  AudioEndpointBuilder - ok
19:10:20.0779 0x0664  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:10:20.0799 0x0664  AudioSrv - ok
19:10:20.0814 0x0664  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
19:10:20.0821 0x0664  AVP16.0.0 - ok
19:10:20.0828 0x0664  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:10:20.0833 0x0664  AxInstSV - ok
19:10:20.0838 0x0664  AxtuDrv - ok
19:10:20.0858 0x0664  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
19:10:20.0873 0x0664  b06bdrv - ok
19:10:20.0887 0x0664  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:10:20.0896 0x0664  b57nd60a - ok
19:10:20.0906 0x0664  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:10:20.0910 0x0664  BDESVC - ok
19:10:20.0914 0x0664  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:10:20.0915 0x0664  Beep - ok
19:10:20.0943 0x0664  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
19:10:20.0966 0x0664  BFE - ok
19:10:20.0970 0x0664  bfrzcslo - ok
19:10:21.0003 0x0664  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:10:21.0031 0x0664  BITS - ok
19:10:21.0037 0x0664  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:10:21.0039 0x0664  blbdrive - ok
19:10:21.0058 0x0664  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:10:21.0073 0x0664  Bonjour Service - ok
19:10:21.0080 0x0664  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:10:21.0084 0x0664  bowser - ok
19:10:21.0089 0x0664  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:10:21.0091 0x0664  BrFiltLo - ok
19:10:21.0095 0x0664  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:10:21.0097 0x0664  BrFiltUp - ok
19:10:21.0106 0x0664  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
19:10:21.0112 0x0664  Browser - ok
19:10:21.0125 0x0664  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
19:10:21.0135 0x0664  Brserid - ok
19:10:21.0142 0x0664  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:10:21.0144 0x0664  BrSerWdm - ok
19:10:21.0148 0x0664  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:10:21.0150 0x0664  BrUsbMdm - ok
19:10:21.0155 0x0664  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:10:21.0156 0x0664  BrUsbSer - ok
19:10:21.0162 0x0664  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:10:21.0165 0x0664  BTHMODEM - ok
19:10:21.0174 0x0664  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
19:10:21.0178 0x0664  bthserv - ok
19:10:21.0185 0x0664  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:10:21.0189 0x0664  cdfs - ok
19:10:21.0199 0x0664  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
19:10:21.0205 0x0664  cdrom - ok
19:10:21.0211 0x0664  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
19:10:21.0215 0x0664  CertPropSvc - ok
19:10:21.0220 0x0664  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:10:21.0223 0x0664  circlass - ok
19:10:21.0239 0x0664  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:10:21.0251 0x0664  CLFS - ok
19:10:21.0260 0x0664  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:10:21.0263 0x0664  clr_optimization_v2.0.50727_32 - ok
19:10:21.0272 0x0664  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:10:21.0276 0x0664  clr_optimization_v2.0.50727_64 - ok
19:10:21.0292 0x0664  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:10:21.0297 0x0664  clr_optimization_v4.0.30319_32 - ok
19:10:21.0310 0x0664  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:10:21.0315 0x0664  clr_optimization_v4.0.30319_64 - ok
19:10:21.0320 0x0664  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:10:21.0322 0x0664  CmBatt - ok
19:10:21.0326 0x0664  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:10:21.0328 0x0664  cmdide - ok
19:10:21.0345 0x0664  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km          C:\Windows\system32\DRIVERS\cm_km.sys
19:10:21.0357 0x0664  cm_km - ok
19:10:21.0362 0x0664  [ 84FC81FF9F291A0FC8D10933C1748F66, 46B6C64659A24C1D4917963FECEC2D6AED516C047762F0B4E67651CF8241A7D8 ] CM_VENDER_CMD  C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys
19:10:21.0364 0x0664  CM_VENDER_CMD - ok
19:10:21.0384 0x0664  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG            C:\Windows\system32\Drivers\cng.sys
19:10:21.0399 0x0664  CNG - ok
19:10:21.0404 0x0664  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:10:21.0406 0x0664  Compbatt - ok
19:10:21.0411 0x0664  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:10:21.0414 0x0664  CompositeBus - ok
19:10:21.0417 0x0664  COMSysApp - ok
19:10:21.0423 0x0664  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
19:10:21.0425 0x0664  crcdisk - ok
19:10:21.0437 0x0664  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:10:21.0444 0x0664  CryptSvc - ok
19:10:21.0467 0x0664  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:10:21.0484 0x0664  DcomLaunch - ok
19:10:21.0498 0x0664  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
19:10:21.0509 0x0664  defragsvc - ok
19:10:21.0643 0x0664  [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
19:10:21.0754 0x0664  DevoloNetworkService - ok
19:10:21.0767 0x0664  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:10:21.0771 0x0664  DfsC - ok
19:10:21.0786 0x0664  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:10:21.0796 0x0664  Dhcp - ok
19:10:21.0802 0x0664  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:10:21.0804 0x0664  discache - ok
19:10:21.0810 0x0664  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:10:21.0813 0x0664  Disk - ok
19:10:21.0823 0x0664  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:10:21.0830 0x0664  Dnscache - ok
19:10:21.0843 0x0664  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
19:10:21.0852 0x0664  dot3svc - ok
19:10:21.0862 0x0664  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
19:10:21.0869 0x0664  DPS - ok
19:10:21.0873 0x0664  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
19:10:21.0874 0x0664  drmkaud - ok
19:10:21.0911 0x0664  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
19:10:21.0942 0x0664  DXGKrnl - ok
19:10:21.0950 0x0664  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
19:10:21.0955 0x0664  EapHost - ok
19:10:22.0074 0x0664  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
19:10:22.0172 0x0664  ebdrv - ok
19:10:22.0181 0x0664  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS            C:\Windows\System32\lsass.exe
19:10:22.0184 0x0664  EFS - ok
19:10:22.0213 0x0664  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
19:10:22.0235 0x0664  ehRecvr - ok
19:10:22.0244 0x0664  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
19:10:22.0249 0x0664  ehSched - ok
19:10:22.0271 0x0664  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
19:10:22.0288 0x0664  elxstor - ok
19:10:22.0293 0x0664  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:10:22.0295 0x0664  ErrDev - ok
19:10:22.0317 0x0664  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
19:10:22.0330 0x0664  EventSystem - ok
19:10:22.0340 0x0664  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
19:10:22.0347 0x0664  exfat - ok
19:10:22.0359 0x0664  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
19:10:22.0366 0x0664  fastfat - ok
19:10:22.0396 0x0664  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
19:10:22.0419 0x0664  Fax - ok
19:10:22.0425 0x0664  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
19:10:22.0428 0x0664  fdc - ok
19:10:22.0432 0x0664  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
19:10:22.0435 0x0664  fdPHost - ok
19:10:22.0440 0x0664  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:10:22.0443 0x0664  FDResPub - ok
19:10:22.0449 0x0664  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:10:22.0453 0x0664  FileInfo - ok
19:10:22.0457 0x0664  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
19:10:22.0460 0x0664  Filetrace - ok
19:10:22.0464 0x0664  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:10:22.0466 0x0664  flpydisk - ok
19:10:22.0480 0x0664  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:10:22.0490 0x0664  FltMgr - ok
19:10:22.0495 0x0664  [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
19:10:22.0497 0x0664  FNETTBOH_305 - ok
19:10:22.0502 0x0664  [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
19:10:22.0504 0x0664  FNETURPX - ok
19:10:22.0548 0x0664  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache      C:\Windows\system32\FntCache.dll
19:10:22.0584 0x0664  FontCache - ok
19:10:22.0591 0x0664  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:10:22.0594 0x0664  FontCache3.0.0.0 - ok
19:10:22.0599 0x0664  [ E495069F9FABD7D36BB743DB1FE5FB09, AE1505579453846B6876A5F2A9D480835FC349B44F592BD0C003FAE762EC4C4A ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
19:10:22.0601 0x0664  FreemakeVideoCapture - ok
19:10:22.0606 0x0664  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
19:10:22.0609 0x0664  FsDepends - ok
19:10:22.0614 0x0664  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:10:22.0616 0x0664  Fs_Rec - ok
19:10:22.0628 0x0664  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:10:22.0636 0x0664  fvevol - ok
19:10:22.0642 0x0664  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:10:22.0645 0x0664  gagp30kx - ok
19:10:22.0689 0x0664  [ B17D0BDBDDF4BD4709D6CA3147D409C0, B83F0D9891190226D2D7D50DE27B61B5FC04B6942C37B78856C45B3309527D9B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:10:22.0724 0x0664  GfExperienceService - ok
19:10:22.0756 0x0664  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
19:10:22.0781 0x0664  gpsvc - ok
19:10:22.0790 0x0664  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:10:22.0794 0x0664  gupdate - ok
19:10:22.0800 0x0664  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:10:22.0804 0x0664  gupdatem - ok
19:10:22.0813 0x0664  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:10:22.0820 0x0664  gusvc - ok
19:10:22.0826 0x0664  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:10:22.0828 0x0664  hcw85cir - ok
19:10:22.0843 0x0664  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:10:22.0855 0x0664  HdAudAddService - ok
19:10:22.0863 0x0664  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:10:22.0867 0x0664  HDAudBus - ok
19:10:22.0872 0x0664  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
19:10:22.0874 0x0664  HidBatt - ok
19:10:22.0881 0x0664  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:10:22.0885 0x0664  HidBth - ok
19:10:22.0891 0x0664  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
19:10:22.0894 0x0664  HidIr - ok
19:10:22.0899 0x0664  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
19:10:22.0902 0x0664  hidserv - ok
19:10:22.0907 0x0664  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:10:22.0909 0x0664  HidUsb - ok
19:10:22.0913 0x0664  hjaqokbf - ok
19:10:22.0920 0x0664  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:10:22.0925 0x0664  hkmsvc - ok
19:10:22.0937 0x0664  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:10:22.0946 0x0664  HomeGroupListener - ok
19:10:22.0956 0x0664  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:10:22.0964 0x0664  HomeGroupProvider - ok
19:10:22.0971 0x0664  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:10:22.0975 0x0664  HpSAMD - ok
19:10:22.0982 0x0664  [ B6639BF8236BDD3427B10C581332BE71, A6A9DB37BB83C70F01E7D99CA4891FD32F93A96C84215CFCC85AF41625C1023C ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
19:10:22.0986 0x0664  HPSupportSolutionsFrameworkService - ok
19:10:23.0016 0x0664  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:10:23.0040 0x0664  HTTP - ok
19:10:23.0045 0x0664  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:10:23.0047 0x0664  hwpolicy - ok
19:10:23.0054 0x0664  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:10:23.0059 0x0664  i8042prt - ok
19:10:23.0082 0x0664  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:10:23.0100 0x0664  iaStor - ok
19:10:23.0127 0x0664  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA        C:\Windows\system32\DRIVERS\iaStorA.sys
19:10:23.0146 0x0664  iaStorA - ok
19:10:23.0152 0x0664  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:10:23.0155 0x0664  IAStorDataMgrSvc - ok
19:10:23.0160 0x0664  [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF        C:\Windows\system32\DRIVERS\iaStorF.sys
19:10:23.0162 0x0664  iaStorF - ok
19:10:23.0179 0x0664  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
19:10:23.0193 0x0664  iaStorV - ok
19:10:23.0226 0x0664  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:10:23.0252 0x0664  idsvc - ok
19:10:23.0257 0x0664  IEEtwCollectorService - ok
19:10:23.0263 0x0664  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
19:10:23.0266 0x0664  iirsp - ok
19:10:23.0271 0x0664  [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
19:10:23.0273 0x0664  ikbevent - ok
19:10:23.0306 0x0664  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:10:23.0333 0x0664  IKEEXT - ok
19:10:23.0338 0x0664  ilnicvuq - ok
19:10:23.0343 0x0664  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
19:10:23.0345 0x0664  imsevent - ok
19:10:23.0492 0x0664  [ 6BDCC85422817FA53CD705ADE312CE6A, 2EBEDF34493B4AE34442A89ACBCDB2C39447F21FBB015BDD7935DE95DD217CD0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:10:23.0615 0x0664  IntcAzAudAddService - ok
19:10:23.0649 0x0664  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:10:23.0669 0x0664  Intel(R) Capability Licensing Service Interface - ok
19:10:23.0680 0x0664  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:10:23.0685 0x0664  Intel(R) ME Service - ok
19:10:23.0690 0x0664  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:10:23.0692 0x0664  intelide - ok
19:10:23.0698 0x0664  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:10:23.0701 0x0664  intelppm - ok
19:10:23.0708 0x0664  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
19:10:23.0713 0x0664  IPBusEnum - ok
19:10:23.0720 0x0664  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:10:23.0724 0x0664  IpFilterDriver - ok
19:10:23.0747 0x0664  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:10:23.0766 0x0664  iphlpsvc - ok
19:10:23.0774 0x0664  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
19:10:23.0777 0x0664  IPMIDRV - ok
19:10:23.0785 0x0664  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
19:10:23.0790 0x0664  IPNAT - ok
19:10:23.0815 0x0664  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:10:23.0835 0x0664  iPod Service - ok
19:10:23.0841 0x0664  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:10:23.0843 0x0664  IRENUM - ok
19:10:23.0847 0x0664  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:10:23.0849 0x0664  isapnp - ok
19:10:23.0863 0x0664  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:10:23.0872 0x0664  iScsiPrt - ok
19:10:23.0878 0x0664  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
19:10:23.0880 0x0664  ISCT - ok
19:10:23.0889 0x0664  [ 6F60B7AD044924B8C1E32D692C593612, 93EFBC2EC24E7B4B908010955F1B9A6DC231C7A4B55BE0D2DC6103E2A5457EC6 ] ISCTAgent      C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
19:10:23.0894 0x0664  ISCTAgent - ok
19:10:23.0899 0x0664  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:10:23.0901 0x0664  iusb3hcs - ok
19:10:23.0917 0x0664  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
19:10:23.0929 0x0664  iusb3hub - ok
19:10:23.0961 0x0664  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:10:23.0986 0x0664  iusb3xhc - ok
19:10:23.0992 0x0664  [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb          C:\Windows\system32\DRIVERS\ivusb.sys
19:10:23.0994 0x0664  ivusb - ok
19:10:24.0003 0x0664  [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:10:24.0009 0x0664  jhi_service - ok
19:10:24.0015 0x0664  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:10:24.0018 0x0664  kbdclass - ok
19:10:24.0023 0x0664  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:10:24.0026 0x0664  kbdhid - ok
19:10:24.0030 0x0664  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
19:10:24.0032 0x0664  KeyIso - ok
19:10:24.0053 0x0664  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1            C:\Windows\system32\DRIVERS\kl1.sys
19:10:24.0068 0x0664  kl1 - ok
19:10:24.0074 0x0664  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:10:24.0077 0x0664  klbackupdisk - ok
19:10:24.0083 0x0664  [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt    C:\Windows\system32\DRIVERS\klbackupflt.sys
19:10:24.0086 0x0664  klbackupflt - ok
19:10:24.0092 0x0664  [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
19:10:24.0096 0x0664  kldisk - ok
19:10:24.0106 0x0664  [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt          C:\Windows\system32\DRIVERS\klflt.sys
19:10:24.0112 0x0664  klflt - ok
19:10:24.0124 0x0664  [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
19:10:24.0132 0x0664  klhk - ok
19:10:24.0170 0x0664  [ 11586A6A85FF124F53E1435A34DD1707, 6291C3519EA53ACAA0594DAF4EDA41E1201F6CA9C7B0EF0B54CEF7BDB5DCD080 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:10:24.0199 0x0664  KLIF - ok
19:10:24.0206 0x0664  [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6          C:\Windows\system32\DRIVERS\klim6.sys
19:10:24.0208 0x0664  KLIM6 - ok
19:10:24.0213 0x0664  [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:10:24.0216 0x0664  klkbdflt - ok
19:10:24.0219 0x0664  klkbdflt2 - ok
19:10:24.0226 0x0664  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:10:24.0229 0x0664  klmouflt - ok
19:10:24.0234 0x0664  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
19:10:24.0237 0x0664  klpd - ok
19:10:24.0243 0x0664  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi          C:\Windows\system32\DRIVERS\kltdi.sys
19:10:24.0246 0x0664  kltdi - ok
19:10:24.0253 0x0664  [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp          C:\Windows\system32\DRIVERS\klwtp.sys
19:10:24.0258 0x0664  Klwtp - ok
19:10:24.0268 0x0664  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps          C:\Windows\system32\DRIVERS\kneps.sys
19:10:24.0275 0x0664  kneps - ok
19:10:24.0282 0x0664  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:10:24.0286 0x0664  KSecDD - ok
19:10:24.0295 0x0664  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
19:10:24.0301 0x0664  KSecPkg - ok
19:10:24.0306 0x0664  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
19:10:24.0308 0x0664  ksthunk - ok
19:10:24.0324 0x0664  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
19:10:24.0337 0x0664  KtmRm - ok
19:10:24.0355 0x0664  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
19:10:24.0368 0x0664  LADF_CaptureOnly - ok
19:10:24.0376 0x0664  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
19:10:24.0381 0x0664  LADF_RenderOnly - ok
19:10:24.0393 0x0664  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:10:24.0402 0x0664  LanmanServer - ok
19:10:24.0410 0x0664  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:10:24.0417 0x0664  LanmanWorkstation - ok
19:10:24.0425 0x0664  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
19:10:24.0427 0x0664  LGBusEnum - ok
19:10:24.0432 0x0664  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
19:10:24.0436 0x0664  LGSHidFilt - ok
19:10:24.0440 0x0664  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:10:24.0442 0x0664  LGVirHid - ok
19:10:24.0448 0x0664  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:10:24.0451 0x0664  lltdio - ok
19:10:24.0465 0x0664  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
19:10:24.0476 0x0664  lltdsvc - ok
19:10:24.0481 0x0664  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
19:10:24.0484 0x0664  lmhosts - ok
19:10:24.0496 0x0664  [ 6B5938A0B2C0855E2BFE77793A982EB5, A3D8174E3A3AC521EE6B03BD674069AC858320DEEE7CAE82DBCD64942D08F721 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:10:24.0505 0x0664  LMS - ok
19:10:24.0515 0x0664  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:10:24.0520 0x0664  LSI_FC - ok
19:10:24.0528 0x0664  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
19:10:24.0532 0x0664  LSI_SAS - ok
19:10:24.0539 0x0664  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:10:24.0542 0x0664  LSI_SAS2 - ok
19:10:24.0550 0x0664  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:10:24.0555 0x0664  LSI_SCSI - ok
19:10:24.0563 0x0664  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
19:10:24.0568 0x0664  luafv - ok
19:10:24.0572 0x0664  lwohbkep - ok
19:10:24.0577 0x0664  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
19:10:24.0580 0x0664  MBfilt - ok
19:10:24.0586 0x0664  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
19:10:24.0591 0x0664  Mcx2Svc - ok
19:10:24.0596 0x0664  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
19:10:24.0599 0x0664  megasas - ok
19:10:24.0612 0x0664  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:10:24.0622 0x0664  MegaSR - ok
19:10:24.0628 0x0664  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:10:24.0631 0x0664  MEIx64 - ok
19:10:24.0637 0x0664  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
19:10:24.0641 0x0664  MMCSS - ok
19:10:24.0646 0x0664  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
19:10:24.0649 0x0664  Modem - ok
19:10:24.0654 0x0664  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
19:10:24.0655 0x0664  monitor - ok
19:10:24.0661 0x0664  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:10:24.0664 0x0664  mouclass - ok
19:10:24.0668 0x0664  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:10:24.0671 0x0664  mouhid - ok
19:10:24.0679 0x0664  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:10:24.0683 0x0664  mountmgr - ok
19:10:24.0691 0x0664  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:10:24.0697 0x0664  MozillaMaintenance - ok
19:10:24.0707 0x0664  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:10:24.0713 0x0664  mpio - ok
19:10:24.0719 0x0664  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:10:24.0724 0x0664  mpsdrv - ok
19:10:24.0756 0x0664  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:10:24.0782 0x0664  MpsSvc - ok
19:10:24.0792 0x0664  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:10:24.0798 0x0664  MRxDAV - ok
19:10:24.0807 0x0664  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:10:24.0813 0x0664  mrxsmb - ok
19:10:24.0827 0x0664  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:10:24.0837 0x0664  mrxsmb10 - ok
19:10:24.0846 0x0664  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:10:24.0851 0x0664  mrxsmb20 - ok
19:10:24.0856 0x0664  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:10:24.0859 0x0664  msahci - ok
19:10:24.0867 0x0664  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
19:10:24.0872 0x0664  msdsm - ok
19:10:24.0880 0x0664  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
19:10:24.0887 0x0664  MSDTC - ok
19:10:24.0895 0x0664  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:10:24.0898 0x0664  Msfs - ok
19:10:24.0901 0x0664  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
19:10:24.0903 0x0664  mshidkmdf - ok
19:10:24.0907 0x0664  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:10:24.0909 0x0664  msisadrv - ok
19:10:24.0918 0x0664  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
19:10:24.0925 0x0664  MSiSCSI - ok
19:10:24.0929 0x0664  msiserver - ok
19:10:24.0933 0x0664  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
19:10:24.0935 0x0664  MSKSSRV - ok
19:10:24.0939 0x0664  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:10:24.0940 0x0664  MSPCLOCK - ok
19:10:24.0944 0x0664  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
19:10:24.0946 0x0664  MSPQM - ok
19:10:24.0962 0x0664  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
19:10:24.0976 0x0664  MsRPC - ok
19:10:24.0983 0x0664  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:10:24.0984 0x0664  mssmbios - ok
19:10:24.0988 0x0664  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
19:10:24.0990 0x0664  MSTEE - ok
19:10:24.0994 0x0664  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:10:24.0996 0x0664  MTConfig - ok
19:10:25.0002 0x0664  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
19:10:25.0005 0x0664  Mup - ok
19:10:25.0025 0x0664  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:10:25.0041 0x0664  napagent - ok
19:10:25.0056 0x0664  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
19:10:25.0067 0x0664  NativeWifiP - ok
19:10:25.0104 0x0664  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:10:25.0132 0x0664  NDIS - ok
19:10:25.0138 0x0664  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
19:10:25.0141 0x0664  NdisCap - ok
19:10:25.0145 0x0664  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:10:25.0147 0x0664  NdisTapi - ok
19:10:25.0153 0x0664  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
19:10:25.0156 0x0664  Ndisuio - ok
19:10:25.0166 0x0664  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
19:10:25.0172 0x0664  NdisWan - ok
19:10:25.0178 0x0664  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
19:10:25.0181 0x0664  NDProxy - ok
19:10:25.0186 0x0664  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl        C:\Windows\system32\DRIVERS\netaapl64.sys
19:10:25.0188 0x0664  Netaapl - ok
19:10:25.0194 0x0664  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
19:10:25.0197 0x0664  NetBIOS - ok
19:10:25.0209 0x0664  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
19:10:25.0218 0x0664  NetBT - ok
19:10:25.0223 0x0664  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
19:10:25.0226 0x0664  Netlogon - ok
19:10:25.0241 0x0664  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:10:25.0254 0x0664  Netman - ok
19:10:25.0263 0x0664  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:10:25.0269 0x0664  NetMsmqActivator - ok
19:10:25.0276 0x0664  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:10:25.0281 0x0664  NetPipeActivator - ok
19:10:25.0301 0x0664  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:10:25.0316 0x0664  netprofm - ok
19:10:25.0324 0x0664  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:10:25.0329 0x0664  NetTcpActivator - ok
19:10:25.0336 0x0664  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:10:25.0341 0x0664  NetTcpPortSharing - ok
19:10:25.0347 0x0664  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
19:10:25.0350 0x0664  nfrd960 - ok
19:10:25.0364 0x0664  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:10:25.0376 0x0664  NlaSvc - ok
19:10:25.0383 0x0664  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf            C:\Windows\system32\drivers\npf.sys
19:10:25.0386 0x0664  npf - ok
19:10:25.0392 0x0664  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:10:25.0395 0x0664  Npfs - ok
19:10:25.0416 0x0664  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
19:10:25.0419 0x0664  NPF_devolo - ok
19:10:25.0425 0x0664  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
19:10:25.0429 0x0664  nsi - ok
19:10:25.0433 0x0664  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:10:25.0435 0x0664  nsiproxy - ok
19:10:25.0498 0x0664  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:10:25.0555 0x0664  Ntfs - ok
19:10:25.0561 0x0664  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:10:25.0563 0x0664  Null - ok
19:10:25.0573 0x0664  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
19:10:25.0580 0x0664  NVHDA - ok
19:10:25.0964 0x0664  [ 36BAB895547EA82892292F05FA02142E, 224D165CE3ECB0EF35C18D09507AB43ADC4A7AD12E507F31230012943C83BEDB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:10:26.0289 0x0664  nvlddmkm - ok
19:10:26.0372 0x0664  [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:10:26.0428 0x0664  NvNetworkService - ok
19:10:26.0439 0x0664  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:10:26.0445 0x0664  nvraid - ok
19:10:26.0455 0x0664  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:10:26.0461 0x0664  nvstor - ok
19:10:26.0468 0x0664  [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:10:26.0470 0x0664  NvStreamKms - ok
19:10:26.0663 0x0664  [ 5A773713C332F8760ABB915C24675E8F, DA453D341529B34188D5B235B17BD0FDAE84129539FC212F34B9FCC42DC0549C ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:10:26.0828 0x0664  NvStreamSvc - ok
19:10:26.0871 0x0664  [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] nvsvc          C:\Windows\system32\nvvsvc.exe
19:10:26.0901 0x0664  nvsvc - ok
19:10:26.0908 0x0664  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:10:26.0911 0x0664  nvvad_WaveExtensible - ok
19:10:26.0919 0x0664  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:10:26.0924 0x0664  nv_agp - ok
19:10:26.0928 0x0664  oflhqklh - ok
19:10:26.0935 0x0664  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:10:26.0939 0x0664  ohci1394 - ok
19:10:27.0016 0x0664  [ F34655869378762CEEF159E82BE95C3E, 346211DEB3D9C1D4C0688F737BF154A75C986921465FAF04E8CFED48385E64E8 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:10:27.0079 0x0664  Origin Client Service - ok
19:10:27.0097 0x0664  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:10:27.0109 0x0664  p2pimsvc - ok
19:10:27.0128 0x0664  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:10:27.0143 0x0664  p2psvc - ok
19:10:27.0150 0x0664  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
19:10:27.0155 0x0664  Parport - ok
19:10:27.0161 0x0664  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
19:10:27.0165 0x0664  partmgr - ok
19:10:27.0175 0x0664  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:10:27.0183 0x0664  PcaSvc - ok
19:10:27.0192 0x0664  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
19:10:27.0199 0x0664  pci - ok
19:10:27.0204 0x0664  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:10:27.0206 0x0664  pciide - ok
19:10:27.0217 0x0664  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:10:27.0224 0x0664  pcmcia - ok
19:10:27.0231 0x0664  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
19:10:27.0234 0x0664  pcw - ok
19:10:27.0260 0x0664  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:10:27.0281 0x0664  PEAUTH - ok
19:10:27.0289 0x0664  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:10:27.0292 0x0664  PerfHost - ok
19:10:27.0352 0x0664  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
19:10:27.0396 0x0664  pla - ok
19:10:27.0415 0x0664  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:10:27.0430 0x0664  PlugPlay - ok
19:10:27.0438 0x0664  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
19:10:27.0443 0x0664  PnkBstrA - ok
19:10:27.0448 0x0664  PnkBstrB - ok
19:10:27.0454 0x0664  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
19:10:27.0457 0x0664  PNRPAutoReg - ok
19:10:27.0472 0x0664  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
19:10:27.0483 0x0664  PNRPsvc - ok
19:10:27.0504 0x0664  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
19:10:27.0521 0x0664  PolicyAgent - ok
19:10:27.0533 0x0664  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
19:10:27.0541 0x0664  Power - ok
19:10:27.0549 0x0664  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:10:27.0553 0x0664  PptpMiniport - ok
19:10:27.0559 0x0664  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
19:10:27.0562 0x0664  Processor - ok
19:10:27.0574 0x0664  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
19:10:27.0583 0x0664  ProfSvc - ok
19:10:27.0588 0x0664  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:10:27.0590 0x0664  ProtectedStorage - ok
19:10:27.0598 0x0664  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:10:27.0604 0x0664  Psched - ok
19:10:27.0608 0x0664  pzlwhhvl - ok
19:10:27.0665 0x0664  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:10:27.0711 0x0664  ql2300 - ok
19:10:27.0722 0x0664  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:10:27.0727 0x0664  ql40xx - ok
19:10:27.0740 0x0664  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
19:10:27.0750 0x0664  QWAVE - ok
19:10:27.0755 0x0664  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:10:27.0758 0x0664  QWAVEdrv - ok
19:10:27.0763 0x0664  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:10:27.0765 0x0664  RasAcd - ok
19:10:27.0770 0x0664  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
19:10:27.0773 0x0664  RasAgileVpn - ok
19:10:27.0781 0x0664  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
19:10:27.0786 0x0664  RasAuto - ok
19:10:27.0795 0x0664  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
19:10:27.0800 0x0664  Rasl2tp - ok
19:10:27.0815 0x0664  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:10:27.0828 0x0664  RasMan - ok
19:10:27.0835 0x0664  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:10:27.0839 0x0664  RasPppoe - ok
19:10:27.0846 0x0664  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
19:10:27.0850 0x0664  RasSstp - ok
19:10:27.0865 0x0664  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
19:10:27.0875 0x0664  rdbss - ok
19:10:27.0881 0x0664  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:10:27.0883 0x0664  rdpbus - ok
19:10:27.0887 0x0664  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:10:27.0889 0x0664  RDPCDD - ok
19:10:27.0896 0x0664  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:10:27.0897 0x0664  RDPENCDD - ok
19:10:27.0903 0x0664  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:10:27.0905 0x0664  RDPREFMP - ok
19:10:27.0912 0x0664  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:10:27.0914 0x0664  RdpVideoMiniport - ok
19:10:27.0925 0x0664  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
19:10:27.0933 0x0664  RDPWD - ok
19:10:27.0945 0x0664  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:10:27.0952 0x0664  rdyboost - ok
19:10:27.0960 0x0664  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:10:27.0965 0x0664  RemoteAccess - ok
19:10:27.0974 0x0664  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:10:27.0981 0x0664  RemoteRegistry - ok
19:10:27.0988 0x0664  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:10:27.0993 0x0664  RpcEptMapper - ok
19:10:27.0998 0x0664  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:10:28.0000 0x0664  RpcLocator - ok
19:10:28.0021 0x0664  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
19:10:28.0038 0x0664  RpcSs - ok
19:10:28.0045 0x0664  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:10:28.0049 0x0664  rspndr - ok
19:10:28.0072 0x0664  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
19:10:28.0090 0x0664  RTL8167 - ok
19:10:28.0096 0x0664  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs          C:\Windows\system32\lsass.exe
19:10:28.0098 0x0664  SamSs - ok
19:10:28.0105 0x0664  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:10:28.0110 0x0664  sbp2port - ok
19:10:28.0120 0x0664  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:10:28.0128 0x0664  SCardSvr - ok
19:10:28.0133 0x0664  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:10:28.0135 0x0664  scfilter - ok
19:10:28.0176 0x0664  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:10:28.0212 0x0664  Schedule - ok
19:10:28.0220 0x0664  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
19:10:28.0223 0x0664  SCPolicySvc - ok
19:10:28.0233 0x0664  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:10:28.0240 0x0664  SDRSVC - ok
19:10:28.0246 0x0664  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:10:28.0248 0x0664  secdrv - ok
19:10:28.0253 0x0664  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:10:28.0256 0x0664  seclogon - ok
19:10:28.0262 0x0664  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:10:28.0267 0x0664  SENS - ok
19:10:28.0272 0x0664  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:10:28.0275 0x0664  SensrSvc - ok
19:10:28.0280 0x0664  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
19:10:28.0282 0x0664  Serenum - ok
19:10:28.0289 0x0664  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:10:28.0293 0x0664  Serial - ok
19:10:28.0298 0x0664  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:10:28.0300 0x0664  sermouse - ok
19:10:28.0313 0x0664  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:10:28.0320 0x0664  SessionEnv - ok
19:10:28.0324 0x0664  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
19:10:28.0326 0x0664  sffdisk - ok
19:10:28.0331 0x0664  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:10:28.0333 0x0664  sffp_mmc - ok
19:10:28.0338 0x0664  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
19:10:28.0340 0x0664  sffp_sd - ok
19:10:28.0344 0x0664  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
19:10:28.0347 0x0664  sfloppy - ok
19:10:28.0363 0x0664  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:10:28.0376 0x0664  SharedAccess - ok
19:10:28.0392 0x0664  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:10:28.0406 0x0664  ShellHWDetection - ok
19:10:28.0412 0x0664  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:10:28.0414 0x0664  SiSRaid2 - ok
19:10:28.0421 0x0664  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:10:28.0424 0x0664  SiSRaid4 - ok
19:10:28.0431 0x0664  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
19:10:28.0435 0x0664  Smb - ok
19:10:28.0444 0x0664  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:10:28.0448 0x0664  SNMPTRAP - ok
19:10:28.0452 0x0664  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
19:10:28.0454 0x0664  spldr - ok
19:10:28.0477 0x0664  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
19:10:28.0496 0x0664  Spooler - ok
19:10:28.0622 0x0664  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:10:28.0728 0x0664  sppsvc - ok
19:10:28.0739 0x0664  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
19:10:28.0743 0x0664  sppuinotify - ok
19:10:28.0764 0x0664  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
19:10:28.0779 0x0664  srv - ok
19:10:28.0797 0x0664  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:10:28.0810 0x0664  srv2 - ok
19:10:28.0820 0x0664  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:10:28.0826 0x0664  srvnet - ok
19:10:28.0838 0x0664  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
19:10:28.0846 0x0664  SSDPSRV - ok
19:10:28.0853 0x0664  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
19:10:28.0858 0x0664  SstpSvc - ok
19:10:28.0873 0x0664  [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0, 7B676B58C26D880320434066B93C7B8372421699C0006806D4E8E0E824124281 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:10:28.0884 0x0664  STacSV - ok
19:10:28.0902 0x0664  [ C368FAF3084E3978462159F1DDAFF54F, F7DD88038E002EF3D2BCA648FE7CF0F92347E901C5F495D8D8E4D24076E895CD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:10:28.0915 0x0664  Stereo Service - ok
19:10:28.0921 0x0664  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:10:28.0923 0x0664  stexstor - ok
19:10:28.0946 0x0664  [ 5709F6AEECC9C43AD9D550FB1D882209, CF4681AE1D6B15340F5A0787E0EFB682AA3CFA15D25741364D8455C040A5997B ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
19:10:28.0964 0x0664  STHDA - ok
19:10:28.0988 0x0664  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:10:29.0008 0x0664  stisvc - ok
19:10:29.0013 0x0664  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:10:29.0015 0x0664  swenum - ok
19:10:29.0036 0x0664  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
19:10:29.0054 0x0664  swprv - ok
19:10:29.0118 0x0664  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain        C:\Windows\system32\sysmain.dll
19:10:29.0172 0x0664  SysMain - ok
19:10:29.0182 0x0664  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:10:29.0188 0x0664  TabletInputService - ok
19:10:29.0202 0x0664  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
19:10:29.0214 0x0664  TapiSrv - ok
19:10:29.0221 0x0664  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
19:10:29.0226 0x0664  TBS - ok
19:10:29.0295 0x0664  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
19:10:29.0351 0x0664  Tcpip - ok
19:10:29.0422 0x0664  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:10:29.0478 0x0664  TCPIP6 - ok
19:10:29.0489 0x0664  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:10:29.0492 0x0664  tcpipreg - ok
19:10:29.0499 0x0664  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:10:29.0501 0x0664  TDPIPE - ok
19:10:29.0506 0x0664  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
19:10:29.0508 0x0664  TDTCP - ok
19:10:29.0516 0x0664  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
19:10:29.0521 0x0664  tdx - ok
19:10:29.0527 0x0664  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:10:29.0530 0x0664  TermDD - ok
19:10:29.0559 0x0664  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
19:10:29.0582 0x0664  TermService - ok
19:10:29.0588 0x0664  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:10:29.0593 0x0664  Themes - ok
19:10:29.0599 0x0664  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
19:10:29.0602 0x0664  THREADORDER - ok
19:10:29.0611 0x0664  [ DA632FAE7B5629032B2C24E1BE29168B, 89327F67F427B12C5DAB664FA88FCA2133C737945C92037945CBF25C5E396587 ] tihub3          C:\Windows\system32\DRIVERS\tihub3.sys
19:10:29.0617 0x0664  tihub3 - ok
19:10:29.0635 0x0664  [ 6AAD465F69632931B6D8D61B287E6DE9, 789837B5241B836F0EFEEF0970062AC965425246DF2B638535B8648CC7EF7DF9 ] tixhci          C:\Windows\system32\DRIVERS\tixhci.sys
19:10:29.0649 0x0664  tixhci - ok
19:10:29.0657 0x0664  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:10:29.0664 0x0664  TrkWks - ok
19:10:29.0674 0x0664  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:10:29.0680 0x0664  TrustedInstaller - ok
19:10:29.0687 0x0664  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:10:29.0690 0x0664  tssecsrv - ok
19:10:29.0696 0x0664  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:10:29.0699 0x0664  TsUsbFlt - ok
19:10:29.0707 0x0664  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:10:29.0712 0x0664  tunnel - ok
19:10:29.0719 0x0664  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:10:29.0722 0x0664  uagp35 - ok
19:10:29.0737 0x0664  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:10:29.0748 0x0664  udfs - ok
19:10:29.0758 0x0664  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
19:10:29.0762 0x0664  UI0Detect - ok
19:10:29.0768 0x0664  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:10:29.0771 0x0664  uliagpkx - ok
19:10:29.0777 0x0664  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
19:10:29.0780 0x0664  umbus - ok
19:10:29.0785 0x0664  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:10:29.0787 0x0664  UmPass - ok
19:10:29.0805 0x0664  [ D03FE25B3B9EFF45582AA0AA37960D68, 835255C1C0F9025FA5015DC3A5A42E4A26DA88AB559EA174D151BBDB8D0E0D2C ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:10:29.0817 0x0664  UNS - ok
19:10:29.0833 0x0664  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:10:29.0847 0x0664  upnphost - ok
19:10:29.0853 0x0664  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
19:10:29.0856 0x0664  USBAAPL64 - ok
19:10:29.0864 0x0664  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:10:29.0868 0x0664  usbaudio - ok
19:10:29.0875 0x0664  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
19:10:29.0880 0x0664  usbccgp - ok
19:10:29.0887 0x0664  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:10:29.0891 0x0664  usbcir - ok
19:10:29.0897 0x0664  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
19:10:29.0900 0x0664  usbehci - ok
19:10:29.0915 0x0664  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:10:29.0926 0x0664  usbhub - ok
19:10:29.0931 0x0664  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
19:10:29.0933 0x0664  usbohci - ok
19:10:29.0938 0x0664  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:10:29.0940 0x0664  usbprint - ok
19:10:29.0947 0x0664  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:10:29.0951 0x0664  USBSTOR - ok
19:10:29.0956 0x0664  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
19:10:29.0958 0x0664  usbuhci - ok
19:10:29.0964 0x0664  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
19:10:29.0968 0x0664  UxSms - ok
19:10:29.0972 0x0664  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
19:10:29.0974 0x0664  VaultSvc - ok
19:10:29.0979 0x0664  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:10:29.0982 0x0664  vdrvroot - ok
19:10:30.0004 0x0664  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
19:10:30.0021 0x0664  vds - ok
19:10:30.0027 0x0664  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
19:10:30.0029 0x0664  vga - ok
19:10:30.0033 0x0664  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
19:10:30.0036 0x0664  VgaSave - ok
19:10:30.0047 0x0664  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
19:10:30.0054 0x0664  vhdmp - ok
19:10:30.0060 0x0664  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:10:30.0062 0x0664  viaide - ok
19:10:30.0068 0x0664  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:10:30.0072 0x0664  volmgr - ok
19:10:30.0088 0x0664  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
19:10:30.0100 0x0664  volmgrx - ok
19:10:30.0114 0x0664  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
19:10:30.0124 0x0664  volsnap - ok
19:10:30.0134 0x0664  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
19:10:30.0140 0x0664  vsmraid - ok
19:10:30.0202 0x0664  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
19:10:30.0251 0x0664  VSS - ok
19:10:30.0265 0x0664  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
19:10:30.0270 0x0664  vssbrigde64 - ok
19:10:30.0275 0x0664  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:10:30.0278 0x0664  vwifibus - ok
19:10:30.0295 0x0664  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
19:10:30.0309 0x0664  W32Time - ok
19:10:30.0316 0x0664  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:10:30.0318 0x0664  WacomPen - ok
19:10:30.0326 0x0664  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:10:30.0330 0x0664  WANARP - ok
19:10:30.0335 0x0664  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:10:30.0338 0x0664  Wanarpv6 - ok
19:10:30.0394 0x0664  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:10:30.0440 0x0664  wbengine - ok
19:10:30.0455 0x0664  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:10:30.0464 0x0664  WbioSrvc - ok
19:10:30.0480 0x0664  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
19:10:30.0494 0x0664  wcncsvc - ok
19:10:30.0499 0x0664  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:10:30.0504 0x0664  WcsPlugInService - ok
19:10:30.0508 0x0664  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:10:30.0510 0x0664  Wd - ok
19:10:30.0542 0x0664  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:10:30.0566 0x0664  Wdf01000 - ok
19:10:30.0574 0x0664  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:10:30.0579 0x0664  WdiServiceHost - ok
19:10:30.0586 0x0664  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
19:10:30.0591 0x0664  WdiSystemHost - ok
19:10:30.0603 0x0664  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient      C:\Windows\System32\webclnt.dll
19:10:30.0614 0x0664  WebClient - ok
19:10:30.0627 0x0664  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:10:30.0637 0x0664  Wecsvc - ok
19:10:30.0643 0x0664  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
19:10:30.0649 0x0664  wercplsupport - ok
19:10:30.0655 0x0664  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:10:30.0661 0x0664  WerSvc - ok
19:10:30.0665 0x0664  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:10:30.0667 0x0664  WfpLwf - ok
19:10:30.0671 0x0664  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:10:30.0674 0x0664  WIMMount - ok
19:10:30.0677 0x0664  WinDefend - ok
19:10:30.0685 0x0664  WinHttpAutoProxySvc - ok
19:10:30.0701 0x0664  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
19:10:30.0710 0x0664  Winmgmt - ok
19:10:30.0784 0x0664  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
19:10:30.0847 0x0664  WinRM - ok
19:10:30.0859 0x0664  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:10:30.0862 0x0664  WinUsb - ok
19:10:30.0896 0x0664  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
19:10:30.0925 0x0664  Wlansvc - ok
19:10:30.0931 0x0664  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
19:10:30.0933 0x0664  WmiAcpi - ok
19:10:30.0946 0x0664  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:10:30.0953 0x0664  wmiApSrv - ok
19:10:30.0957 0x0664  WMPNetworkSvc - ok
19:10:30.0962 0x0664  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:10:30.0966 0x0664  WPCSvc - ok
19:10:30.0973 0x0664  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:10:30.0980 0x0664  WPDBusEnum - ok
19:10:30.0985 0x0664  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
19:10:30.0988 0x0664  WPRO_41_2001 - ok
19:10:30.0992 0x0664  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
19:10:30.0994 0x0664  ws2ifsl - ok
19:10:31.0001 0x0664  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:10:31.0007 0x0664  wscsvc - ok
19:10:31.0012 0x0664  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:10:31.0014 0x0664  WSDPrintDevice - ok
19:10:31.0018 0x0664  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan        C:\Windows\system32\DRIVERS\WSDScan.sys
19:10:31.0020 0x0664  WSDScan - ok
19:10:31.0024 0x0664  WSearch - ok
19:10:31.0119 0x0664  [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:10:31.0199 0x0664  wuauserv - ok
19:10:31.0209 0x0664  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:10:31.0213 0x0664  WudfPf - ok
19:10:31.0224 0x0664  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:10:31.0231 0x0664  WUDFRd - ok
19:10:31.0238 0x0664  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
19:10:31.0244 0x0664  wudfsvc - ok
19:10:31.0256 0x0664  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
19:10:31.0266 0x0664  WwanSvc - ok
19:10:31.0275 0x0664  ================ Scan global ===============================
19:10:31.0279 0x0664  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:10:31.0292 0x0664  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:10:31.0311 0x0664  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:10:31.0323 0x0664  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:10:31.0340 0x0664  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:10:31.0352 0x0664  [ Global ] - ok
19:10:31.0352 0x0664  ================ Scan MBR ==================================
19:10:31.0405 0x0664  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:10:31.0581 0x0664  \Device\Harddisk0\DR0 - ok
19:10:31.0584 0x0664  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:10:31.0658 0x0664  \Device\Harddisk1\DR1 - ok
19:10:31.0658 0x0664  ================ Scan VBR ==================================
19:10:31.0693 0x0664  [ D1B82E0BAB1670109B9D750D6D83D1E1 ] \Device\Harddisk0\DR0\Partition1
19:10:31.0987 0x0664  \Device\Harddisk0\DR0\Partition1 - ok
19:10:31.0991 0x0664  [ 9B2676B1F78F524352FD02F94F660C49 ] \Device\Harddisk1\DR1\Partition1
19:10:31.0993 0x0664  \Device\Harddisk1\DR1\Partition1 - ok
19:10:31.0996 0x0664  [ 722F4A30F499EAB515C29A3F1F971B96 ] \Device\Harddisk1\DR1\Partition2
19:10:31.0998 0x0664  \Device\Harddisk1\DR1\Partition2 - ok
19:10:31.0998 0x0664  ================ Scan generic autorun ======================
19:10:32.0001 0x0664  [ 13392E518730835DC9584C60B04E77C2, E4CF50A5D0777A51CACFBA144CD41621BDE2C4CBB5678C8C2624F7612F9DEE11 ] C:\Program Files\IDT\WDM\beats64.exe
19:10:32.0004 0x0664  BeatsOSDApp - ok
19:10:32.0054 0x0664  [ AD6C376374C21EC68DF33884613D0A05, 65E0668A2A24B9EF2BDABDE044D240F110AEC8B1EF838AB28084B7F899D2A75E ] C:\Program Files\IDT\WDM\sttray64.exe
19:10:32.0101 0x0664  SysTrayApp - ok
19:10:32.0199 0x0664  [ 6BE70A935DFD72F47C29757305B50B1E, 6E76D7CA8C417750C2AFAD45344F5863CEA7798A2993716E21DE1997789D1746 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:10:32.0287 0x0664  NvBackend - ok
19:10:32.0295 0x0664  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:10:32.0298 0x0664  ShadowPlay - ok
19:10:32.0751 0x0664  [ 9AC062437035B077C0F3B1BD738EC82A, DAC42AA903C3A6F7CB196D3D738FFDDADC8BD2138F0703F1DB035337540D53B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:10:32.0866 0x0bf4  Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] nvsvc
19:10:33.0173 0x0664  RTHDVCPL - ok
19:10:33.0652 0x0664  [ AC5406D1A6C19D83F92FA22697F3F072, 592BD212F1C0F6FE8605328F2D4A3EA360FF74B42E467E7ED201492A800181C8 ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:10:34.0087 0x0664  Launch LCore - ok
19:10:34.0109 0x0664  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
19:10:34.0115 0x0664  iTunesHelper - ok
19:10:34.0134 0x0664  [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
19:10:34.0150 0x0664  IJNetworkScannerSelectorEX - ok
19:10:34.0164 0x0664  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:10:34.0174 0x0664  USB3MON - ok
19:10:34.0182 0x0664  [ 8D902AF9A35DF48B8821FAA28EE9E72B, 6B2510AE064C4527570CCD06C1DBB32F0E7D37AF7ABC9476FAC1D9C044ECC2B3 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
19:10:34.0188 0x0664  IMSS - ok
19:10:34.0364 0x0664  [ 24F4643941535195B19C962C96067DB8, C5A81D6888EDE79D678AB4A019C0A649481DF7DD5085C02BCBB381FD23C175C1 ] C:\Program Files (x86)\XFastUSB\XFastUsb.exe
19:10:34.0531 0x0664  XFastUSB - ok
19:10:34.0542 0x0664  [ E7861EAA7881E086B2DB88ADF4279D4B, D040BCEC5B7519357D4E28653FC0F9F4FEAA88D291726A0763EA5E84C8C5D840 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:10:34.0545 0x0664  IAStorIcon - ok
19:10:34.0548 0x0664  FireStormStartUpAutoRun - ok
19:10:34.0556 0x0664  [ 08FF7423AC1DB307769931F3F848EAB4, A6AE01143E82F4706DA9D39AA3020823C3A61E2AC73BF0516427B2495A980FD2 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
19:10:34.0559 0x0664  ProductUpdater - ok
19:10:34.0582 0x0664  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:10:34.0603 0x0664  SunJavaUpdateSched - ok
19:10:34.0647 0x0664  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:10:34.0686 0x0664  Sidebar - ok
19:10:34.0695 0x0664  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:10:34.0701 0x0664  mctadmin - ok
19:10:34.0745 0x0664  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:10:34.0779 0x0664  Sidebar - ok
19:10:34.0787 0x0664  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:10:34.0791 0x0664  mctadmin - ok
19:10:34.0803 0x0664  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
19:10:34.0808 0x0664  Dropbox Update - ok
19:10:34.0958 0x0664  [ C87A02743C2606521715E8C9491BAF8F, F8B923C4B75D17B7EBEBB7809B76EA0C2922BB4F6821E7B516DD44207392767B ] C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
19:10:35.0098 0x0664  MyComGames - ok
19:10:35.0120 0x0664  [ 3B3404B6D45BC3E0AEFAC7470D254A8E, E524D7B3F11018C252C8A412937E944B335B9EF6C888FBE71C4B6B5D9BEAF9AF ] C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
19:10:35.0125 0x0664  son-bet - ok
19:10:35.0126 0x0664  Wondershare - ok
19:10:35.0136 0x0664  [ 6F733C10600F37B7D01198FB36F07E1A, 16CF3B7FA1AA2BCC7146E4D3A3AB192BBBE6494D47FD0CB014F13FB7EDBEEBD9 ] C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe
19:10:35.0326 0x0bf4  Object send P2P result: true
19:10:35.0327 0x0bf4  Object required for P2P: [ F34655869378762CEEF159E82BE95C3E ] Origin Client Service
19:10:36.0541 0x0664  essay-weekend - ok
19:10:36.0668 0x0664  [ CF15431A5741760D3D39C9F334566D47, 02C62399E89B0AD576F86D525FDA3B7D6C448F8092DFAE7C78915DBEC916ABA7 ] C:\Program Files (x86)\Origin\Origin.exe
19:10:36.0774 0x0664  EADM - ok
19:10:36.0802 0x0664  [ AB7957185EBD519C206947757D76EA0F, 3F1CE131FF08A575DFA2B6C05E5CC3BBDB4B76628FA74FFBBDB04C64B1456311 ] C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe
19:10:36.0820 0x0664  gaasfet-3 - ok
19:10:36.0821 0x0664  Waiting for KSN requests completion. In queue: 199
19:10:37.0764 0x0bf4  Object send P2P result: true
19:10:37.0821 0x0664  Waiting for KSN requests completion. In queue: 56
19:10:38.0821 0x0664  Waiting for KSN requests completion. In queue: 56
19:10:39.0839 0x0664  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
19:10:39.0840 0x0664  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
19:10:53.0250 0x0664  ============================================================
19:10:53.0250 0x0664  Scan finished
19:10:53.0250 0x0664  ============================================================
19:10:53.0264 0x06f4  Detected object count: 0
19:10:53.0264 0x06f4  Actual detected object count: 0
19:12:00.0706 0x2390  ============================================================
19:12:00.0706 0x2390  Scan started
19:12:00.0706 0x2390  Mode: Manual; SigCheck; TDLFS;
19:12:00.0706 0x2390  ============================================================
19:12:00.0706 0x2390  KSN ping started
19:12:14.0017 0x2390  KSN ping finished: true

Thorstie 15.11.2015 19:23
Teil 2
 
Code:
19:12:15.0397 0x2390  ================ Scan system memory ========================
19:12:15.0397 0x2390  System memory - ok
19:12:15.0398 0x2390  ================ Scan services =============================
19:12:15.0443 0x2390  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:12:15.0504 0x2390  1394ohci - ok
19:12:15.0519 0x2390  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:12:15.0545 0x2390  ACPI - ok
19:12:15.0550 0x2390  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
19:12:15.0570 0x2390  AcpiPmi - ok
19:12:15.0576 0x2390  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:12:15.0584 0x2390  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:12:15.0584 0x2390  Detect skipped due to KSN trusted
19:12:15.0584 0x2390  Adobe LM Service - ok
19:12:15.0591 0x2390  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:12:15.0607 0x2390  AdobeARMservice - ok
19:12:15.0635 0x2390  [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:12:15.0656 0x2390  AdobeFlashPlayerUpdateSvc - ok
19:12:15.0679 0x2390  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
19:12:15.0711 0x2390  adp94xx - ok
19:12:15.0729 0x2390  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
19:12:15.0754 0x2390  adpahci - ok
19:12:15.0765 0x2390  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
19:12:15.0785 0x2390  adpu320 - ok
19:12:15.0795 0x2390  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
19:12:15.0844 0x2390  AeLookupSvc - ok
19:12:15.0853 0x2390  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters    C:\Program Files\IDT\WDM\AESTSr64.exe
19:12:15.0872 0x2390  AESTFilters - ok
19:12:15.0893 0x2390  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD            C:\Windows\system32\drivers\afd.sys
19:12:15.0926 0x2390  AFD - ok
19:12:15.0934 0x2390  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:12:15.0948 0x2390  agp440 - ok
19:12:15.0955 0x2390  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
19:12:15.0974 0x2390  ALG - ok
19:12:15.0978 0x2390  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:12:15.0992 0x2390  aliide - ok
19:12:15.0996 0x2390  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:12:16.0009 0x2390  amdide - ok
19:12:16.0015 0x2390  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
19:12:16.0033 0x2390  AmdK8 - ok
19:12:16.0039 0x2390  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:12:16.0055 0x2390  AmdPPM - ok
19:12:16.0063 0x2390  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
19:12:16.0080 0x2390  amdsata - ok
19:12:16.0091 0x2390  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:12:16.0110 0x2390  amdsbs - ok
19:12:16.0115 0x2390  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
19:12:16.0129 0x2390  amdxata - ok
19:12:16.0135 0x2390  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID          C:\Windows\system32\drivers\appid.sys
19:12:16.0153 0x2390  AppID - ok
19:12:16.0158 0x2390  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:12:16.0173 0x2390  AppIDSvc - ok
19:12:16.0180 0x2390  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo        C:\Windows\System32\appinfo.dll
19:12:16.0197 0x2390  Appinfo - ok
19:12:16.0208 0x2390  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:12:16.0221 0x2390  Apple Mobile Device Service - ok
19:12:16.0228 0x2390  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\DRIVERS\arc.sys
19:12:16.0244 0x2390  arc - ok
19:12:16.0252 0x2390  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:12:16.0268 0x2390  arcsas - ok
19:12:16.0274 0x2390  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
19:12:16.0295 0x2390  asahci64 - ok
19:12:16.0313 0x2390  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:12:16.0330 0x2390  aspnet_state - ok
19:12:16.0335 0x2390  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger  C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:12:16.0347 0x2390  AsrAppCharger - ok
19:12:16.0353 0x2390  [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
19:12:16.0365 0x2390  AsrRamDisk - ok
19:12:16.0369 0x2390  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:16.0414 0x2390  AsyncMac - ok
19:12:16.0419 0x2390  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
19:12:16.0433 0x2390  atapi - ok
19:12:16.0460 0x2390  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:12:16.0502 0x2390  AudioEndpointBuilder - ok
19:12:16.0529 0x2390  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:12:16.0567 0x2390  AudioSrv - ok
19:12:16.0582 0x2390  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
19:12:16.0602 0x2390  AVP16.0.0 - ok
19:12:16.0610 0x2390  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:12:16.0636 0x2390  AxInstSV - ok
19:12:16.0641 0x2390  AxtuDrv - ok
19:12:16.0660 0x2390  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
19:12:16.0692 0x2390  b06bdrv - ok
19:12:16.0707 0x2390  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:12:16.0731 0x2390  b57nd60a - ok
19:12:16.0742 0x2390  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:12:16.0761 0x2390  BDESVC - ok
19:12:16.0765 0x2390  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:12:16.0810 0x2390  Beep - ok
19:12:16.0839 0x2390  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
19:12:16.0880 0x2390  BFE - ok
19:12:16.0886 0x2390  bfrzcslo - ok
19:12:16.0922 0x2390  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:12:17.0001 0x2390  BITS - ok
19:12:17.0007 0x2390  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:12:17.0024 0x2390  blbdrive - ok
19:12:17.0043 0x2390  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:12:17.0070 0x2390  Bonjour Service - ok
19:12:17.0079 0x2390  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:12:17.0097 0x2390  bowser - ok
19:12:17.0101 0x2390  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:12:17.0121 0x2390  BrFiltLo - ok
19:12:17.0126 0x2390  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:12:17.0145 0x2390  BrFiltUp - ok
19:12:17.0154 0x2390  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
19:12:17.0176 0x2390  Browser - ok
19:12:17.0190 0x2390  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
19:12:17.0216 0x2390  Brserid - ok
19:12:17.0222 0x2390  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:12:17.0242 0x2390  BrSerWdm - ok
19:12:17.0246 0x2390  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:12:17.0265 0x2390  BrUsbMdm - ok
19:12:17.0269 0x2390  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:12:17.0285 0x2390  BrUsbSer - ok
19:12:17.0291 0x2390  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:17.0313 0x2390  BTHMODEM - ok
19:12:17.0321 0x2390  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
19:12:17.0370 0x2390  bthserv - ok
19:12:17.0377 0x2390  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:12:17.0424 0x2390  cdfs - ok
19:12:17.0433 0x2390  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
19:12:17.0454 0x2390  cdrom - ok
19:12:17.0461 0x2390  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
19:12:17.0508 0x2390  CertPropSvc - ok
19:12:17.0513 0x2390  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:12:17.0533 0x2390  circlass - ok
19:12:17.0550 0x2390  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:12:17.0576 0x2390  CLFS - ok
19:12:17.0586 0x2390  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:17.0603 0x2390  clr_optimization_v2.0.50727_32 - ok
19:12:17.0611 0x2390  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:12:17.0627 0x2390  clr_optimization_v2.0.50727_64 - ok
19:12:17.0640 0x2390  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:17.0660 0x2390  clr_optimization_v4.0.30319_32 - ok
19:12:17.0673 0x2390  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:12:17.0691 0x2390  clr_optimization_v4.0.30319_64 - ok
19:12:17.0696 0x2390  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:17.0712 0x2390  CmBatt - ok
19:12:17.0716 0x2390  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:12:17.0729 0x2390  cmdide - ok
19:12:17.0747 0x2390  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km          C:\Windows\system32\DRIVERS\cm_km.sys
19:12:17.0774 0x2390  cm_km - ok
19:12:17.0780 0x2390  [ 84FC81FF9F291A0FC8D10933C1748F66, 46B6C64659A24C1D4917963FECEC2D6AED516C047762F0B4E67651CF8241A7D8 ] CM_VENDER_CMD  C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys
19:12:17.0792 0x2390  CM_VENDER_CMD - ok
19:12:17.0812 0x2390  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG            C:\Windows\system32\Drivers\cng.sys
19:12:17.0850 0x2390  CNG - ok
19:12:17.0857 0x2390  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:12:17.0870 0x2390  Compbatt - ok
19:12:17.0876 0x2390  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:12:17.0896 0x2390  CompositeBus - ok
19:12:17.0900 0x2390  COMSysApp - ok
19:12:17.0905 0x2390  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
19:12:17.0919 0x2390  crcdisk - ok
19:12:17.0931 0x2390  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:12:17.0953 0x2390  CryptSvc - ok
19:12:17.0977 0x2390  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:12:18.0039 0x2390  DcomLaunch - ok
19:12:18.0054 0x2390  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
19:12:18.0110 0x2390  defragsvc - ok
19:12:18.0248 0x2390  [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
19:12:18.0390 0x2390  DevoloNetworkService - ok
19:12:18.0403 0x2390  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:12:18.0450 0x2390  DfsC - ok
19:12:18.0466 0x2390  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:12:18.0495 0x2390  Dhcp - ok
19:12:18.0501 0x2390  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:12:18.0547 0x2390  discache - ok
19:12:18.0554 0x2390  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:12:18.0569 0x2390  Disk - ok
19:12:18.0579 0x2390  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:12:18.0601 0x2390  Dnscache - ok
19:12:18.0614 0x2390  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
19:12:18.0667 0x2390  dot3svc - ok
19:12:18.0676 0x2390  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
19:12:18.0727 0x2390  DPS - ok
19:12:18.0731 0x2390  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
19:12:18.0747 0x2390  drmkaud - ok
19:12:18.0784 0x2390  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
19:12:18.0832 0x2390  DXGKrnl - ok
19:12:18.0841 0x2390  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
19:12:18.0890 0x2390  EapHost - ok
19:12:19.0007 0x2390  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
19:12:19.0139 0x2390  ebdrv - ok
19:12:19.0149 0x2390  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS            C:\Windows\System32\lsass.exe
19:12:19.0167 0x2390  EFS - ok
19:12:19.0195 0x2390  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
19:12:19.0236 0x2390  ehRecvr - ok
19:12:19.0244 0x2390  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
19:12:19.0264 0x2390  ehSched - ok
19:12:19.0286 0x2390  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
19:12:19.0318 0x2390  elxstor - ok
19:12:19.0323 0x2390  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:12:19.0338 0x2390  ErrDev - ok
19:12:19.0359 0x2390  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
19:12:19.0419 0x2390  EventSystem - ok
19:12:19.0431 0x2390  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
19:12:19.0483 0x2390  exfat - ok
19:12:19.0494 0x2390  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
19:12:19.0546 0x2390  fastfat - ok
19:12:19.0576 0x2390  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
19:12:19.0616 0x2390  Fax - ok
19:12:19.0622 0x2390  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
19:12:19.0638 0x2390  fdc - ok
19:12:19.0643 0x2390  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
19:12:19.0688 0x2390  fdPHost - ok
19:12:19.0694 0x2390  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:12:19.0740 0x2390  FDResPub - ok
19:12:19.0747 0x2390  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:12:19.0762 0x2390  FileInfo - ok
19:12:19.0767 0x2390  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
19:12:19.0812 0x2390  Filetrace - ok
19:12:19.0817 0x2390  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:12:19.0833 0x2390  flpydisk - ok
19:12:19.0848 0x2390  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:12:19.0872 0x2390  FltMgr - ok
19:12:19.0878 0x2390  [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
19:12:19.0890 0x2390  FNETTBOH_305 - ok
19:12:19.0897 0x2390  [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
19:12:19.0909 0x2390  FNETURPX - ok
19:12:19.0955 0x2390  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache      C:\Windows\system32\FntCache.dll
19:12:20.0014 0x2390  FontCache - ok
19:12:20.0021 0x2390  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:12:20.0034 0x2390  FontCache3.0.0.0 - ok
19:12:20.0039 0x2390  [ E495069F9FABD7D36BB743DB1FE5FB09, AE1505579453846B6876A5F2A9D480835FC349B44F592BD0C003FAE762EC4C4A ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
19:12:20.0044 0x2390  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
19:12:20.0045 0x2390  Detect skipped due to KSN trusted
19:12:20.0045 0x2390  FreemakeVideoCapture - ok
19:12:20.0050 0x2390  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
19:12:20.0066 0x2390  FsDepends - ok
19:12:20.0071 0x2390  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:12:20.0087 0x2390  Fs_Rec - ok
19:12:20.0098 0x2390  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:12:20.0123 0x2390  fvevol - ok
19:12:20.0130 0x2390  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:12:20.0145 0x2390  gagp30kx - ok
19:12:20.0188 0x2390  [ B17D0BDBDDF4BD4709D6CA3147D409C0, B83F0D9891190226D2D7D50DE27B61B5FC04B6942C37B78856C45B3309527D9B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:12:20.0245 0x2390  GfExperienceService - ok
19:12:20.0277 0x2390  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
19:12:20.0348 0x2390  gpsvc - ok
19:12:20.0357 0x2390  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:12:20.0372 0x2390  gupdate - ok
19:12:20.0378 0x2390  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:12:20.0392 0x2390  gupdatem - ok
19:12:20.0403 0x2390  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:12:20.0420 0x2390  gusvc - ok
19:12:20.0425 0x2390  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:12:20.0442 0x2390  hcw85cir - ok
19:12:20.0459 0x2390  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:12:20.0490 0x2390  HdAudAddService - ok
19:12:20.0499 0x2390  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:12:20.0521 0x2390  HDAudBus - ok
19:12:20.0526 0x2390  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
19:12:20.0542 0x2390  HidBatt - ok
19:12:20.0550 0x2390  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:12:20.0572 0x2390  HidBth - ok
19:12:20.0578 0x2390  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
19:12:20.0598 0x2390  HidIr - ok
19:12:20.0603 0x2390  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
19:12:20.0649 0x2390  hidserv - ok
19:12:20.0654 0x2390  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:12:20.0669 0x2390  HidUsb - ok
19:12:20.0673 0x2390  hjaqokbf - ok
19:12:20.0681 0x2390  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:12:20.0728 0x2390  hkmsvc - ok
19:12:20.0739 0x2390  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:12:20.0763 0x2390  HomeGroupListener - ok
19:12:20.0773 0x2390  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:12:20.0795 0x2390  HomeGroupProvider - ok
19:12:20.0802 0x2390  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:12:20.0817 0x2390  HpSAMD - ok
19:12:20.0824 0x2390  [ B6639BF8236BDD3427B10C581332BE71, A6A9DB37BB83C70F01E7D99CA4891FD32F93A96C84215CFCC85AF41625C1023C ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
19:12:20.0838 0x2390  HPSupportSolutionsFrameworkService - ok
19:12:20.0868 0x2390  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:12:20.0909 0x2390  HTTP - ok
19:12:20.0917 0x2390  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:12:20.0930 0x2390  hwpolicy - ok
19:12:20.0938 0x2390  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:12:20.0956 0x2390  i8042prt - ok
19:12:20.0979 0x2390  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:12:21.0009 0x2390  iaStor - ok
19:12:21.0036 0x2390  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA        C:\Windows\system32\DRIVERS\iaStorA.sys
19:12:21.0071 0x2390  iaStorA - ok
19:12:21.0077 0x2390  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:12:21.0089 0x2390  IAStorDataMgrSvc - ok
19:12:21.0094 0x2390  [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF        C:\Windows\system32\DRIVERS\iaStorF.sys
19:12:21.0106 0x2390  iaStorF - ok
19:12:21.0123 0x2390  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
19:12:21.0150 0x2390  iaStorV - ok
19:12:21.0183 0x2390  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:12:21.0229 0x2390  idsvc - ok
19:12:21.0234 0x2390  IEEtwCollectorService - ok
19:12:21.0240 0x2390  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
19:12:21.0255 0x2390  iirsp - ok
19:12:21.0260 0x2390  [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
19:12:21.0272 0x2390  ikbevent - ok
19:12:21.0305 0x2390  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:12:21.0350 0x2390  IKEEXT - ok
19:12:21.0355 0x2390  ilnicvuq - ok
19:12:21.0360 0x2390  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
19:12:21.0372 0x2390  imsevent - ok
19:12:21.0523 0x2390  [ 6BDCC85422817FA53CD705ADE312CE6A, 2EBEDF34493B4AE34442A89ACBCDB2C39447F21FBB015BDD7935DE95DD217CD0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:12:21.0681 0x2390  IntcAzAudAddService - ok
19:12:21.0715 0x2390  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:12:21.0748 0x2390  Intel(R) Capability Licensing Service Interface - ok
19:12:21.0758 0x2390  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:12:21.0772 0x2390  Intel(R) ME Service - ok
19:12:21.0777 0x2390  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:12:21.0790 0x2390  intelide - ok
19:12:21.0796 0x2390  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:12:21.0813 0x2390  intelppm - ok
19:12:21.0820 0x2390  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
19:12:21.0869 0x2390  IPBusEnum - ok
19:12:21.0876 0x2390  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:21.0922 0x2390  IpFilterDriver - ok
19:12:21.0945 0x2390  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:12:21.0981 0x2390  iphlpsvc - ok
19:12:21.0990 0x2390  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
19:12:22.0007 0x2390  IPMIDRV - ok
19:12:22.0015 0x2390  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
19:12:22.0064 0x2390  IPNAT - ok
19:12:22.0089 0x2390  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:12:22.0122 0x2390  iPod Service - ok
19:12:22.0128 0x2390  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:12:22.0149 0x2390  IRENUM - ok
19:12:22.0154 0x2390  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:12:22.0167 0x2390  isapnp - ok
19:12:22.0180 0x2390  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:12:22.0202 0x2390  iScsiPrt - ok
19:12:22.0208 0x2390  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
19:12:22.0219 0x2390  ISCT - ok
19:12:22.0228 0x2390  [ 6F60B7AD044924B8C1E32D692C593612, 93EFBC2EC24E7B4B908010955F1B9A6DC231C7A4B55BE0D2DC6103E2A5457EC6 ] ISCTAgent      C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
19:12:22.0243 0x2390  ISCTAgent - ok
19:12:22.0249 0x2390  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:12:22.0260 0x2390  iusb3hcs - ok
19:12:22.0276 0x2390  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
19:12:22.0299 0x2390  iusb3hub - ok
19:12:22.0330 0x2390  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:12:22.0369 0x2390  iusb3xhc - ok
19:12:22.0375 0x2390  [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb          C:\Windows\system32\DRIVERS\ivusb.sys
19:12:22.0386 0x2390  ivusb - ok
19:12:22.0395 0x2390  [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:12:22.0412 0x2390  jhi_service - ok
19:12:22.0418 0x2390  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:12:22.0433 0x2390  kbdclass - ok
19:12:22.0438 0x2390  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:12:22.0455 0x2390  kbdhid - ok
19:12:22.0460 0x2390  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
19:12:22.0475 0x2390  KeyIso - ok
19:12:22.0495 0x2390  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1            C:\Windows\system32\DRIVERS\kl1.sys
19:12:22.0526 0x2390  kl1 - ok
19:12:22.0533 0x2390  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:12:22.0549 0x2390  klbackupdisk - ok
19:12:22.0556 0x2390  [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt    C:\Windows\system32\DRIVERS\klbackupflt.sys
19:12:22.0574 0x2390  klbackupflt - ok
19:12:22.0580 0x2390  [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
19:12:22.0596 0x2390  kldisk - ok
19:12:22.0607 0x2390  [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt          C:\Windows\system32\DRIVERS\klflt.sys
19:12:22.0631 0x2390  klflt - ok
19:12:22.0644 0x2390  [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
19:12:22.0666 0x2390  klhk - ok
19:12:22.0704 0x2390  [ 11586A6A85FF124F53E1435A34DD1707, 6291C3519EA53ACAA0594DAF4EDA41E1201F6CA9C7B0EF0B54CEF7BDB5DCD080 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:12:22.0755 0x2390  KLIF - ok
19:12:22.0762 0x2390  [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6          C:\Windows\system32\DRIVERS\klim6.sys
19:12:22.0778 0x2390  KLIM6 - ok
19:12:22.0783 0x2390  [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:12:22.0798 0x2390  klkbdflt - ok
19:12:22.0802 0x2390  klkbdflt2 - ok
19:12:22.0808 0x2390  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:12:22.0822 0x2390  klmouflt - ok
19:12:22.0827 0x2390  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
19:12:22.0844 0x2390  klpd - ok
19:12:22.0851 0x2390  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi          C:\Windows\system32\DRIVERS\kltdi.sys
19:12:22.0867 0x2390  kltdi - ok
19:12:22.0874 0x2390  [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp          C:\Windows\system32\DRIVERS\klwtp.sys
19:12:22.0891 0x2390  Klwtp - ok
19:12:22.0902 0x2390  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps          C:\Windows\system32\DRIVERS\kneps.sys
19:12:22.0922 0x2390  kneps - ok
19:12:22.0929 0x2390  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:12:22.0945 0x2390  KSecDD - ok
19:12:22.0954 0x2390  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
19:12:22.0973 0x2390  KSecPkg - ok
19:12:22.0978 0x2390  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
19:12:23.0024 0x2390  ksthunk - ok
19:12:23.0042 0x2390  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
19:12:23.0100 0x2390  KtmRm - ok
19:12:23.0118 0x2390  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
19:12:23.0144 0x2390  LADF_CaptureOnly - ok
19:12:23.0152 0x2390  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
19:12:23.0165 0x2390  LADF_RenderOnly - ok
19:12:23.0177 0x2390  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:12:23.0231 0x2390  LanmanServer - ok
19:12:23.0239 0x2390  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:12:23.0288 0x2390  LanmanWorkstation - ok
19:12:23.0302 0x2390  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
19:12:23.0313 0x2390  LGBusEnum - ok
19:12:23.0319 0x2390  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
19:12:23.0332 0x2390  LGSHidFilt - ok
19:12:23.0337 0x2390  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:12:23.0347 0x2390  LGVirHid - ok
19:12:23.0353 0x2390  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:12:23.0399 0x2390  lltdio - ok
19:12:23.0414 0x2390  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
19:12:23.0470 0x2390  lltdsvc - ok
19:12:23.0475 0x2390  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
19:12:23.0521 0x2390  lmhosts - ok
19:12:23.0533 0x2390  [ 6B5938A0B2C0855E2BFE77793A982EB5, A3D8174E3A3AC521EE6B03BD674069AC858320DEEE7CAE82DBCD64942D08F721 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:12:23.0554 0x2390  LMS - ok
19:12:23.0564 0x2390  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:12:23.0581 0x2390  LSI_FC - ok
19:12:23.0589 0x2390  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
19:12:23.0606 0x2390  LSI_SAS - ok
19:12:23.0612 0x2390  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:12:23.0627 0x2390  LSI_SAS2 - ok
19:12:23.0635 0x2390  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:12:23.0652 0x2390  LSI_SCSI - ok
19:12:23.0659 0x2390  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
19:12:23.0708 0x2390  luafv - ok
19:12:23.0711 0x2390  lwohbkep - ok
19:12:23.0718 0x2390  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
19:12:23.0729 0x2390  MBfilt - ok
19:12:23.0736 0x2390  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
19:12:23.0756 0x2390  Mcx2Svc - ok
19:12:23.0761 0x2390  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
19:12:23.0775 0x2390  megasas - ok
19:12:23.0788 0x2390  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:12:23.0811 0x2390  MegaSR - ok
19:12:23.0818 0x2390  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:12:23.0831 0x2390  MEIx64 - ok
19:12:23.0837 0x2390  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
19:12:23.0886 0x2390  MMCSS - ok
19:12:23.0892 0x2390  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
19:12:23.0938 0x2390  Modem - ok
19:12:23.0943 0x2390  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
19:12:23.0961 0x2390  monitor - ok
19:12:23.0967 0x2390  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:12:23.0981 0x2390  mouclass - ok
19:12:23.0987 0x2390  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:12:24.0003 0x2390  mouhid - ok
19:12:24.0011 0x2390  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:12:24.0027 0x2390  mountmgr - ok
19:12:24.0036 0x2390  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:12:24.0053 0x2390  MozillaMaintenance - ok
19:12:24.0062 0x2390  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:12:24.0080 0x2390  mpio - ok
19:12:24.0086 0x2390  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:12:24.0134 0x2390  mpsdrv - ok
19:12:24.0168 0x2390  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:12:24.0243 0x2390  MpsSvc - ok
19:12:24.0254 0x2390  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:12:24.0275 0x2390  MRxDAV - ok
19:12:24.0284 0x2390  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:12:24.0305 0x2390  mrxsmb - ok
19:12:24.0319 0x2390  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:12:24.0344 0x2390  mrxsmb10 - ok
19:12:24.0353 0x2390  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:12:24.0372 0x2390  mrxsmb20 - ok
19:12:24.0377 0x2390  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:12:24.0392 0x2390  msahci - ok
19:12:24.0402 0x2390  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
19:12:24.0420 0x2390  msdsm - ok
19:12:24.0429 0x2390  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
19:12:24.0451 0x2390  MSDTC - ok
19:12:24.0459 0x2390  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:12:24.0505 0x2390  Msfs - ok
19:12:24.0509 0x2390  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
19:12:24.0554 0x2390  mshidkmdf - ok
19:12:24.0559 0x2390  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:12:24.0572 0x2390  msisadrv - ok
19:12:24.0581 0x2390  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
19:12:24.0632 0x2390  MSiSCSI - ok
19:12:24.0636 0x2390  msiserver - ok
19:12:24.0641 0x2390  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
19:12:24.0685 0x2390  MSKSSRV - ok
19:12:24.0689 0x2390  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:12:24.0734 0x2390  MSPCLOCK - ok
19:12:24.0738 0x2390  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
19:12:24.0783 0x2390  MSPQM - ok
19:12:24.0800 0x2390  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
19:12:24.0825 0x2390  MsRPC - ok
19:12:24.0832 0x2390  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:12:24.0846 0x2390  mssmbios - ok
19:12:24.0850 0x2390  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
19:12:24.0896 0x2390  MSTEE - ok
19:12:24.0900 0x2390  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:12:24.0915 0x2390  MTConfig - ok
19:12:24.0921 0x2390  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
19:12:24.0936 0x2390  Mup - ok
19:12:24.0956 0x2390  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:12:25.0018 0x2390  napagent - ok
19:12:25.0034 0x2390  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
19:12:25.0066 0x2390  NativeWifiP - ok
19:12:25.0105 0x2390  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:12:25.0152 0x2390  NDIS - ok
19:12:25.0158 0x2390  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
19:12:25.0205 0x2390  NdisCap - ok
19:12:25.0210 0x2390  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:12:25.0255 0x2390  NdisTapi - ok
19:12:25.0261 0x2390  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
19:12:25.0306 0x2390  Ndisuio - ok
19:12:25.0315 0x2390  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
19:12:25.0363 0x2390  NdisWan - ok
19:12:25.0370 0x2390  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
19:12:25.0417 0x2390  NDProxy - ok
19:12:25.0421 0x2390  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl        C:\Windows\system32\DRIVERS\netaapl64.sys
19:12:25.0438 0x2390  Netaapl - ok
19:12:25.0443 0x2390  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
19:12:25.0490 0x2390  NetBIOS - ok
19:12:25.0503 0x2390  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
19:12:25.0556 0x2390  NetBT - ok
19:12:25.0561 0x2390  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
19:12:25.0577 0x2390  Netlogon - ok
19:12:25.0593 0x2390  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:12:25.0652 0x2390  Netman - ok
19:12:25.0660 0x2390  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:25.0680 0x2390  NetMsmqActivator - ok
19:12:25.0688 0x2390  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:25.0708 0x2390  NetPipeActivator - ok
19:12:25.0731 0x2390  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:12:25.0792 0x2390  netprofm - ok
19:12:25.0802 0x2390  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:25.0822 0x2390  NetTcpActivator - ok
19:12:25.0830 0x2390  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:12:25.0850 0x2390  NetTcpPortSharing - ok
19:12:25.0856 0x2390  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
19:12:25.0871 0x2390  nfrd960 - ok
19:12:25.0886 0x2390  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:12:25.0912 0x2390  NlaSvc - ok
19:12:25.0918 0x2390  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf            C:\Windows\system32\drivers\npf.sys
19:12:25.0930 0x2390  npf - ok
19:12:25.0936 0x2390  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:12:25.0983 0x2390  Npfs - ok
19:12:26.0006 0x2390  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
19:12:26.0019 0x2390  NPF_devolo - ok
19:12:26.0024 0x2390  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
19:12:26.0071 0x2390  nsi - ok
19:12:26.0076 0x2390  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:12:26.0121 0x2390  nsiproxy - ok
19:12:26.0184 0x2390  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:12:26.0258 0x2390  Ntfs - ok
19:12:26.0265 0x2390  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:12:26.0310 0x2390  Null - ok
19:12:26.0321 0x2390  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
19:12:26.0343 0x2390  NVHDA - ok
19:12:26.0734 0x2390  [ 36BAB895547EA82892292F05FA02142E, 224D165CE3ECB0EF35C18D09507AB43ADC4A7AD12E507F31230012943C83BEDB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:12:27.0147 0x2390  nvlddmkm - ok
19:12:27.0237 0x2390  [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:12:27.0315 0x2390  NvNetworkService - ok
19:12:27.0327 0x2390  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:12:27.0346 0x2390  nvraid - ok
19:12:27.0355 0x2390  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:12:27.0374 0x2390  nvstor - ok
19:12:27.0379 0x2390  [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:12:27.0392 0x2390  NvStreamKms - ok
19:12:27.0586 0x2390  [ 5A773713C332F8760ABB915C24675E8F, DA453D341529B34188D5B235B17BD0FDAE84129539FC212F34B9FCC42DC0549C ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:12:27.0798 0x2390  NvStreamSvc - ok
19:12:27.0843 0x2390  [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] nvsvc          C:\Windows\system32\nvvsvc.exe
19:12:27.0890 0x2390  nvsvc - ok
19:12:27.0891 0x2390  Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] nvsvc
19:12:30.0313 0x2390  Object send P2P result: true
19:12:30.0319 0x2390  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:12:30.0335 0x2390  nvvad_WaveExtensible - ok
19:12:30.0343 0x2390  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:12:30.0360 0x2390  nv_agp - ok
19:12:30.0364 0x2390  oflhqklh - ok
19:12:30.0371 0x2390  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:12:30.0388 0x2390  ohci1394 - ok
19:12:30.0467 0x2390  [ F34655869378762CEEF159E82BE95C3E, 346211DEB3D9C1D4C0688F737BF154A75C986921465FAF04E8CFED48385E64E8 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:12:30.0555 0x2390  Origin Client Service - ok
19:12:30.0557 0x2390  Object required for P2P: [ F34655869378762CEEF159E82BE95C3E ] Origin Client Service
19:12:32.0997 0x2390  Object send P2P result: true
19:12:33.0013 0x2390  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:12:33.0041 0x2390  p2pimsvc - ok
19:12:33.0060 0x2390  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:12:33.0091 0x2390  p2psvc - ok
19:12:33.0099 0x2390  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
19:12:33.0117 0x2390  Parport - ok
19:12:33.0123 0x2390  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
19:12:33.0139 0x2390  partmgr - ok
19:12:33.0149 0x2390  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:12:33.0172 0x2390  PcaSvc - ok
19:12:33.0182 0x2390  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
19:12:33.0201 0x2390  pci - ok
19:12:33.0206 0x2390  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:12:33.0219 0x2390  pciide - ok
19:12:33.0230 0x2390  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:12:33.0251 0x2390  pcmcia - ok
19:12:33.0257 0x2390  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
19:12:33.0272 0x2390  pcw - ok
19:12:33.0298 0x2390  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:12:33.0336 0x2390  PEAUTH - ok
19:12:33.0344 0x2390  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:12:33.0361 0x2390  PerfHost - ok
19:12:33.0418 0x2390  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
19:12:33.0512 0x2390  pla - ok
19:12:33.0532 0x2390  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:12:33.0564 0x2390  PlugPlay - ok
19:12:33.0572 0x2390  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
19:12:33.0586 0x2390  PnkBstrA - ok
19:12:33.0590 0x2390  PnkBstrB - ok
19:12:33.0595 0x2390  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
19:12:33.0613 0x2390  PNRPAutoReg - ok
19:12:33.0628 0x2390  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
19:12:33.0655 0x2390  PNRPsvc - ok
19:12:33.0676 0x2390  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
19:12:33.0739 0x2390  PolicyAgent - ok
19:12:33.0752 0x2390  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
19:12:33.0804 0x2390  Power - ok
19:12:33.0812 0x2390  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:12:33.0860 0x2390  PptpMiniport - ok
19:12:33.0866 0x2390  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
19:12:33.0883 0x2390  Processor - ok
19:12:33.0895 0x2390  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
19:12:33.0918 0x2390  ProfSvc - ok
19:12:33.0923 0x2390  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:12:33.0939 0x2390  ProtectedStorage - ok
19:12:33.0948 0x2390  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:12:33.0997 0x2390  Psched - ok
19:12:34.0001 0x2390  pzlwhhvl - ok
19:12:34.0057 0x2390  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:12:34.0125 0x2390  ql2300 - ok
19:12:34.0135 0x2390  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:12:34.0152 0x2390  ql40xx - ok
19:12:34.0164 0x2390  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
19:12:34.0195 0x2390  QWAVE - ok
19:12:34.0200 0x2390  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:12:34.0222 0x2390  QWAVEdrv - ok
19:12:34.0226 0x2390  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:12:34.0271 0x2390  RasAcd - ok
19:12:34.0277 0x2390  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
19:12:34.0324 0x2390  RasAgileVpn - ok
19:12:34.0331 0x2390  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
19:12:34.0382 0x2390  RasAuto - ok
19:12:34.0392 0x2390  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:34.0440 0x2390  Rasl2tp - ok
19:12:34.0455 0x2390  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:12:34.0514 0x2390  RasMan - ok
19:12:34.0522 0x2390  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:12:34.0571 0x2390  RasPppoe - ok
19:12:34.0577 0x2390  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
19:12:34.0625 0x2390  RasSstp - ok
19:12:34.0640 0x2390  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
19:12:34.0695 0x2390  rdbss - ok
19:12:34.0700 0x2390  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:12:34.0719 0x2390  rdpbus - ok
19:12:34.0722 0x2390  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:34.0767 0x2390  RDPCDD - ok
19:12:34.0772 0x2390  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:12:34.0817 0x2390  RDPENCDD - ok
19:12:34.0824 0x2390  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:12:34.0868 0x2390  RDPREFMP - ok
19:12:34.0875 0x2390  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:12:34.0891 0x2390  RdpVideoMiniport - ok
19:12:34.0901 0x2390  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
19:12:34.0923 0x2390  RDPWD - ok
19:12:34.0935 0x2390  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:12:34.0956 0x2390  rdyboost - ok
19:12:34.0963 0x2390  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:12:35.0014 0x2390  RemoteAccess - ok
19:12:35.0023 0x2390  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:12:35.0075 0x2390  RemoteRegistry - ok
19:12:35.0081 0x2390  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:12:35.0130 0x2390  RpcEptMapper - ok
19:12:35.0134 0x2390  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:12:35.0151 0x2390  RpcLocator - ok
19:12:35.0173 0x2390  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
19:12:35.0236 0x2390  RpcSs - ok
19:12:35.0244 0x2390  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:12:35.0291 0x2390  rspndr - ok
19:12:35.0315 0x2390  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
19:12:35.0345 0x2390  RTL8167 - ok
19:12:35.0350 0x2390  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs          C:\Windows\system32\lsass.exe
19:12:35.0366 0x2390  SamSs - ok
19:12:35.0373 0x2390  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:12:35.0389 0x2390  sbp2port - ok
19:12:35.0400 0x2390  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:12:35.0453 0x2390  SCardSvr - ok
19:12:35.0458 0x2390  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:12:35.0503 0x2390  scfilter - ok
19:12:35.0547 0x2390  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:12:35.0604 0x2390  Schedule - ok
19:12:35.0612 0x2390  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
19:12:35.0658 0x2390  SCPolicySvc - ok
19:12:35.0668 0x2390  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:12:35.0690 0x2390  SDRSVC - ok
19:12:35.0694 0x2390  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:12:35.0710 0x2390  secdrv - ok
19:12:35.0715 0x2390  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:12:35.0761 0x2390  seclogon - ok
19:12:35.0767 0x2390  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:12:35.0816 0x2390  SENS - ok
19:12:35.0820 0x2390  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:12:35.0837 0x2390  SensrSvc - ok
19:12:35.0842 0x2390  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
19:12:35.0857 0x2390  Serenum - ok
19:12:35.0864 0x2390  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:12:35.0882 0x2390  Serial - ok
19:12:35.0887 0x2390  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:12:35.0902 0x2390  sermouse - ok
19:12:35.0917 0x2390  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:12:35.0965 0x2390  SessionEnv - ok
19:12:35.0971 0x2390  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
19:12:35.0989 0x2390  sffdisk - ok
19:12:35.0994 0x2390  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:12:36.0012 0x2390  sffp_mmc - ok
19:12:36.0016 0x2390  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
19:12:36.0035 0x2390  sffp_sd - ok
19:12:36.0040 0x2390  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
19:12:36.0055 0x2390  sfloppy - ok
19:12:36.0071 0x2390  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:12:36.0128 0x2390  SharedAccess - ok
19:12:36.0145 0x2390  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:12:36.0202 0x2390  ShellHWDetection - ok
19:12:36.0208 0x2390  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:12:36.0223 0x2390  SiSRaid2 - ok
19:12:36.0229 0x2390  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:12:36.0246 0x2390  SiSRaid4 - ok
19:12:36.0253 0x2390  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
19:12:36.0301 0x2390  Smb - ok
19:12:36.0309 0x2390  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:12:36.0327 0x2390  SNMPTRAP - ok
19:12:36.0331 0x2390  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
19:12:36.0345 0x2390  spldr - ok
19:12:36.0369 0x2390  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
19:12:36.0405 0x2390  Spooler - ok
19:12:36.0530 0x2390  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:12:36.0701 0x2390  sppsvc - ok
19:12:36.0712 0x2390  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
19:12:36.0761 0x2390  sppuinotify - ok
19:12:36.0781 0x2390  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
19:12:36.0813 0x2390  srv - ok
19:12:36.0832 0x2390  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:12:36.0861 0x2390  srv2 - ok
19:12:36.0871 0x2390  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:12:36.0891 0x2390  srvnet - ok
19:12:36.0902 0x2390  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
19:12:36.0956 0x2390  SSDPSRV - ok
19:12:36.0962 0x2390  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
19:12:37.0011 0x2390  SstpSvc - ok
19:12:37.0027 0x2390  [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0, 7B676B58C26D880320434066B93C7B8372421699C0006806D4E8E0E824124281 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:12:37.0055 0x2390  STacSV - ok
19:12:37.0074 0x2390  [ C368FAF3084E3978462159F1DDAFF54F, F7DD88038E002EF3D2BCA648FE7CF0F92347E901C5F495D8D8E4D24076E895CD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:12:37.0100 0x2390  Stereo Service - ok
19:12:37.0105 0x2390  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:12:37.0119 0x2390  stexstor - ok
19:12:37.0141 0x2390  [ 5709F6AEECC9C43AD9D550FB1D882209, CF4681AE1D6B15340F5A0787E0EFB682AA3CFA15D25741364D8455C040A5997B ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
19:12:37.0176 0x2390  STHDA - ok
19:12:37.0200 0x2390  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:12:37.0244 0x2390  stisvc - ok
19:12:37.0249 0x2390  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:12:37.0262 0x2390  swenum - ok
19:12:37.0284 0x2390  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
19:12:37.0349 0x2390  swprv - ok
19:12:37.0412 0x2390  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain        C:\Windows\system32\sysmain.dll
19:12:37.0492 0x2390  SysMain - ok
19:12:37.0501 0x2390  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:12:37.0528 0x2390  TabletInputService - ok
19:12:37.0544 0x2390  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
19:12:37.0600 0x2390  TapiSrv - ok
19:12:37.0606 0x2390  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
19:12:37.0657 0x2390  TBS - ok
19:12:37.0727 0x2390  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
19:12:37.0810 0x2390  Tcpip - ok
19:12:37.0881 0x2390  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:12:37.0963 0x2390  TCPIP6 - ok
19:12:37.0974 0x2390  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:12:37.0990 0x2390  tcpipreg - ok
19:12:37.0997 0x2390  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:12:38.0014 0x2390  TDPIPE - ok
19:12:38.0018 0x2390  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
19:12:38.0033 0x2390  TDTCP - ok
19:12:38.0041 0x2390  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
19:12:38.0059 0x2390  tdx - ok
19:12:38.0065 0x2390  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:12:38.0080 0x2390  TermDD - ok
19:12:38.0107 0x2390  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
19:12:38.0147 0x2390  TermService - ok
19:12:38.0153 0x2390  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:12:38.0177 0x2390  Themes - ok
19:12:38.0183 0x2390  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
19:12:38.0230 0x2390  THREADORDER - ok
19:12:38.0239 0x2390  [ DA632FAE7B5629032B2C24E1BE29168B, 89327F67F427B12C5DAB664FA88FCA2133C737945C92037945CBF25C5E396587 ] tihub3          C:\Windows\system32\DRIVERS\tihub3.sys
19:12:38.0255 0x2390  tihub3 - ok
19:12:38.0273 0x2390  [ 6AAD465F69632931B6D8D61B287E6DE9, 789837B5241B836F0EFEEF0970062AC965425246DF2B638535B8648CC7EF7DF9 ] tixhci          C:\Windows\system32\DRIVERS\tixhci.sys
19:12:38.0299 0x2390  tixhci - ok
19:12:38.0307 0x2390  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:12:38.0357 0x2390  TrkWks - ok
19:12:38.0367 0x2390  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:12:38.0418 0x2390  TrustedInstaller - ok
19:12:38.0425 0x2390  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:12:38.0441 0x2390  tssecsrv - ok
19:12:38.0446 0x2390  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:12:38.0464 0x2390  TsUsbFlt - ok
19:12:38.0472 0x2390  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:12:38.0519 0x2390  tunnel - ok
19:12:38.0525 0x2390  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:12:38.0541 0x2390  uagp35 - ok
19:12:38.0555 0x2390  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:12:38.0610 0x2390  udfs - ok
19:12:38.0621 0x2390  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
19:12:38.0639 0x2390  UI0Detect - ok
19:12:38.0645 0x2390  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:12:38.0661 0x2390  uliagpkx - ok
19:12:38.0666 0x2390  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
19:12:38.0684 0x2390  umbus - ok
19:12:38.0689 0x2390  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:12:38.0704 0x2390  UmPass - ok
19:12:38.0721 0x2390  [ D03FE25B3B9EFF45582AA0AA37960D68, 835255C1C0F9025FA5015DC3A5A42E4A26DA88AB559EA174D151BBDB8D0E0D2C ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:12:38.0745 0x2390  UNS - ok
19:12:38.0761 0x2390  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:12:38.0820 0x2390  upnphost - ok
19:12:38.0826 0x2390  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
19:12:38.0845 0x2390  USBAAPL64 - ok
19:12:38.0852 0x2390  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:12:38.0871 0x2390  usbaudio - ok
19:12:38.0879 0x2390  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
19:12:38.0897 0x2390  usbccgp - ok
19:12:38.0904 0x2390  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:12:38.0923 0x2390  usbcir - ok
19:12:38.0929 0x2390  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
19:12:38.0946 0x2390  usbehci - ok
19:12:38.0961 0x2390  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:12:38.0987 0x2390  usbhub - ok
19:12:38.0992 0x2390  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
19:12:39.0008 0x2390  usbohci - ok
19:12:39.0013 0x2390  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:12:39.0032 0x2390  usbprint - ok
19:12:39.0039 0x2390  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:12:39.0057 0x2390  USBSTOR - ok
19:12:39.0062 0x2390  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
19:12:39.0078 0x2390  usbuhci - ok
19:12:39.0083 0x2390  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
19:12:39.0130 0x2390  UxSms - ok
19:12:39.0135 0x2390  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
19:12:39.0151 0x2390  VaultSvc - ok
19:12:39.0156 0x2390  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:12:39.0170 0x2390  vdrvroot - ok
19:12:39.0192 0x2390  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
19:12:39.0256 0x2390  vds - ok
19:12:39.0261 0x2390  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
19:12:39.0280 0x2390  vga - ok
19:12:39.0285 0x2390  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
19:12:39.0330 0x2390  VgaSave - ok
19:12:39.0341 0x2390  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
19:12:39.0361 0x2390  vhdmp - ok
19:12:39.0366 0x2390  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:12:39.0379 0x2390  viaide - ok
19:12:39.0385 0x2390  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:12:39.0400 0x2390  volmgr - ok
19:12:39.0416 0x2390  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
19:12:39.0441 0x2390  volmgrx - ok
19:12:39.0455 0x2390  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
19:12:39.0478 0x2390  volsnap - ok
19:12:39.0488 0x2390  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
19:12:39.0506 0x2390  vsmraid - ok
19:12:39.0565 0x2390  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
19:12:39.0668 0x2390  VSS - ok
19:12:39.0682 0x2390  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
19:12:39.0699 0x2390  vssbrigde64 - ok
19:12:39.0704 0x2390  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:12:39.0724 0x2390  vwifibus - ok
19:12:39.0740 0x2390  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
19:12:39.0800 0x2390  W32Time - ok
19:12:39.0808 0x2390  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:12:39.0824 0x2390  WacomPen - ok
19:12:39.0831 0x2390  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:12:39.0877 0x2390  WANARP - ok
19:12:39.0882 0x2390  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:12:39.0928 0x2390  Wanarpv6 - ok
19:12:39.0983 0x2390  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:12:40.0053 0x2390  wbengine - ok
19:12:40.0066 0x2390  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:12:40.0095 0x2390  WbioSrvc - ok
19:12:40.0111 0x2390  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
19:12:40.0147 0x2390  wcncsvc - ok
19:12:40.0152 0x2390  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:12:40.0170 0x2390  WcsPlugInService - ok
19:12:40.0175 0x2390  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:12:40.0188 0x2390  Wd - ok
19:12:40.0218 0x2390  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:12:40.0262 0x2390  Wdf01000 - ok
19:12:40.0270 0x2390  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:12:40.0290 0x2390  WdiServiceHost - ok
19:12:40.0296 0x2390  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
19:12:40.0314 0x2390  WdiSystemHost - ok
19:12:40.0327 0x2390  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient      C:\Windows\System32\webclnt.dll
19:12:40.0353 0x2390  WebClient - ok
19:12:40.0365 0x2390  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:12:40.0419 0x2390  Wecsvc - ok
19:12:40.0426 0x2390  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
19:12:40.0476 0x2390  wercplsupport - ok
19:12:40.0482 0x2390  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:12:40.0531 0x2390  WerSvc - ok
19:12:40.0536 0x2390  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:12:40.0581 0x2390  WfpLwf - ok
19:12:40.0586 0x2390  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:12:40.0599 0x2390  WIMMount - ok
19:12:40.0603 0x2390  WinDefend - ok
19:12:40.0610 0x2390  WinHttpAutoProxySvc - ok
19:12:40.0626 0x2390  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
19:12:40.0679 0x2390  Winmgmt - ok
19:12:40.0753 0x2390  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
19:12:40.0843 0x2390  WinRM - ok
19:12:40.0854 0x2390  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:12:40.0874 0x2390  WinUsb - ok
19:12:40.0908 0x2390  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
19:12:40.0961 0x2390  Wlansvc - ok
19:12:40.0967 0x2390  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
19:12:40.0983 0x2390  WmiAcpi - ok
19:12:40.0997 0x2390  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:12:41.0019 0x2390  wmiApSrv - ok
19:12:41.0023 0x2390  WMPNetworkSvc - ok
19:12:41.0028 0x2390  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:12:41.0046 0x2390  WPCSvc - ok
19:12:41.0053 0x2390  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:12:41.0076 0x2390  WPDBusEnum - ok
19:12:41.0081 0x2390  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
19:12:41.0093 0x2390  WPRO_41_2001 - ok
19:12:41.0098 0x2390  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
19:12:41.0143 0x2390  ws2ifsl - ok
19:12:41.0151 0x2390  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:12:41.0177 0x2390  wscsvc - ok
19:12:41.0181 0x2390  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:12:41.0200 0x2390  WSDPrintDevice - ok
19:12:41.0205 0x2390  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan        C:\Windows\system32\DRIVERS\WSDScan.sys
19:12:41.0221 0x2390  WSDScan - ok
19:12:41.0224 0x2390  WSearch - ok
19:12:41.0319 0x2390  [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:12:41.0430 0x2390  wuauserv - ok
19:12:41.0441 0x2390  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:12:41.0458 0x2390  WudfPf - ok
19:12:41.0469 0x2390  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:12:41.0490 0x2390  WUDFRd - ok
19:12:41.0497 0x2390  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
19:12:41.0516 0x2390  wudfsvc - ok
19:12:41.0528 0x2390  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
19:12:41.0553 0x2390  WwanSvc - ok
19:12:41.0561 0x2390  ================ Scan global ===============================
19:12:41.0566 0x2390  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:12:41.0577 0x2390  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:12:41.0595 0x2390  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:12:41.0606 0x2390  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:12:41.0621 0x2390  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:12:41.0632 0x2390  [ Global ] - ok
19:12:41.0633 0x2390  ================ Scan MBR ==================================
19:12:41.0856 0x2390  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:12:43.0822 0x2390  \Device\Harddisk0\DR0 - ok
19:12:43.0825 0x2390  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:12:43.0931 0x2390  \Device\Harddisk1\DR1 - ok
19:12:43.0932 0x2390  ================ Scan VBR ==================================
19:12:43.0987 0x2390  [ D1B82E0BAB1670109B9D750D6D83D1E1 ] \Device\Harddisk0\DR0\Partition1
19:12:44.0265 0x2390  \Device\Harddisk0\DR0\Partition1 - ok
19:12:44.0268 0x2390  [ 9B2676B1F78F524352FD02F94F660C49 ] \Device\Harddisk1\DR1\Partition1
19:12:44.0270 0x2390  \Device\Harddisk1\DR1\Partition1 - ok
19:12:44.0273 0x2390  [ 722F4A30F499EAB515C29A3F1F971B96 ] \Device\Harddisk1\DR1\Partition2
19:12:44.0274 0x2390  \Device\Harddisk1\DR1\Partition2 - ok
19:12:44.0275 0x2390  ================ Scan generic autorun ======================
19:12:44.0278 0x2390  [ 13392E518730835DC9584C60B04E77C2, E4CF50A5D0777A51CACFBA144CD41621BDE2C4CBB5678C8C2624F7612F9DEE11 ] C:\Program Files\IDT\WDM\beats64.exe
19:12:44.0292 0x2390  BeatsOSDApp - ok
19:12:44.0343 0x2390  [ AD6C376374C21EC68DF33884613D0A05, 65E0668A2A24B9EF2BDABDE044D240F110AEC8B1EF838AB28084B7F899D2A75E ] C:\Program Files\IDT\WDM\sttray64.exe
19:12:44.0410 0x2390  SysTrayApp - ok
19:12:44.0510 0x2390  [ 6BE70A935DFD72F47C29757305B50B1E, 6E76D7CA8C417750C2AFAD45344F5863CEA7798A2993716E21DE1997789D1746 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:12:44.0616 0x2390  NvBackend - ok
19:12:44.0624 0x2390  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:12:44.0643 0x2390  ShadowPlay - ok
19:12:45.0094 0x2390  [ 9AC062437035B077C0F3B1BD738EC82A, DAC42AA903C3A6F7CB196D3D738FFDDADC8BD2138F0703F1DB035337540D53B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:12:45.0562 0x2390  RTHDVCPL - ok
19:12:46.0058 0x2390  [ AC5406D1A6C19D83F92FA22697F3F072, 592BD212F1C0F6FE8605328F2D4A3EA360FF74B42E467E7ED201492A800181C8 ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:12:46.0540 0x2390  Launch LCore - ok
19:12:46.0563 0x2390  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
19:12:46.0579 0x2390  iTunesHelper - ok
19:12:46.0597 0x2390  [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
19:12:46.0623 0x2390  IJNetworkScannerSelectorEX - ok
19:12:46.0636 0x2390  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:12:46.0657 0x2390  USB3MON - ok
19:12:46.0665 0x2390  [ 8D902AF9A35DF48B8821FAA28EE9E72B, 6B2510AE064C4527570CCD06C1DBB32F0E7D37AF7ABC9476FAC1D9C044ECC2B3 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
19:12:46.0680 0x2390  IMSS - ok
19:12:46.0855 0x2390  [ 24F4643941535195B19C962C96067DB8, C5A81D6888EDE79D678AB4A019C0A649481DF7DD5085C02BCBB381FD23C175C1 ] C:\Program Files (x86)\XFastUSB\XFastUsb.exe
19:12:47.0043 0x2390  XFastUSB - ok
19:12:47.0054 0x2390  [ E7861EAA7881E086B2DB88ADF4279D4B, D040BCEC5B7519357D4E28653FC0F9F4FEAA88D291726A0763EA5E84C8C5D840 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:12:47.0067 0x2390  IAStorIcon - ok
19:12:47.0070 0x2390  FireStormStartUpAutoRun - ok
19:12:47.0076 0x2390  [ 08FF7423AC1DB307769931F3F848EAB4, A6AE01143E82F4706DA9D39AA3020823C3A61E2AC73BF0516427B2495A980FD2 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
19:12:47.0084 0x2390  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
19:12:47.0084 0x2390  Detect skipped due to KSN trusted
19:12:47.0084 0x2390  ProductUpdater - ok
19:12:47.0108 0x2390  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:12:47.0140 0x2390  SunJavaUpdateSched - ok
19:12:47.0184 0x2390  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:12:47.0242 0x2390  Sidebar - ok
19:12:47.0250 0x2390  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:12:47.0274 0x2390  mctadmin - ok
19:12:47.0317 0x2390  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:12:47.0374 0x2390  Sidebar - ok
19:12:47.0383 0x2390  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:12:47.0407 0x2390  mctadmin - ok
19:12:47.0419 0x2390  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
19:12:47.0434 0x2390  Dropbox Update - ok
19:12:47.0588 0x2390  [ C87A02743C2606521715E8C9491BAF8F, F8B923C4B75D17B7EBEBB7809B76EA0C2922BB4F6821E7B516DD44207392767B ] C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
19:12:47.0751 0x2390  MyComGames - ok
19:12:47.0773 0x2390  [ 3B3404B6D45BC3E0AEFAC7470D254A8E, E524D7B3F11018C252C8A412937E944B335B9EF6C888FBE71C4B6B5D9BEAF9AF ] C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
19:12:47.0787 0x2390  son-bet - detected UnsignedFile.Multi.Generic ( 1 )
19:12:47.0881 0x2390  son-bet ( UnsignedFile.Multi.Generic ) - warning
19:12:50.0231 0x2390  Wondershare - ok
19:12:50.0241 0x2390  [ 6F733C10600F37B7D01198FB36F07E1A, 16CF3B7FA1AA2BCC7146E4D3A3AB192BBBE6494D47FD0CB014F13FB7EDBEEBD9 ] C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe
19:12:50.0252 0x2390  essay-weekend - detected UnsignedFile.Multi.Generic ( 1 )
19:12:50.0252 0x2390  essay-weekend ( UnsignedFile.Multi.Generic ) - warning
19:12:50.0252 0x2390  Force sending object to P2P due to detect: C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe
19:12:52.0673 0x2390  Object send P2P result: true
19:12:55.0147 0x2390  [ CF15431A5741760D3D39C9F334566D47, 02C62399E89B0AD576F86D525FDA3B7D6C448F8092DFAE7C78915DBEC916ABA7 ] C:\Program Files (x86)\Origin\Origin.exe
19:12:55.0286 0x2390  EADM - ok
19:12:55.0314 0x2390  [ AB7957185EBD519C206947757D76EA0F, 3F1CE131FF08A575DFA2B6C05E5CC3BBDB4B76628FA74FFBBDB04C64B1456311 ] C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe
19:12:55.0340 0x2390  gaasfet-3 - detected UnsignedFile.Multi.Generic ( 1 )
19:12:55.0340 0x2390  gaasfet-3 ( UnsignedFile.Multi.Generic ) - warning
19:12:55.0340 0x2390  Force sending object to P2P due to detect: C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe
19:12:57.0768 0x2390  Object send P2P result: true
19:13:00.0124 0x2390  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
19:13:00.0125 0x2390  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
19:13:02.0476 0x2390  ============================================================
19:13:02.0476 0x2390  Scan finished
19:13:02.0476 0x2390  ============================================================
19:13:02.0482 0x085c  Detected object count: 3
19:13:02.0482 0x085c  Actual detected object count: 3
19:13:42.0868 0x085c  son-bet ( UnsignedFile.Multi.Generic ) - skipped by user
19:13:42.0868 0x085c  son-bet ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:13:42.0869 0x085c  essay-weekend ( UnsignedFile.Multi.Generic ) - skipped by user
19:13:42.0869 0x085c  essay-weekend ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:13:42.0870 0x085c  gaasfet-3 ( UnsignedFile.Multi.Generic ) - skipped by user
19:13:42.0870 0x085c  gaasfet-3 ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:14:04.0372 0x1cd4  Deinitialize success

deeprybka 15.11.2015 19:31
Jo, Kaspersky Internet Security ist da blank...
https://www.virustotal.com/de/file/e...f9af/analysis/

Bitte Scan wiederholen, mit den Parametern aus der Anleitung.

http://deeprybka.trojaner-board.de/tdss/options.PNG

Thorstie 15.11.2015 20:05
Also nochmals alles wiederholt und dann gelöscht. War das richtig so?:confused::daumenhoc

deeprybka 15.11.2015 20:07
Was gelöscht?

Thorstie 15.11.2015 20:10
:crazy:nochmals scannen undd die Logfiles posten? richtig??

deeprybka 15.11.2015 20:11
Die Haken so setzen wie auf dem Bild. Dann Scan, nichts löschen, Log posten.

Thorstie 15.11.2015 20:23
Code:
19:56:17.0510 0x09ec  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
19:56:20.0302 0x09ec  ============================================================
19:56:20.0302 0x09ec  Current date / time: 2015/11/15 19:56:20.0302
19:56:20.0302 0x09ec  SystemInfo:
19:56:20.0302 0x09ec 
19:56:20.0302 0x09ec  OS Version: 6.1.7601 ServicePack: 1.0
19:56:20.0302 0x09ec  Product type: Workstation
19:56:20.0303 0x09ec  ComputerName: PC-THORSTEN
19:56:20.0303 0x09ec  UserName: Thorsten
19:56:20.0303 0x09ec  Windows directory: C:\Windows
19:56:20.0303 0x09ec  System windows directory: C:\Windows
19:56:20.0303 0x09ec  Running under WOW64
19:56:20.0303 0x09ec  Processor architecture: Intel x64
19:56:20.0303 0x09ec  Number of processors: 8
19:56:20.0303 0x09ec  Page size: 0x1000
19:56:20.0303 0x09ec  Boot type: Normal boot
19:56:20.0303 0x09ec  ============================================================
19:56:20.0399 0x09ec  KLMD registered as C:\Windows\system32\drivers\90897780.sys
19:56:20.0607 0x09ec  System UUID: {A274F541-6CED-3FC5-C90F-A0BA68BD3406}
19:56:21.0371 0x09ec  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:21.0563 0x09ec  Drive \Device\Harddisk1\DR1 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:21.0573 0x09ec  ============================================================
19:56:21.0573 0x09ec  \Device\Harddisk0\DR0:
19:56:21.0573 0x09ec  MBR partitions:
19:56:21.0573 0x09ec  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
19:56:21.0573 0x09ec  \Device\Harddisk1\DR1:
19:56:21.0573 0x09ec  MBR partitions:
19:56:21.0573 0x09ec  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:56:21.0573 0x09ec  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
19:56:21.0573 0x09ec  ============================================================
19:56:21.0574 0x09ec  C: <-> \Device\Harddisk1\DR1\Partition2
19:56:21.0597 0x09ec  D: <-> \Device\Harddisk0\DR0\Partition1
19:56:21.0597 0x09ec  ============================================================
19:56:21.0597 0x09ec  Initialize success
19:56:21.0597 0x09ec  ============================================================
19:56:26.0932 0x27c8  ============================================================
19:56:26.0932 0x27c8  Scan started
19:56:26.0932 0x27c8  Mode: Manual; SigCheck; TDLFS;
19:56:26.0932 0x27c8  ============================================================
19:56:26.0932 0x27c8  KSN ping started
19:56:40.0288 0x27c8  KSN ping finished: true
19:56:41.0021 0x27c8  ================ Scan system memory ========================
19:56:41.0021 0x27c8  System memory - ok
19:56:41.0022 0x27c8  ================ Scan services =============================
19:56:41.0065 0x27c8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:56:41.0143 0x27c8  1394ohci - ok
19:56:41.0165 0x27c8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:56:41.0193 0x27c8  ACPI - ok
19:56:41.0198 0x27c8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
19:56:41.0218 0x27c8  AcpiPmi - ok
19:56:41.0226 0x27c8  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
19:56:41.0234 0x27c8  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
19:56:43.0560 0x27c8  Detect skipped due to KSN trusted
19:56:43.0560 0x27c8  Adobe LM Service - ok
19:56:43.0569 0x27c8  [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:43.0585 0x27c8  AdobeARMservice - ok
19:56:43.0618 0x27c8  [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:43.0643 0x27c8  AdobeFlashPlayerUpdateSvc - ok
19:56:43.0672 0x27c8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\DRIVERS\adp94xx.sys
19:56:43.0712 0x27c8  adp94xx - ok
19:56:43.0731 0x27c8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\DRIVERS\adpahci.sys
19:56:43.0764 0x27c8  adpahci - ok
19:56:43.0778 0x27c8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\DRIVERS\adpu320.sys
19:56:43.0802 0x27c8  adpu320 - ok
19:56:43.0813 0x27c8  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
19:56:43.0871 0x27c8  AeLookupSvc - ok
19:56:43.0881 0x27c8  [ A6FB9DB8F1A86861D955FD6975977AE0, 788C6EE50719227D7A9B7F08C8D5E1289FCD0E8AC23A1021A5093D2E8368F696 ] AESTFilters    C:\Program Files\IDT\WDM\AESTSr64.exe
19:56:43.0907 0x27c8  AESTFilters - ok
19:56:43.0932 0x27c8  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD            C:\Windows\system32\drivers\afd.sys
19:56:43.0972 0x27c8  AFD - ok
19:56:43.0980 0x27c8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:56:43.0999 0x27c8  agp440 - ok
19:56:44.0008 0x27c8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
19:56:44.0031 0x27c8  ALG - ok
19:56:44.0036 0x27c8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:56:44.0053 0x27c8  aliide - ok
19:56:44.0059 0x27c8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:56:44.0076 0x27c8  amdide - ok
19:56:44.0083 0x27c8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\DRIVERS\amdk8.sys
19:56:44.0104 0x27c8  AmdK8 - ok
19:56:44.0112 0x27c8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:56:44.0132 0x27c8  AmdPPM - ok
19:56:44.0142 0x27c8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
19:56:44.0163 0x27c8  amdsata - ok
19:56:44.0176 0x27c8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:56:44.0201 0x27c8  amdsbs - ok
19:56:44.0207 0x27c8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
19:56:44.0225 0x27c8  amdxata - ok
19:56:44.0232 0x27c8  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID          C:\Windows\system32\drivers\appid.sys
19:56:44.0252 0x27c8  AppID - ok
19:56:44.0259 0x27c8  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:56:44.0277 0x27c8  AppIDSvc - ok
19:56:44.0285 0x27c8  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo        C:\Windows\System32\appinfo.dll
19:56:44.0306 0x27c8  Appinfo - ok
19:56:44.0317 0x27c8  [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:56:44.0337 0x27c8  Apple Mobile Device Service - ok
19:56:44.0346 0x27c8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\DRIVERS\arc.sys
19:56:44.0367 0x27c8  arc - ok
19:56:44.0377 0x27c8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:56:44.0403 0x27c8  arcsas - ok
19:56:44.0410 0x27c8  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
19:56:44.0439 0x27c8  asahci64 - ok
19:56:44.0459 0x27c8  [ 2AC1E04A3542137F5C28C509FE0EB430, 66E507AB2905505080E32B83693690EA232B7E68204874861FA1C932DA61F0C6 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:56:44.0484 0x27c8  aspnet_state - ok
19:56:44.0490 0x27c8  [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger  C:\Windows\system32\DRIVERS\AsrAppCharger.sys
19:56:44.0506 0x27c8  AsrAppCharger - ok
19:56:44.0513 0x27c8  [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
19:56:44.0528 0x27c8  AsrRamDisk - ok
19:56:44.0535 0x27c8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:44.0592 0x27c8  AsyncMac - ok
19:56:44.0597 0x27c8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
19:56:44.0616 0x27c8  atapi - ok
19:56:44.0645 0x27c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:44.0692 0x27c8  AudioEndpointBuilder - ok
19:56:44.0725 0x27c8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:56:44.0770 0x27c8  AudioSrv - ok
19:56:44.0788 0x27c8  [ 50C3C62FFE6337E6E4F2F01CB07DF63C, CC9C7D2827E872F22A2A79D42195530F61DF6EA6A1C8F520E25DB35537574FAB ] AVP16.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
19:56:44.0811 0x27c8  AVP16.0.0 - ok
19:56:44.0821 0x27c8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:56:44.0850 0x27c8  AxInstSV - ok
19:56:44.0854 0x27c8  AxtuDrv - ok
19:56:44.0879 0x27c8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\DRIVERS\bxvbda.sys
19:56:44.0914 0x27c8  b06bdrv - ok
19:56:44.0931 0x27c8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:44.0959 0x27c8  b57nd60a - ok
19:56:44.0971 0x27c8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:56:44.0992 0x27c8  BDESVC - ok
19:56:44.0997 0x27c8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:56:45.0056 0x27c8  Beep - ok
19:56:45.0088 0x27c8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
19:56:45.0139 0x27c8  BFE - ok
19:56:45.0145 0x27c8  bfrzcslo - ok
19:56:45.0186 0x27c8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:56:45.0279 0x27c8  BITS - ok
19:56:45.0287 0x27c8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:56:45.0306 0x27c8  blbdrive - ok
19:56:45.0331 0x27c8  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:56:45.0363 0x27c8  Bonjour Service - ok
19:56:45.0373 0x27c8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:56:45.0393 0x27c8  bowser - ok
19:56:45.0399 0x27c8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:56:45.0422 0x27c8  BrFiltLo - ok
19:56:45.0427 0x27c8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:56:45.0450 0x27c8  BrFiltUp - ok
19:56:45.0460 0x27c8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
19:56:45.0482 0x27c8  Browser - ok
19:56:45.0500 0x27c8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
19:56:45.0528 0x27c8  Brserid - ok
19:56:45.0535 0x27c8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:45.0559 0x27c8  BrSerWdm - ok
19:56:45.0565 0x27c8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:45.0588 0x27c8  BrUsbMdm - ok
19:56:45.0593 0x27c8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:45.0612 0x27c8  BrUsbSer - ok
19:56:45.0619 0x27c8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:56:45.0646 0x27c8  BTHMODEM - ok
19:56:45.0657 0x27c8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
19:56:45.0722 0x27c8  bthserv - ok
19:56:45.0731 0x27c8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:56:45.0790 0x27c8  cdfs - ok
19:56:45.0801 0x27c8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
19:56:45.0827 0x27c8  cdrom - ok
19:56:45.0835 0x27c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
19:56:45.0894 0x27c8  CertPropSvc - ok
19:56:45.0902 0x27c8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:56:45.0926 0x27c8  circlass - ok
19:56:45.0946 0x27c8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:56:45.0978 0x27c8  CLFS - ok
19:56:45.0987 0x27c8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:56:46.0008 0x27c8  clr_optimization_v2.0.50727_32 - ok
19:56:46.0018 0x27c8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:56:46.0037 0x27c8  clr_optimization_v2.0.50727_64 - ok
19:56:46.0051 0x27c8  [ 19E11CACD01FCB8C63DED05319074420, 7A5972525CC20679A682C738475D968A89E1453BBBF070A18E6216ED7801A3C2 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:56:46.0075 0x27c8  clr_optimization_v4.0.30319_32 - ok
19:56:46.0089 0x27c8  [ F71413E276F4EDA3BFD1B51C1FDBAD5E, 29A1B39F8DB96612442016439D3AC968678298CB46EE95CF2D11C71881353F65 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:56:46.0113 0x27c8  clr_optimization_v4.0.30319_64 - ok
19:56:46.0119 0x27c8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:56:46.0139 0x27c8  CmBatt - ok
19:56:46.0145 0x27c8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:56:46.0162 0x27c8  cmdide - ok
19:56:46.0184 0x27c8  [ B2A6D2A30E93B6F215F74AC7E1733C9C, 960299F7BF2501B46296EDEA050BF30313C17A9B785574B56B79C070BD1B6E1A ] cm_km          C:\Windows\system32\DRIVERS\cm_km.sys
19:56:46.0218 0x27c8  cm_km - ok
19:56:46.0223 0x27c8  [ 84FC81FF9F291A0FC8D10933C1748F66, 46B6C64659A24C1D4917963FECEC2D6AED516C047762F0B4E67651CF8241A7D8 ] CM_VENDER_CMD  C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys
19:56:46.0239 0x27c8  CM_VENDER_CMD - ok
19:56:46.0261 0x27c8  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG            C:\Windows\system32\Drivers\cng.sys
19:56:46.0310 0x27c8  CNG - ok
19:56:46.0317 0x27c8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:56:46.0335 0x27c8  Compbatt - ok
19:56:46.0342 0x27c8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:56:46.0365 0x27c8  CompositeBus - ok
19:56:46.0372 0x27c8  COMSysApp - ok
19:56:46.0380 0x27c8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\DRIVERS\crcdisk.sys
19:56:46.0397 0x27c8  crcdisk - ok
19:56:46.0412 0x27c8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:56:46.0440 0x27c8  CryptSvc - ok
19:56:46.0469 0x27c8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:56:46.0548 0x27c8  DcomLaunch - ok
19:56:46.0567 0x27c8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
19:56:46.0640 0x27c8  defragsvc - ok
19:56:46.0790 0x27c8  [ 0B24043732807EE3AA25389356F4DE7C, 6A9A65B38968FF704C3938BEF5E6C1226447FF4F78997473B1694EA8D3D519DF ] DevoloNetworkService C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
19:56:46.0944 0x27c8  DevoloNetworkService - ok
19:56:46.0957 0x27c8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:56:47.0006 0x27c8  DfsC - ok
19:56:47.0024 0x27c8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:56:47.0051 0x27c8  Dhcp - ok
19:56:47.0057 0x27c8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:56:47.0103 0x27c8  discache - ok
19:56:47.0110 0x27c8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:56:47.0129 0x27c8  Disk - ok
19:56:47.0143 0x27c8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:56:47.0167 0x27c8  Dnscache - ok
19:56:47.0180 0x27c8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
19:56:47.0242 0x27c8  dot3svc - ok
19:56:47.0254 0x27c8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
19:56:47.0309 0x27c8  DPS - ok
19:56:47.0314 0x27c8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
19:56:47.0329 0x27c8  drmkaud - ok
19:56:47.0368 0x27c8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
19:56:47.0418 0x27c8  DXGKrnl - ok
19:56:47.0428 0x27c8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
19:56:47.0478 0x27c8  EapHost - ok
19:56:47.0600 0x27c8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\DRIVERS\evbda.sys
19:56:47.0738 0x27c8  ebdrv - ok
19:56:47.0748 0x27c8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS            C:\Windows\System32\lsass.exe
19:56:47.0764 0x27c8  EFS - ok
19:56:47.0792 0x27c8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
19:56:47.0835 0x27c8  ehRecvr - ok
19:56:47.0845 0x27c8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
19:56:47.0869 0x27c8  ehSched - ok
19:56:47.0892 0x27c8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\DRIVERS\elxstor.sys
19:56:47.0925 0x27c8  elxstor - ok
19:56:47.0932 0x27c8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:56:47.0950 0x27c8  ErrDev - ok
19:56:47.0972 0x27c8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
19:56:48.0032 0x27c8  EventSystem - ok
19:56:48.0043 0x27c8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
19:56:48.0095 0x27c8  exfat - ok
19:56:48.0107 0x27c8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
19:56:48.0158 0x27c8  fastfat - ok
19:56:48.0186 0x27c8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
19:56:48.0224 0x27c8  Fax - ok
19:56:48.0230 0x27c8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\DRIVERS\fdc.sys
19:56:48.0246 0x27c8  fdc - ok
19:56:48.0251 0x27c8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
19:56:48.0297 0x27c8  fdPHost - ok
19:56:48.0302 0x27c8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:56:48.0353 0x27c8  FDResPub - ok
19:56:48.0362 0x27c8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:56:48.0377 0x27c8  FileInfo - ok
19:56:48.0381 0x27c8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
19:56:48.0426 0x27c8  Filetrace - ok
19:56:48.0431 0x27c8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:56:48.0446 0x27c8  flpydisk - ok
19:56:48.0460 0x27c8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:56:48.0483 0x27c8  FltMgr - ok
19:56:48.0489 0x27c8  [ 508401A63E6B1CBF0B9C9A011498731F, F636B0A9C0EB6AE7EC04E5C5FD8A0578AEB76A1B0D974F355BCE6B6091901725 ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
19:56:48.0502 0x27c8  FNETTBOH_305 - ok
19:56:48.0506 0x27c8  [ E341178C116DAC6A3A764587E68DFA7B, 91B4C79057908A622666FF069CF1C7ECA42952A6587432F5E99E33E8B19D29AF ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
19:56:48.0519 0x27c8  FNETURPX - ok
19:56:48.0565 0x27c8  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache      C:\Windows\system32\FntCache.dll
19:56:48.0633 0x27c8  FontCache - ok
19:56:48.0640 0x27c8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:56:48.0653 0x27c8  FontCache3.0.0.0 - ok
19:56:48.0658 0x27c8  [ E495069F9FABD7D36BB743DB1FE5FB09, AE1505579453846B6876A5F2A9D480835FC349B44F592BD0C003FAE762EC4C4A ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
19:56:48.0663 0x27c8  FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
19:56:50.0996 0x27c8  Detect skipped due to KSN trusted
19:56:50.0996 0x27c8  FreemakeVideoCapture - ok
19:56:51.0002 0x27c8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
19:56:51.0018 0x27c8  FsDepends - ok
19:56:51.0023 0x27c8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:56:51.0037 0x27c8  Fs_Rec - ok
19:56:51.0048 0x27c8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:56:51.0073 0x27c8  fvevol - ok
19:56:51.0080 0x27c8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:56:51.0095 0x27c8  gagp30kx - ok
19:56:51.0140 0x27c8  [ B17D0BDBDDF4BD4709D6CA3147D409C0, B83F0D9891190226D2D7D50DE27B61B5FC04B6942C37B78856C45B3309527D9B ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
19:56:51.0206 0x27c8  GfExperienceService - ok
19:56:51.0240 0x27c8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
19:56:51.0313 0x27c8  gpsvc - ok
19:56:51.0324 0x27c8  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:51.0347 0x27c8  gupdate - ok
19:56:51.0354 0x27c8  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:56:51.0368 0x27c8  gupdatem - ok
19:56:51.0378 0x27c8  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc          C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:56:51.0396 0x27c8  gusvc - ok
19:56:51.0401 0x27c8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:56:51.0416 0x27c8  hcw85cir - ok
19:56:51.0432 0x27c8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:51.0468 0x27c8  HdAudAddService - ok
19:56:51.0477 0x27c8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:51.0500 0x27c8  HDAudBus - ok
19:56:51.0505 0x27c8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\DRIVERS\HidBatt.sys
19:56:51.0523 0x27c8  HidBatt - ok
19:56:51.0531 0x27c8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:56:51.0554 0x27c8  HidBth - ok
19:56:51.0560 0x27c8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\DRIVERS\hidir.sys
19:56:51.0580 0x27c8  HidIr - ok
19:56:51.0587 0x27c8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\system32\hidserv.dll
19:56:51.0641 0x27c8  hidserv - ok
19:56:51.0647 0x27c8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:56:51.0675 0x27c8  HidUsb - ok
19:56:51.0679 0x27c8  hjaqokbf - ok
19:56:51.0687 0x27c8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:56:51.0735 0x27c8  hkmsvc - ok
19:56:51.0748 0x27c8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:51.0770 0x27c8  HomeGroupListener - ok
19:56:51.0780 0x27c8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:51.0808 0x27c8  HomeGroupProvider - ok
19:56:51.0815 0x27c8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:56:51.0832 0x27c8  HpSAMD - ok
19:56:51.0839 0x27c8  [ B6639BF8236BDD3427B10C581332BE71, A6A9DB37BB83C70F01E7D99CA4891FD32F93A96C84215CFCC85AF41625C1023C ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
19:56:51.0854 0x27c8  HPSupportSolutionsFrameworkService - ok
19:56:51.0886 0x27c8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:56:51.0938 0x27c8  HTTP - ok
19:56:51.0945 0x27c8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:56:51.0961 0x27c8  hwpolicy - ok
19:56:51.0969 0x27c8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:51.0994 0x27c8  i8042prt - ok
19:56:52.0022 0x27c8  [ 26CF4275034214ECEDD8EC17B0A18A99, 95A08C63971C28F1BC97040C0ADA247E3B43DE7D937B14E33A394B955D0AC8B7 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
19:56:52.0066 0x27c8  iaStor - ok
19:56:52.0096 0x27c8  [ 6C91E425ACE29594BD574DE38AC9B76D, 697784E4C7AF08B1F35662D8AD871E6890CECE22B6E64985B7C1A66C10DA390D ] iaStorA        C:\Windows\system32\DRIVERS\iaStorA.sys
19:56:52.0139 0x27c8  iaStorA - ok
19:56:52.0148 0x27c8  [ 0AB254994A460550258446950BB58311, BD10811912680DD3B814B7D1303785C996D892C79108110A2257E9BD0C28245C ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:56:52.0160 0x27c8  IAStorDataMgrSvc - ok
19:56:52.0165 0x27c8  [ 2B38F13E18E272459CD2CE83E6722C12, 58FB127C05FF7399F88F3B53CE4B460A7D3EA739AFCD273C0E687053BBA074D6 ] iaStorF        C:\Windows\system32\DRIVERS\iaStorF.sys
19:56:52.0176 0x27c8  iaStorF - ok
19:56:52.0195 0x27c8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
19:56:52.0228 0x27c8  iaStorV - ok
19:56:52.0274 0x27c8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:56:52.0335 0x27c8  idsvc - ok
19:56:52.0341 0x27c8  IEEtwCollectorService - ok
19:56:52.0347 0x27c8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\DRIVERS\iirsp.sys
19:56:52.0364 0x27c8  iirsp - ok
19:56:52.0370 0x27c8  [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
19:56:52.0383 0x27c8  ikbevent - ok
19:56:52.0426 0x27c8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:56:52.0479 0x27c8  IKEEXT - ok
19:56:52.0486 0x27c8  ilnicvuq - ok
19:56:52.0492 0x27c8  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
19:56:52.0504 0x27c8  imsevent - ok
19:56:52.0684 0x27c8  [ 6BDCC85422817FA53CD705ADE312CE6A, 2EBEDF34493B4AE34442A89ACBCDB2C39447F21FBB015BDD7935DE95DD217CD0 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:56:52.0885 0x27c8  IntcAzAudAddService - ok
19:56:52.0920 0x27c8  [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:56:52.0954 0x27c8  Intel(R) Capability Licensing Service Interface - ok
19:56:52.0963 0x27c8  [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:56:52.0977 0x27c8  Intel(R) ME Service - ok
19:56:52.0982 0x27c8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:56:52.0999 0x27c8  intelide - ok
19:56:53.0005 0x27c8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:56:53.0022 0x27c8  intelppm - ok
19:56:53.0029 0x27c8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
19:56:53.0083 0x27c8  IPBusEnum - ok
19:56:53.0092 0x27c8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:53.0149 0x27c8  IpFilterDriver - ok
19:56:53.0175 0x27c8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:56:53.0216 0x27c8  iphlpsvc - ok
19:56:53.0225 0x27c8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
19:56:53.0243 0x27c8  IPMIDRV - ok
19:56:53.0252 0x27c8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
19:56:53.0303 0x27c8  IPNAT - ok
19:56:53.0330 0x27c8  [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:56:53.0379 0x27c8  iPod Service - ok
19:56:53.0392 0x27c8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:56:53.0422 0x27c8  IRENUM - ok
19:56:53.0435 0x27c8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:56:53.0453 0x27c8  isapnp - ok
19:56:53.0469 0x27c8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:56:53.0497 0x27c8  iScsiPrt - ok
19:56:53.0503 0x27c8  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
19:56:53.0519 0x27c8  ISCT - ok
19:56:53.0528 0x27c8  [ 6F60B7AD044924B8C1E32D692C593612, 93EFBC2EC24E7B4B908010955F1B9A6DC231C7A4B55BE0D2DC6103E2A5457EC6 ] ISCTAgent      C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
19:56:53.0546 0x27c8  ISCTAgent - ok
19:56:53.0553 0x27c8  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:56:53.0565 0x27c8  iusb3hcs - ok
19:56:53.0585 0x27c8  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
19:56:53.0612 0x27c8  iusb3hub - ok
19:56:53.0652 0x27c8  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:56:53.0706 0x27c8  iusb3xhc - ok
19:56:53.0715 0x27c8  [ BD5BF20EC242E003A2F570B8754A56D1, B4B3492222E98BF8E6EC453E727187FF4AA50A508D1E88A0CBBD5C46355AE492 ] ivusb          C:\Windows\system32\DRIVERS\ivusb.sys
19:56:53.0730 0x27c8  ivusb - ok
19:56:53.0741 0x27c8  [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:56:53.0764 0x27c8  jhi_service - ok
19:56:53.0772 0x27c8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:53.0791 0x27c8  kbdclass - ok
19:56:53.0797 0x27c8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:56:53.0821 0x27c8  kbdhid - ok
19:56:53.0827 0x27c8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
19:56:53.0847 0x27c8  KeyIso - ok
19:56:53.0871 0x27c8  [ BEE1682DA217A4AD46C36896769AA580, 4D853D78E459F7BFE4F4217FCAD47CDACFAC19C2F6CF8261FBAA46BDB387FFDC ] kl1            C:\Windows\system32\DRIVERS\kl1.sys
19:56:53.0913 0x27c8  kl1 - ok
19:56:53.0922 0x27c8  [ 86F40D79CE80ACBE6BEBAC8CE89D75A0, 8B800425160D1AF3C32EF7B5CA794658EE09CD3EE782473D8D38E1C7706076B3 ] klbackupdisk    C:\Windows\system32\DRIVERS\klbackupdisk.sys
19:56:53.0943 0x27c8  klbackupdisk - ok
19:56:53.0952 0x27c8  [ C80861511ADA03A65DC12FAA207592F8, 2B50E009DB0D050099E558B7510104B930966EE8BB94CC0F62D1BFD765D5C7AD ] klbackupflt    C:\Windows\system32\DRIVERS\klbackupflt.sys
19:56:53.0975 0x27c8  klbackupflt - ok
19:56:53.0983 0x27c8  [ 1557DF622127972EDB3DD3A61E7763CC, F6E8F31760B549B882180EB6FB45B40CA6CEDC5E61B11E02609C26E053F7C902 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
19:56:54.0001 0x27c8  kldisk - ok
19:56:54.0012 0x27c8  [ DE7D2DEDE9C9D5219AA439172BA8D21C, B4573553DF8605A6C9417683B6AA12A596E8777175C39567B91BF03CE895D625 ] klflt          C:\Windows\system32\DRIVERS\klflt.sys
19:56:54.0040 0x27c8  klflt - ok
19:56:54.0054 0x27c8  [ C62B714428FD30DD7B3115566C3F470B, 991CA0FCA02D744BAB29FF3F0029BC99EF85C7D8B8024EF5EF51589639191B05 ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
19:56:54.0080 0x27c8  klhk - ok
19:56:54.0124 0x27c8  [ 11586A6A85FF124F53E1435A34DD1707, 6291C3519EA53ACAA0594DAF4EDA41E1201F6CA9C7B0EF0B54CEF7BDB5DCD080 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
19:56:54.0181 0x27c8  KLIF - ok
19:56:54.0191 0x27c8  [ 3553584440A11136C899B67ACC8CBE9D, B3D6D2E78B0FF0AF5A98E708D977978EA81E99D78F2E9CA2145B466AB4B11342 ] KLIM6          C:\Windows\system32\DRIVERS\klim6.sys
19:56:54.0210 0x27c8  KLIM6 - ok
19:56:54.0218 0x27c8  [ 22C4E9381C60DA78161FA042FDBA6873, B6CC05C1401E788BCCC8CF668216D9B78A8B51409D3CFBF419047933195062E0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
19:56:54.0237 0x27c8  klkbdflt - ok
19:56:54.0241 0x27c8  klkbdflt2 - ok
19:56:54.0249 0x27c8  [ D792857D47B8DF5BFEC02534C1933BE2, BDD483FA8E2DC50DB4E54D475867455F0D7E115494E2A31CD27A065C7EC26951 ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
19:56:54.0265 0x27c8  klmouflt - ok
19:56:54.0272 0x27c8  [ F610F5F17BC87D61EF8954CCD793BAE4, A77FE26B4A474FE799C3D569BDD7858319C57FC14C1BB43ECFAB1FDB19AF5DC6 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
19:56:54.0293 0x27c8  klpd - ok
19:56:54.0301 0x27c8  [ B36DEE2A91F9388C4D3ED744592DE81D, 78D64539A375C80250FB9FA5E1DDA208B331A85916E19ED1353623DDF750EC58 ] kltdi          C:\Windows\system32\DRIVERS\kltdi.sys
19:56:54.0321 0x27c8  kltdi - ok
19:56:54.0330 0x27c8  [ 2AA3537309C2B9A7F120FB9E6A38250A, 6FD904542E0A21C4D6E46FB3EE11789938B90151D24531EB5319E62759D225DF ] Klwtp          C:\Windows\system32\DRIVERS\klwtp.sys
19:56:54.0353 0x27c8  Klwtp - ok
19:56:54.0364 0x27c8  [ 1686DE8288052316EFDD49EEA8929065, AD43D6ACCD8693BD76F218E1A4EE088BA061C1309A3E7DAA7EC94D875985D895 ] kneps          C:\Windows\system32\DRIVERS\kneps.sys
19:56:54.0387 0x27c8  kneps - ok
19:56:54.0396 0x27c8  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:56:54.0415 0x27c8  KSecDD - ok
19:56:54.0426 0x27c8  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
19:56:54.0448 0x27c8  KSecPkg - ok
19:56:54.0454 0x27c8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
19:56:54.0509 0x27c8  ksthunk - ok
19:56:54.0530 0x27c8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
19:56:54.0605 0x27c8  KtmRm - ok
19:56:54.0626 0x27c8  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
19:56:54.0659 0x27c8  LADF_CaptureOnly - ok
19:56:54.0669 0x27c8  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
19:56:54.0688 0x27c8  LADF_RenderOnly - ok
19:56:54.0705 0x27c8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:56:54.0772 0x27c8  LanmanServer - ok
19:56:54.0783 0x27c8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:54.0846 0x27c8  LanmanWorkstation - ok
19:56:54.0856 0x27c8  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
19:56:54.0870 0x27c8  LGBusEnum - ok
19:56:54.0878 0x27c8  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
19:56:54.0894 0x27c8  LGSHidFilt - ok
19:56:54.0900 0x27c8  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:56:54.0912 0x27c8  LGVirHid - ok
19:56:54.0920 0x27c8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:56:54.0982 0x27c8  lltdio - ok
19:56:54.0998 0x27c8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
19:56:55.0071 0x27c8  lltdsvc - ok
19:56:55.0079 0x27c8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
19:56:55.0140 0x27c8  lmhosts - ok
19:56:55.0155 0x27c8  [ 6B5938A0B2C0855E2BFE77793A982EB5, A3D8174E3A3AC521EE6B03BD674069AC858320DEEE7CAE82DBCD64942D08F721 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:56:55.0179 0x27c8  LMS - ok
19:56:55.0192 0x27c8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:56:55.0213 0x27c8  LSI_FC - ok
19:56:55.0222 0x27c8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\DRIVERS\lsi_sas.sys
19:56:55.0243 0x27c8  LSI_SAS - ok
19:56:55.0251 0x27c8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:56:55.0269 0x27c8  LSI_SAS2 - ok
19:56:55.0280 0x27c8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:56:55.0302 0x27c8  LSI_SCSI - ok
19:56:55.0313 0x27c8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
19:56:55.0383 0x27c8  luafv - ok
19:56:55.0389 0x27c8  lwohbkep - ok
19:56:55.0397 0x27c8  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
19:56:55.0415 0x27c8  MBfilt - ok
19:56:55.0425 0x27c8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
19:56:55.0448 0x27c8  Mcx2Svc - ok
19:56:55.0454 0x27c8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\DRIVERS\megasas.sys
19:56:55.0471 0x27c8  megasas - ok
19:56:55.0487 0x27c8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:56:55.0519 0x27c8  MegaSR - ok
19:56:55.0528 0x27c8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:56:55.0546 0x27c8  MEIx64 - ok
19:56:55.0554 0x27c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
19:56:55.0614 0x27c8  MMCSS - ok
19:56:55.0623 0x27c8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
19:56:55.0688 0x27c8  Modem - ok
19:56:55.0695 0x27c8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
19:56:55.0722 0x27c8  monitor - ok
19:56:55.0728 0x27c8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:56:55.0747 0x27c8  mouclass - ok
19:56:55.0753 0x27c8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:56:55.0774 0x27c8  mouhid - ok
19:56:55.0783 0x27c8  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:56:55.0803 0x27c8  mountmgr - ok
19:56:55.0814 0x27c8  [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:56:55.0836 0x27c8  MozillaMaintenance - ok
19:56:55.0848 0x27c8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:56:55.0871 0x27c8  mpio - ok
19:56:55.0879 0x27c8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:56:55.0946 0x27c8  mpsdrv - ok
19:56:55.0989 0x27c8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:56:56.0085 0x27c8  MpsSvc - ok
19:56:56.0100 0x27c8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:56:56.0125 0x27c8  MRxDAV - ok
19:56:56.0138 0x27c8  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:56.0164 0x27c8  mrxsmb - ok
19:56:56.0180 0x27c8  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:56.0212 0x27c8  mrxsmb10 - ok
19:56:56.0223 0x27c8  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:56.0249 0x27c8  mrxsmb20 - ok
19:56:56.0255 0x27c8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:56:56.0275 0x27c8  msahci - ok
19:56:56.0286 0x27c8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
19:56:56.0309 0x27c8  msdsm - ok
19:56:56.0321 0x27c8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
19:56:56.0348 0x27c8  MSDTC - ok
19:56:56.0359 0x27c8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:56:56.0417 0x27c8  Msfs - ok
19:56:56.0424 0x27c8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
19:56:56.0484 0x27c8  mshidkmdf - ok
19:56:56.0491 0x27c8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:56:56.0508 0x27c8  msisadrv - ok
19:56:56.0521 0x27c8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
19:56:56.0595 0x27c8  MSiSCSI - ok
19:56:56.0600 0x27c8  msiserver - ok
19:56:56.0607 0x27c8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
19:56:56.0668 0x27c8  MSKSSRV - ok
19:56:56.0674 0x27c8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:56.0735 0x27c8  MSPCLOCK - ok
19:56:56.0742 0x27c8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
19:56:56.0804 0x27c8  MSPQM - ok
19:56:56.0826 0x27c8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
19:56:56.0857 0x27c8  MsRPC - ok
19:56:56.0866 0x27c8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:56:56.0883 0x27c8  mssmbios - ok
19:56:56.0888 0x27c8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
19:56:56.0943 0x27c8  MSTEE - ok
19:56:56.0948 0x27c8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:56:56.0966 0x27c8  MTConfig - ok
19:56:56.0973 0x27c8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
19:56:56.0993 0x27c8  Mup - ok
19:56:57.0017 0x27c8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:56:57.0089 0x27c8  napagent - ok
19:56:57.0109 0x27c8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
19:56:57.0147 0x27c8  NativeWifiP - ok
19:56:57.0192 0x27c8  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:56:57.0251 0x27c8  NDIS - ok
19:56:57.0260 0x27c8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:57.0318 0x27c8  NdisCap - ok
19:56:57.0324 0x27c8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:57.0386 0x27c8  NdisTapi - ok
19:56:57.0394 0x27c8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:57.0453 0x27c8  Ndisuio - ok
19:56:57.0467 0x27c8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:57.0529 0x27c8  NdisWan - ok
19:56:57.0538 0x27c8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
19:56:57.0595 0x27c8  NDProxy - ok
19:56:57.0601 0x27c8  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl        C:\Windows\system32\DRIVERS\netaapl64.sys
19:56:57.0620 0x27c8  Netaapl - ok
19:56:57.0626 0x27c8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
19:56:57.0688 0x27c8  NetBIOS - ok
19:56:57.0705 0x27c8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
19:56:57.0768 0x27c8  NetBT - ok
19:56:57.0776 0x27c8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
19:56:57.0795 0x27c8  Netlogon - ok
19:56:57.0813 0x27c8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:56:57.0885 0x27c8  Netman - ok
19:56:57.0897 0x27c8  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:57.0922 0x27c8  NetMsmqActivator - ok
19:56:57.0931 0x27c8  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:57.0955 0x27c8  NetPipeActivator - ok
19:56:57.0978 0x27c8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:56:58.0057 0x27c8  netprofm - ok
19:56:58.0067 0x27c8  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:58.0093 0x27c8  NetTcpActivator - ok
19:56:58.0102 0x27c8  [ E8892A34670A85B9F8CAF901D32FEF38, 8AE54AC3A03872601A3B55EA4F4AB3B90BBB433B4C0B69B70E1A517D9B48E5F3 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:56:58.0125 0x27c8  NetTcpPortSharing - ok
19:56:58.0133 0x27c8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\DRIVERS\nfrd960.sys
19:56:58.0150 0x27c8  nfrd960 - ok
19:56:58.0165 0x27c8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:56:58.0197 0x27c8  NlaSvc - ok
19:56:58.0204 0x27c8  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf            C:\Windows\system32\drivers\npf.sys
19:56:58.0219 0x27c8  npf - ok
19:56:58.0226 0x27c8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:56:58.0288 0x27c8  Npfs - ok
19:56:58.0310 0x27c8  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
19:56:58.0327 0x27c8  NPF_devolo - ok
19:56:58.0333 0x27c8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
19:56:58.0392 0x27c8  nsi - ok
19:56:58.0399 0x27c8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:56:58.0453 0x27c8  nsiproxy - ok
19:56:58.0529 0x27c8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:56:58.0615 0x27c8  Ntfs - ok
19:56:58.0625 0x27c8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:56:58.0679 0x27c8  Null - ok
19:56:58.0692 0x27c8  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
19:56:58.0716 0x27c8  NVHDA - ok
19:56:59.0191 0x27c8  [ 36BAB895547EA82892292F05FA02142E, 224D165CE3ECB0EF35C18D09507AB43ADC4A7AD12E507F31230012943C83BEDB ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:56:59.0748 0x27c8  nvlddmkm - ok
19:56:59.0848 0x27c8  [ C2909BD26906E1D05D77B1D48B48E94A, 5642571FFDBDC63F0E3B1477337103517ABF7C50EBEDA63EF8E162E44C7B2538 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
19:56:59.0949 0x27c8  NvNetworkService - ok
19:56:59.0964 0x27c8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:56:59.0989 0x27c8  nvraid - ok
19:57:00.0002 0x27c8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:57:00.0026 0x27c8  nvstor - ok
19:57:00.0033 0x27c8  [ 60C9EC53F9CFBFBE38E9C79B88A6B19F, D89D6C62AB0A3224D850B639E4D7D7265BF183BEE0C60F27FEDDF0194504B078 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
19:57:00.0049 0x27c8  NvStreamKms - ok
19:57:00.0245 0x27c8  [ 5A773713C332F8760ABB915C24675E8F, DA453D341529B34188D5B235B17BD0FDAE84129539FC212F34B9FCC42DC0549C ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
19:57:00.0468 0x27c8  NvStreamSvc - ok
19:57:00.0522 0x27c8  [ 6B245B7F96F901891636814B5A7A9088, BC6DF13929AEBA2CF5DC8449FF9D5F73497DF8E9760AFA93B56543D86BE940C3 ] nvsvc          C:\Windows\system32\nvvsvc.exe
19:57:00.0577 0x27c8  nvsvc - ok
19:57:00.0587 0x27c8  [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
19:57:00.0606 0x27c8  nvvad_WaveExtensible - ok
19:57:00.0617 0x27c8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:57:00.0638 0x27c8  nv_agp - ok
19:57:00.0643 0x27c8  oflhqklh - ok
19:57:00.0651 0x27c8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:57:00.0670 0x27c8  ohci1394 - ok
19:57:00.0759 0x27c8  [ F34655869378762CEEF159E82BE95C3E, 346211DEB3D9C1D4C0688F737BF154A75C986921465FAF04E8CFED48385E64E8 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
19:57:00.0851 0x27c8  Origin Client Service - ok
19:57:00.0875 0x27c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:57:00.0913 0x27c8  p2pimsvc - ok
19:57:00.0937 0x27c8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:57:00.0972 0x27c8  p2psvc - ok
19:57:00.0983 0x27c8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\DRIVERS\parport.sys
19:57:01.0006 0x27c8  Parport - ok
19:57:01.0015 0x27c8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
19:57:01.0034 0x27c8  partmgr - ok
19:57:01.0046 0x27c8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:57:01.0069 0x27c8  PcaSvc - ok
19:57:01.0081 0x27c8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
19:57:01.0104 0x27c8  pci - ok
19:57:01.0110 0x27c8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:57:01.0126 0x27c8  pciide - ok
19:57:01.0140 0x27c8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:57:01.0166 0x27c8  pcmcia - ok
19:57:01.0173 0x27c8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
19:57:01.0193 0x27c8  pcw - ok
19:57:01.0224 0x27c8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:57:01.0266 0x27c8  PEAUTH - ok
19:57:01.0278 0x27c8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:57:01.0303 0x27c8  PerfHost - ok
19:57:01.0374 0x27c8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
19:57:01.0487 0x27c8  pla - ok
19:57:01.0512 0x27c8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:57:01.0548 0x27c8  PlugPlay - ok
19:57:01.0557 0x27c8  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
19:57:01.0575 0x27c8  PnkBstrA - ok
19:57:01.0580 0x27c8  PnkBstrB - ok
19:57:01.0587 0x27c8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
19:57:01.0607 0x27c8  PNRPAutoReg - ok
19:57:01.0623 0x27c8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
19:57:01.0653 0x27c8  PNRPsvc - ok
19:57:01.0679 0x27c8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
19:57:01.0756 0x27c8  PolicyAgent - ok
19:57:01.0774 0x27c8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
19:57:01.0837 0x27c8  Power - ok
19:57:01.0848 0x27c8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:57:01.0910 0x27c8  PptpMiniport - ok
19:57:01.0919 0x27c8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\DRIVERS\processr.sys
19:57:01.0943 0x27c8  Processor - ok
19:57:01.0956 0x27c8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
19:57:01.0985 0x27c8  ProfSvc - ok
19:57:01.0991 0x27c8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:57:02.0009 0x27c8  ProtectedStorage - ok
19:57:02.0019 0x27c8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:57:02.0079 0x27c8  Psched - ok
19:57:02.0086 0x27c8  pzlwhhvl - ok
19:57:02.0151 0x27c8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:57:02.0236 0x27c8  ql2300 - ok
19:57:02.0250 0x27c8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:57:02.0271 0x27c8  ql40xx - ok
19:57:02.0286 0x27c8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
19:57:02.0329 0x27c8  QWAVE - ok
19:57:02.0338 0x27c8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:57:02.0368 0x27c8  QWAVEdrv - ok
19:57:02.0373 0x27c8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:57:02.0433 0x27c8  RasAcd - ok
19:57:02.0442 0x27c8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
19:57:02.0503 0x27c8  RasAgileVpn - ok
19:57:02.0513 0x27c8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
19:57:02.0579 0x27c8  RasAuto - ok
19:57:02.0590 0x27c8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
19:57:02.0653 0x27c8  Rasl2tp - ok
19:57:02.0674 0x27c8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:57:02.0751 0x27c8  RasMan - ok
19:57:02.0761 0x27c8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:57:02.0819 0x27c8  RasPppoe - ok
19:57:02.0828 0x27c8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
19:57:02.0882 0x27c8  RasSstp - ok
19:57:02.0900 0x27c8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
19:57:02.0976 0x27c8  rdbss - ok
19:57:02.0983 0x27c8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:57:03.0007 0x27c8  rdpbus - ok
19:57:03.0012 0x27c8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:57:03.0068 0x27c8  RDPCDD - ok
19:57:03.0076 0x27c8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:57:03.0133 0x27c8  RDPENCDD - ok
19:57:03.0144 0x27c8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:57:03.0202 0x27c8  RDPREFMP - ok
19:57:03.0211 0x27c8  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:57:03.0230 0x27c8  RdpVideoMiniport - ok
19:57:03.0242 0x27c8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
19:57:03.0267 0x27c8  RDPWD - ok
19:57:03.0280 0x27c8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:57:03.0305 0x27c8  rdyboost - ok
19:57:03.0314 0x27c8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:57:03.0374 0x27c8  RemoteAccess - ok
19:57:03.0387 0x27c8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:57:03.0448 0x27c8  RemoteRegistry - ok
19:57:03.0457 0x27c8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:57:03.0522 0x27c8  RpcEptMapper - ok
19:57:03.0529 0x27c8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:57:03.0551 0x27c8  RpcLocator - ok
19:57:03.0577 0x27c8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
19:57:03.0677 0x27c8  RpcSs - ok
19:57:03.0688 0x27c8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:57:03.0758 0x27c8  rspndr - ok
19:57:03.0783 0x27c8  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
19:57:03.0814 0x27c8  RTL8167 - ok
19:57:03.0821 0x27c8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs          C:\Windows\system32\lsass.exe
19:57:03.0842 0x27c8  SamSs - ok
19:57:03.0853 0x27c8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:57:03.0870 0x27c8  sbp2port - ok
19:57:03.0886 0x27c8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:57:03.0946 0x27c8  SCardSvr - ok
19:57:03.0957 0x27c8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:57:04.0003 0x27c8  scfilter - ok
19:57:04.0056 0x27c8  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
19:57:04.0131 0x27c8  Schedule - ok
19:57:04.0140 0x27c8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
19:57:04.0192 0x27c8  SCPolicySvc - ok
19:57:04.0205 0x27c8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:57:04.0233 0x27c8  SDRSVC - ok
19:57:04.0239 0x27c8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:57:04.0258 0x27c8  secdrv - ok
19:57:04.0265 0x27c8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:57:04.0322 0x27c8  seclogon - ok
19:57:04.0331 0x27c8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:57:04.0394 0x27c8  SENS - ok
19:57:04.0402 0x27c8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:57:04.0422 0x27c8  SensrSvc - ok
19:57:04.0427 0x27c8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\DRIVERS\serenum.sys
19:57:04.0447 0x27c8  Serenum - ok
19:57:04.0456 0x27c8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:57:04.0477 0x27c8  Serial - ok
19:57:04.0483 0x27c8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:57:04.0503 0x27c8  sermouse - ok
19:57:04.0521 0x27c8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:57:04.0583 0x27c8  SessionEnv - ok
19:57:04.0591 0x27c8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
19:57:04.0616 0x27c8  sffdisk - ok
19:57:04.0622 0x27c8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:57:04.0642 0x27c8  sffp_mmc - ok
19:57:04.0647 0x27c8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
19:57:04.0674 0x27c8  sffp_sd - ok
19:57:04.0679 0x27c8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\DRIVERS\sfloppy.sys
19:57:04.0698 0x27c8  sfloppy - ok
19:57:04.0719 0x27c8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:57:04.0792 0x27c8  SharedAccess - ok
19:57:04.0813 0x27c8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:57:04.0885 0x27c8  ShellHWDetection - ok
19:57:04.0894 0x27c8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:57:04.0911 0x27c8  SiSRaid2 - ok
19:57:04.0920 0x27c8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:57:04.0938 0x27c8  SiSRaid4 - ok
19:57:04.0947 0x27c8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
19:57:05.0013 0x27c8  Smb - ok
19:57:05.0025 0x27c8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:57:05.0050 0x27c8  SNMPTRAP - ok
19:57:05.0056 0x27c8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
19:57:05.0074 0x27c8  spldr - ok
19:57:05.0102 0x27c8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
19:57:05.0155 0x27c8  Spooler - ok
19:57:05.0307 0x27c8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:57:05.0411 0x0b48  Object required for P2P: [ 6B245B7F96F901891636814B5A7A9088 ] nvsvc
19:57:05.0543 0x27c8  sppsvc - ok
19:57:05.0557 0x27c8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
19:57:05.0621 0x27c8  sppuinotify - ok
19:57:05.0645 0x27c8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
19:57:05.0682 0x27c8  srv - ok
19:57:05.0706 0x27c8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:57:05.0741 0x27c8  srv2 - ok
19:57:05.0752 0x27c8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:57:05.0777 0x27c8  srvnet - ok
19:57:05.0791 0x27c8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
19:57:05.0859 0x27c8  SSDPSRV - ok
19:57:05.0868 0x27c8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
19:57:05.0933 0x27c8  SstpSvc - ok
19:57:05.0954 0x27c8  [ 605ECCCE95ACF7AF12CBCCDAB55B8DD0, 7B676B58C26D880320434066B93C7B8372421699C0006806D4E8E0E824124281 ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
19:57:05.0985 0x27c8  STacSV - ok
19:57:06.0010 0x27c8  [ C368FAF3084E3978462159F1DDAFF54F, F7DD88038E002EF3D2BCA648FE7CF0F92347E901C5F495D8D8E4D24076E895CD ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
19:57:06.0041 0x27c8  Stereo Service - ok
19:57:06.0049 0x27c8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:57:06.0067 0x27c8  stexstor - ok
19:57:06.0096 0x27c8  [ 5709F6AEECC9C43AD9D550FB1D882209, CF4681AE1D6B15340F5A0787E0EFB682AA3CFA15D25741364D8455C040A5997B ] STHDA          C:\Windows\system32\DRIVERS\stwrt64.sys
19:57:06.0137 0x27c8  STHDA - ok
19:57:06.0168 0x27c8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:57:06.0223 0x27c8  stisvc - ok
19:57:06.0231 0x27c8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:57:06.0247 0x27c8  swenum - ok
19:57:06.0274 0x27c8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
19:57:06.0356 0x27c8  swprv - ok
19:57:06.0433 0x27c8  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain        C:\Windows\system32\sysmain.dll
19:57:06.0529 0x27c8  SysMain - ok
19:57:06.0541 0x27c8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:57:06.0570 0x27c8  TabletInputService - ok
19:57:06.0586 0x27c8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
19:57:06.0659 0x27c8  TapiSrv - ok
19:57:06.0669 0x27c8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
19:57:06.0732 0x27c8  TBS - ok
19:57:06.0814 0x27c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
19:57:06.0914 0x27c8  Tcpip - ok
19:57:06.0999 0x27c8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:57:07.0099 0x27c8  TCPIP6 - ok
19:57:07.0114 0x27c8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:57:07.0135 0x27c8  tcpipreg - ok
19:57:07.0144 0x27c8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:57:07.0168 0x27c8  TDPIPE - ok
19:57:07.0174 0x27c8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
19:57:07.0193 0x27c8  TDTCP - ok
19:57:07.0204 0x27c8  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
19:57:07.0228 0x27c8  tdx - ok
19:57:07.0236 0x27c8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:57:07.0255 0x27c8  TermDD - ok
19:57:07.0288 0x27c8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
19:57:07.0342 0x27c8  TermService - ok
19:57:07.0352 0x27c8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:57:07.0390 0x27c8  Themes - ok
19:57:07.0398 0x27c8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
19:57:07.0460 0x27c8  THREADORDER - ok
19:57:07.0472 0x27c8  [ DA632FAE7B5629032B2C24E1BE29168B, 89327F67F427B12C5DAB664FA88FCA2133C737945C92037945CBF25C5E396587 ] tihub3          C:\Windows\system32\DRIVERS\tihub3.sys
19:57:07.0495 0x27c8  tihub3 - ok
19:57:07.0517 0x27c8  [ 6AAD465F69632931B6D8D61B287E6DE9, 789837B5241B836F0EFEEF0970062AC965425246DF2B638535B8648CC7EF7DF9 ] tixhci          C:\Windows\system32\DRIVERS\tixhci.sys
19:57:07.0547 0x27c8  tixhci - ok
19:57:07.0558 0x27c8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:57:07.0626 0x27c8  TrkWks - ok
19:57:07.0640 0x27c8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:57:07.0708 0x27c8  TrustedInstaller - ok
19:57:07.0720 0x27c8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:57:07.0740 0x27c8  tssecsrv - ok
19:57:07.0747 0x27c8  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:57:07.0768 0x27c8  TsUsbFlt - ok
19:57:07.0778 0x27c8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:57:07.0836 0x27c8  tunnel - ok
19:57:07.0845 0x27c8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:57:07.0863 0x27c8  uagp35 - ok
19:57:07.0872 0x0b48  Object send P2P result: true
19:57:07.0872 0x0b48  Object required for P2P: [ F34655869378762CEEF159E82BE95C3E ] Origin Client Service
19:57:07.0881 0x27c8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:57:07.0955 0x27c8  udfs - ok
19:57:07.0969 0x27c8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
19:57:07.0993 0x27c8  UI0Detect - ok
19:57:08.0001 0x27c8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:57:08.0020 0x27c8  uliagpkx - ok
19:57:08.0026 0x27c8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
19:57:08.0049 0x27c8  umbus - ok
19:57:08.0055 0x27c8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:57:08.0077 0x27c8  UmPass - ok
19:57:08.0099 0x27c8  [ D03FE25B3B9EFF45582AA0AA37960D68, 835255C1C0F9025FA5015DC3A5A42E4A26DA88AB559EA174D151BBDB8D0E0D2C ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:57:08.0129 0x27c8  UNS - ok
19:57:08.0149 0x27c8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:57:08.0229 0x27c8  upnphost - ok
19:57:08.0237 0x27c8  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
19:57:08.0260 0x27c8  USBAAPL64 - ok
19:57:08.0270 0x27c8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:57:08.0291 0x27c8  usbaudio - ok
19:57:08.0301 0x27c8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
19:57:08.0326 0x27c8  usbccgp - ok
19:57:08.0335 0x27c8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:57:08.0358 0x27c8  usbcir - ok
19:57:08.0366 0x27c8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
19:57:08.0387 0x27c8  usbehci - ok
19:57:08.0406 0x27c8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:57:08.0440 0x27c8  usbhub - ok
19:57:08.0446 0x27c8  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci        C:\Windows\system32\DRIVERS\usbohci.sys
19:57:08.0466 0x27c8  usbohci - ok
19:57:08.0472 0x27c8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:57:08.0498 0x27c8  usbprint - ok
19:57:08.0506 0x27c8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:57:08.0528 0x27c8  USBSTOR - ok
19:57:08.0534 0x27c8  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci        C:\Windows\system32\DRIVERS\usbuhci.sys
19:57:08.0557 0x27c8  usbuhci - ok
19:57:08.0563 0x27c8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
19:57:08.0630 0x27c8  UxSms - ok
19:57:08.0637 0x27c8  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
19:57:08.0657 0x27c8  VaultSvc - ok
19:57:08.0663 0x27c8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:57:08.0680 0x27c8  vdrvroot - ok
19:57:08.0708 0x27c8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
19:57:08.0795 0x27c8  vds - ok
19:57:08.0803 0x27c8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
19:57:08.0829 0x27c8  vga - ok
19:57:08.0836 0x27c8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
19:57:08.0896 0x27c8  VgaSave - ok
19:57:08.0911 0x27c8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
19:57:08.0940 0x27c8  vhdmp - ok
19:57:08.0946 0x27c8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:57:08.0964 0x27c8  viaide - ok
19:57:08.0973 0x27c8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:57:08.0992 0x27c8  volmgr - ok
19:57:09.0012 0x27c8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
19:57:09.0047 0x27c8  volmgrx - ok
19:57:09.0064 0x27c8  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
19:57:09.0095 0x27c8  volsnap - ok
19:57:09.0108 0x27c8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\DRIVERS\vsmraid.sys
19:57:09.0132 0x27c8  vsmraid - ok
19:57:09.0208 0x27c8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
19:57:09.0346 0x27c8  VSS - ok
19:57:09.0364 0x27c8  [ 79F4D90FAA0ACC1866F2F3E03E39CA89, EE08BCBF29A7E4AFFF520B8DF067281425F433EC275F8C86CE8F20F000E92E3D ] vssbrigde64    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe
19:57:09.0387 0x27c8  vssbrigde64 - ok
19:57:09.0394 0x27c8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:57:09.0421 0x27c8  vwifibus - ok
19:57:09.0444 0x27c8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
19:57:09.0523 0x27c8  W32Time - ok
19:57:09.0533 0x27c8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:57:09.0555 0x27c8  WacomPen - ok
19:57:09.0564 0x27c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:57:09.0625 0x27c8  WANARP - ok
19:57:09.0632 0x27c8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:57:09.0692 0x27c8  Wanarpv6 - ok
19:57:09.0761 0x27c8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:57:09.0854 0x27c8  wbengine - ok
19:57:09.0872 0x27c8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:57:09.0911 0x27c8  WbioSrvc - ok
19:57:09.0933 0x27c8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
19:57:09.0984 0x27c8  wcncsvc - ok
19:57:09.0992 0x27c8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:57:10.0012 0x27c8  WcsPlugInService - ok
19:57:10.0018 0x27c8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:57:10.0036 0x27c8  Wd - ok
19:57:10.0072 0x27c8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:57:10.0130 0x27c8  Wdf01000 - ok
19:57:10.0141 0x27c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:57:10.0169 0x27c8  WdiServiceHost - ok
19:57:10.0177 0x27c8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
19:57:10.0202 0x27c8  WdiSystemHost - ok
19:57:10.0218 0x27c8  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient      C:\Windows\System32\webclnt.dll
19:57:10.0252 0x27c8  WebClient - ok
19:57:10.0267 0x27c8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:57:10.0317 0x0b48  Object send P2P result: true
19:57:10.0352 0x27c8  Wecsvc - ok
19:57:10.0361 0x27c8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
19:57:10.0426 0x27c8  wercplsupport - ok
19:57:10.0435 0x27c8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:57:10.0504 0x27c8  WerSvc - ok
19:57:10.0511 0x27c8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:57:10.0572 0x27c8  WfpLwf - ok
19:57:10.0580 0x27c8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:57:10.0598 0x27c8  WIMMount - ok
19:57:10.0602 0x27c8  WinDefend - ok
19:57:10.0613 0x27c8  WinHttpAutoProxySvc - ok
19:57:10.0634 0x27c8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
19:57:10.0709 0x27c8  Winmgmt - ok
19:57:10.0800 0x27c8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
19:57:10.0921 0x27c8  WinRM - ok
19:57:10.0938 0x27c8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:57:10.0964 0x27c8  WinUsb - ok
19:57:11.0006 0x27c8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
19:57:11.0080 0x27c8  Wlansvc - ok
19:57:11.0087 0x27c8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\drivers\wmiacpi.sys
19:57:11.0108 0x27c8  WmiAcpi - ok
19:57:11.0124 0x27c8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:57:11.0156 0x27c8  wmiApSrv - ok
19:57:11.0161 0x27c8  WMPNetworkSvc - ok
19:57:11.0169 0x27c8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:57:11.0192 0x27c8  WPCSvc - ok
19:57:11.0202 0x27c8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:57:11.0231 0x27c8  WPDBusEnum - ok
19:57:11.0240 0x27c8  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
19:57:11.0257 0x27c8  WPRO_41_2001 - ok
19:57:11.0263 0x27c8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
19:57:11.0332 0x27c8  ws2ifsl - ok
19:57:11.0343 0x27c8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:57:11.0377 0x27c8  wscsvc - ok
19:57:11.0384 0x27c8  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:57:11.0412 0x27c8  WSDPrintDevice - ok
19:57:11.0418 0x27c8  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan        C:\Windows\system32\DRIVERS\WSDScan.sys
19:57:11.0438 0x27c8  WSDScan - ok
19:57:11.0442 0x27c8  WSearch - ok
19:57:11.0565 0x27c8  [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:57:11.0707 0x27c8  wuauserv - ok
19:57:11.0722 0x27c8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:57:11.0747 0x27c8  WudfPf - ok
19:57:11.0760 0x27c8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:57:11.0789 0x27c8  WUDFRd - ok
19:57:11.0799 0x27c8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
19:57:11.0823 0x27c8  wudfsvc - ok
19:57:11.0840 0x27c8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
19:57:11.0872 0x27c8  WwanSvc - ok
19:57:11.0885 0x27c8  ================ Scan global ===============================
19:57:11.0891 0x27c8  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
19:57:11.0906 0x27c8  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:57:11.0928 0x27c8  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
19:57:11.0944 0x27c8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:57:11.0965 0x27c8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:57:11.0981 0x27c8  [ Global ] - ok
19:57:11.0982 0x27c8  ================ Scan MBR ==================================
19:57:11.0985 0x27c8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:57:12.0254 0x27c8  \Device\Harddisk0\DR0 - ok
19:57:12.0259 0x27c8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
19:57:12.0363 0x27c8  \Device\Harddisk1\DR1 - ok
19:57:12.0364 0x27c8  ================ Scan VBR ==================================
19:57:12.0368 0x27c8  [ D1B82E0BAB1670109B9D750D6D83D1E1 ] \Device\Harddisk0\DR0\Partition1
19:57:12.0426 0x27c8  \Device\Harddisk0\DR0\Partition1 - ok
19:57:12.0431 0x27c8  [ 9B2676B1F78F524352FD02F94F660C49 ] \Device\Harddisk1\DR1\Partition1
19:57:12.0433 0x27c8  \Device\Harddisk1\DR1\Partition1 - ok
19:57:12.0437 0x27c8  [ 722F4A30F499EAB515C29A3F1F971B96 ] \Device\Harddisk1\DR1\Partition2
19:57:12.0439 0x27c8  \Device\Harddisk1\DR1\Partition2 - ok
19:57:12.0439 0x27c8  ================ Scan generic autorun ======================
19:57:12.0444 0x27c8  [ 13392E518730835DC9584C60B04E77C2, E4CF50A5D0777A51CACFBA144CD41621BDE2C4CBB5678C8C2624F7612F9DEE11 ] C:\Program Files\IDT\WDM\beats64.exe
19:57:12.0461 0x27c8  BeatsOSDApp - ok
19:57:12.0522 0x27c8  [ AD6C376374C21EC68DF33884613D0A05, 65E0668A2A24B9EF2BDABDE044D240F110AEC8B1EF838AB28084B7F899D2A75E ] C:\Program Files\IDT\WDM\sttray64.exe
19:57:12.0590 0x27c8  SysTrayApp - ok
19:57:12.0707 0x27c8  [ 6BE70A935DFD72F47C29757305B50B1E, 6E76D7CA8C417750C2AFAD45344F5863CEA7798A2993716E21DE1997789D1746 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
19:57:12.0832 0x27c8  NvBackend - ok
19:57:12.0843 0x27c8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
19:57:12.0870 0x27c8  ShadowPlay - ok
19:57:13.0366 0x27c8  [ 9AC062437035B077C0F3B1BD738EC82A, DAC42AA903C3A6F7CB196D3D738FFDDADC8BD2138F0703F1DB035337540D53B7 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:57:13.0967 0x27c8  RTHDVCPL - ok
19:57:14.0581 0x27c8  [ AC5406D1A6C19D83F92FA22697F3F072, 592BD212F1C0F6FE8605328F2D4A3EA360FF74B42E467E7ED201492A800181C8 ] C:\Program Files\Logitech Gaming Software\LCore.exe
19:57:15.0214 0x27c8  Launch LCore - ok
19:57:15.0243 0x27c8  [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
19:57:15.0265 0x27c8  iTunesHelper - ok
19:57:15.0289 0x27c8  [ 5F7EE76129F9A591F22F99F95D97AC95, D3446BD4CAB8017B44BAD94EBB88468D080AC65E14444C12B09B6BF3E70B2AED ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
19:57:15.0322 0x27c8  IJNetworkScannerSelectorEX - ok
19:57:15.0338 0x27c8  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
19:57:15.0366 0x27c8  USB3MON - ok
19:57:15.0376 0x27c8  [ 8D902AF9A35DF48B8821FAA28EE9E72B, 6B2510AE064C4527570CCD06C1DBB32F0E7D37AF7ABC9476FAC1D9C044ECC2B3 ] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
19:57:15.0399 0x27c8  IMSS - ok
19:57:15.0605 0x27c8  [ 24F4643941535195B19C962C96067DB8, C5A81D6888EDE79D678AB4A019C0A649481DF7DD5085C02BCBB381FD23C175C1 ] C:\Program Files (x86)\XFastUSB\XFastUsb.exe
19:57:15.0850 0x27c8  XFastUSB - ok
19:57:15.0864 0x27c8  [ E7861EAA7881E086B2DB88ADF4279D4B, D040BCEC5B7519357D4E28653FC0F9F4FEAA88D291726A0763EA5E84C8C5D840 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
19:57:15.0879 0x27c8  IAStorIcon - ok
19:57:15.0882 0x27c8  FireStormStartUpAutoRun - ok
19:57:15.0892 0x27c8  [ 08FF7423AC1DB307769931F3F848EAB4, A6AE01143E82F4706DA9D39AA3020823C3A61E2AC73BF0516427B2495A980FD2 ] C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
19:57:15.0900 0x27c8  ProductUpdater - detected UnsignedFile.Multi.Generic ( 1 )
19:57:18.0225 0x27c8  Detect skipped due to KSN trusted
19:57:18.0225 0x27c8  ProductUpdater - ok
19:57:18.0256 0x27c8  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
19:57:18.0303 0x27c8  SunJavaUpdateSched - ok
19:57:18.0363 0x27c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:57:18.0446 0x27c8  Sidebar - ok
19:57:18.0457 0x27c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:57:18.0490 0x27c8  mctadmin - ok
19:57:18.0546 0x27c8  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:57:18.0628 0x27c8  Sidebar - ok
19:57:18.0639 0x27c8  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:57:18.0681 0x27c8  mctadmin - ok
19:57:18.0700 0x27c8  [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
19:57:18.0722 0x27c8  Dropbox Update - ok
19:57:18.0928 0x27c8  [ C87A02743C2606521715E8C9491BAF8F, F8B923C4B75D17B7EBEBB7809B76EA0C2922BB4F6821E7B516DD44207392767B ] C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
19:57:19.0165 0x27c8  MyComGames - ok
19:57:19.0199 0x27c8  [ 3B3404B6D45BC3E0AEFAC7470D254A8E, E524D7B3F11018C252C8A412937E944B335B9EF6C888FBE71C4B6B5D9BEAF9AF ] C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
19:57:19.0222 0x27c8  son-bet - detected UnsignedFile.Multi.Generic ( 1 )
19:57:21.0738 0x27c8  son-bet ( UnsignedFile.Multi.Generic ) - warning
19:57:21.0738 0x27c8  Force sending object to P2P due to detect: C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
19:57:24.0168 0x27c8  Object send P2P result: true
19:57:26.0559 0x27c8  Wondershare - ok
19:57:26.0569 0x27c8  [ 6F733C10600F37B7D01198FB36F07E1A, 16CF3B7FA1AA2BCC7146E4D3A3AB192BBBE6494D47FD0CB014F13FB7EDBEEBD9 ] C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe
19:57:26.0579 0x27c8  essay-weekend - detected UnsignedFile.Multi.Generic ( 1 )
19:57:28.0909 0x27c8  essay-weekend ( UnsignedFile.Multi.Generic ) - warning
19:57:31.0426 0x27c8  [ CF15431A5741760D3D39C9F334566D47, 02C62399E89B0AD576F86D525FDA3B7D6C448F8092DFAE7C78915DBEC916ABA7 ] C:\Program Files (x86)\Origin\Origin.exe
19:57:31.0602 0x27c8  EADM - ok
19:57:31.0638 0x27c8  [ AB7957185EBD519C206947757D76EA0F, 3F1CE131FF08A575DFA2B6C05E5CC3BBDB4B76628FA74FFBBDB04C64B1456311 ] C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe
19:57:31.0670 0x27c8  gaasfet-3 - detected UnsignedFile.Multi.Generic ( 1 )
19:57:33.0991 0x27c8  gaasfet-3 ( UnsignedFile.Multi.Generic ) - warning
19:57:36.0380 0x27c8  AV detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41000 ( enabled : updated )
19:57:36.0382 0x27c8  FW detected via SS2: Kaspersky Internet Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe ( 16.0.0.614 ), 0x41010 ( enabled )
19:57:38.0743 0x27c8  ============================================================
19:57:38.0743 0x27c8  Scan finished
19:57:38.0743 0x27c8  ============================================================
19:57:38.0757 0x277c  Detected object count: 3
19:57:38.0757 0x277c  Actual detected object count: 3
19:58:07.0212 0x277c  C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe - copied to quarantine
19:58:07.0213 0x277c  HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run:son-bet - will be deleted on reboot
19:58:07.0213 0x277c  C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe - will be deleted on reboot
19:58:07.0213 0x277c  son-bet ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:58:07.0233 0x277c  C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe - copied to quarantine
19:58:07.0234 0x277c  HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run:essay-weekend - will be deleted on reboot
19:58:07.0234 0x277c  C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe - will be deleted on reboot
19:58:07.0234 0x277c  essay-weekend ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:58:07.0291 0x277c  C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe - copied to quarantine
19:58:07.0291 0x277c  HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce:gaasfet-3 - will be deleted on reboot
19:58:07.0292 0x277c  C:\Users\Thorsten\AppData\Roaming\gaasfet-54\gaasfet-88.exe - will be deleted on reboot
19:58:07.0292 0x277c  gaasfet-3 ( UnsignedFile.Multi.Generic ) - User select action: Delete
19:58:07.0328 0x277c  KLMD registered as C:\Windows\system32\drivers\19438840.sys
19:58:09.0355 0x0e44  Deinitialize success

deeprybka 15.11.2015 20:32
Bitte frisches FRST-Log:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie 16.11.2015 07:28
Schick ich Dir Morgen Früh bin gerade unterwegs! Hoffe das geht in Ordnung. Viele Grüsse

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (16-11-2015 07:26:23)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(NVIDIA Corporation) C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_226.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4278728 2015-11-11] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [son-bet] => C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe <===== ACHTUNG
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Wondershare] => C:\Users\Thorsten\AppData\Roaming\twbgusbd\wadjswag.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [essay-weekend] => C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe <===== ACHTUNG
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [megabits-09] => C:\ProgramData\megabits-5\megabits-77.exe [443904 2015-11-16] (Oracle Corp)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\machine-5.lnk [2015-11-15]
ShortcutTarget: machine-5.lnk -> C:\Users\Thorsten\AppData\Roaming\machine-43\machine-73.exe (Intel(R) Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-15] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-16] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S1 bfrzcslo; \??\C:\Windows\system32\drivers\bfrzcslo.sys [X]
S1 hjaqokbf; \??\C:\Windows\system32\drivers\hjaqokbf.sys [X]
S1 ilnicvuq; \??\C:\Windows\system32\drivers\ilnicvuq.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S1 lwohbkep; \??\C:\Windows\system32\drivers\lwohbkep.sys [X]
S1 oflhqklh; \??\C:\Windows\system32\drivers\oflhqklh.sys [X]
S1 pzlwhhvl; \??\C:\Windows\system32\drivers\pzlwhhvl.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-16 07:25 - 2015-11-16 07:25 - 00000000 ____D C:\ProgramData\megabits-5
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 19:09 - 2015-11-15 19:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 18:58 - 2015-11-15 18:58 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\machine-43
2015-11-15 18:56 - 2015-11-15 18:56 - 00000000 ____D C:\ProgramData\hsdpa-2
2015-11-15 15:52 - 2015-11-15 15:52 - 00048184 _____ C:\Users\Thorsten\Downloads\Addition.txt
2015-11-15 15:51 - 2015-11-16 07:26 - 00027883 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-15 15:51 - 2015-11-16 07:26 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-15 15:51 - 02198528 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-15 11:39 - 2015-11-15 20:03 - 00000000 ____D C:\ProgramData\oyn
2015-11-15 11:29 - 2015-11-15 11:29 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasfet-54
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 13:34 - 2015-11-16 07:24 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-15 20:09 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-15 20:09 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-15 22:13 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-16 07:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-16 07:25 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-16 07:25 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-16 07:25 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-16 07:25 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-16 07:24 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-16 07:24 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-16 07:24 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-16 07:24 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-16 07:24 - 2015-02-19 10:51 - 00203136 _____ C:\Windows\PFRO.log
2015-11-16 07:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-16 07:24 - 2009-07-14 05:51 - 00152673 _____ C:\Windows\setupact.log
2015-11-15 22:13 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-15 22:13 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-15 22:13 - 2015-02-19 10:30 - 01725563 _____ C:\Windows\WindowsUpdate.log
2015-11-15 20:09 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-15 20:09 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-15 20:08 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-15 20:06 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-15 20:06 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-15 20:06 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-12 12:42 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-08 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft
2015-10-26 07:27 - 2015-02-19 11:16 - 00000000 __SHD C:\Users\Thorsten\AppData\Roaming\twbgusbd
2015-10-19 06:23 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\CopyTransManagerMDHelper(1).exe
C:\Users\Thorsten\AppData\Local\Temp\CopyTransManagerMDHelper.exe
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpin4hyt.dll
C:\Users\Thorsten\AppData\Local\Temp\GURA7A3.exe
C:\Users\Thorsten\AppData\Local\Temp\GURC679.exe
C:\Users\Thorsten\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Thorsten\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Thorsten\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Thorsten\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Thorsten\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Thorsten\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\Thorsten\AppData\Local\Temp\nvStInst.exe
C:\Users\Thorsten\AppData\Local\Temp\Quarantine.exe
C:\Users\Thorsten\AppData\Local\Temp\sonarinst.exe
C:\Users\Thorsten\AppData\Local\Temp\sqlite3.dll
C:\Users\Thorsten\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Thorsten\AppData\Local\Temp\VideoDownloader.exe
C:\Users\Thorsten\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================

deeprybka 16.11.2015 09:39
Hi,

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
C:\Users\Thorsten\AppData\Roaming\twbgusbd
C:\ProgramData\megabits-5\
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [son-bet] => C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Wondershare] => C:\Users\Thorsten\AppData\Roaming\twbgusbd\wadjswag.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [essay-weekend] => C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [megabits-09] => C:\ProgramData\megabits-5\megabits-77.exe [443904 2015-11-16] (Oracle Corp)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\machine-5.lnk [2015-11-15]
ShortcutTarget: machine-5.lnk -> C:\Users\Thorsten\AppData\Roaming\machine-43\machine-73.exe (Intel(R) Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S1 bfrzcslo; \??\C:\Windows\system32\drivers\bfrzcslo.sys [X]
S1 hjaqokbf; \??\C:\Windows\system32\drivers\hjaqokbf.sys [X]
S1 ilnicvuq; \??\C:\Windows\system32\drivers\ilnicvuq.sys [X]
S1 lwohbkep; \??\C:\Windows\system32\drivers\lwohbkep.sys [X]
S1 oflhqklh; \??\C:\Windows\system32\drivers\oflhqklh.sys [X]
S1 pzlwhhvl; \??\C:\Windows\system32\drivers\pzlwhhvl.sys [X]
2015-11-15 11:39 - 2015-11-15 20:03 - 00000000 ____D C:\ProgramData\oyn
2015-11-15 11:29 - 2015-11-15 11:29 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasfet-54
Task: {23E47DB0-3544-4C4E-8122-3AF142D39CF2} - System32\Tasks\{FE343B28-0C3E-4572-A125-602BA17006E1} =>
FirewallRules: [TCP Query User{441BCDAB-F2FF-4FF2-9DA3-2944B02B50C9}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe] => (Allow) C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe
FirewallRules: [UDP Query User{030134B2-6BFA-4A00-8F5E-871122E4D09F}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe] => (Allow) C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe
FirewallRules: [{FA6D628A-9597-4D38-AFE0-C133A800113A}] => (Allow) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{A711E2D2-D963-4A6C-9C11-ABE0EFE722CA}] => (Allow) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
CreateRestorePoint:
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST64.exe befindet. (C:\Users\Thorsten\Downloads)
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie 16.11.2015 13:05
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Thorsten (2015-11-16 12:50:36) Run:1
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
C:\Users\Thorsten\AppData\Roaming\twbgusbd
C:\ProgramData\megabits-5\
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [zASRockInstantBoot] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [son-bet] => C:\Users\Thorsten\AppData\Local\Temp\Son-shoe\son-prove.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Wondershare] => C:\Users\Thorsten\AppData\Roaming\twbgusbd\wadjswag.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [essay-weekend] => C:\Users\Thorsten\AppData\Local\Temp\Essay_list\essay-skin.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [megabits-09] => C:\ProgramData\megabits-5\megabits-77.exe [443904 2015-11-16] (Oracle Corp)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\machine-5.lnk [2015-11-15]
ShortcutTarget: machine-5.lnk -> C:\Users\Thorsten\AppData\Roaming\machine-43\machine-73.exe (Intel(R) Corporation)
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S1 bfrzcslo; \??\C:\Windows\system32\drivers\bfrzcslo.sys [X]
S1 hjaqokbf; \??\C:\Windows\system32\drivers\hjaqokbf.sys [X]
S1 ilnicvuq; \??\C:\Windows\system32\drivers\ilnicvuq.sys [X]
S1 lwohbkep; \??\C:\Windows\system32\drivers\lwohbkep.sys [X]
S1 oflhqklh; \??\C:\Windows\system32\drivers\oflhqklh.sys [X]
S1 pzlwhhvl; \??\C:\Windows\system32\drivers\pzlwhhvl.sys [X]
2015-11-15 11:39 - 2015-11-15 20:03 - 00000000 ____D C:\ProgramData\oyn
2015-11-15 11:29 - 2015-11-15 11:29 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasfet-54
Task: {23E47DB0-3544-4C4E-8122-3AF142D39CF2} - System32\Tasks\{FE343B28-0C3E-4572-A125-602BA17006E1} =>
FirewallRules: [TCP Query User{441BCDAB-F2FF-4FF2-9DA3-2944B02B50C9}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe] => (Allow) C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe
FirewallRules: [UDP Query User{030134B2-6BFA-4A00-8F5E-871122E4D09F}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe] => (Allow) C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe
FirewallRules: [{FA6D628A-9597-4D38-AFE0-C133A800113A}] => (Allow) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
FirewallRules: [{A711E2D2-D963-4A6C-9C11-ABE0EFE722CA}] => (Allow) C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe
CreateRestorePoint:
EmptyTemp:
       
*****************

Prozess erfolgreich geschlossen.
C:\Users\Thorsten\AppData\Roaming\twbgusbd => erfolgreich verschoben
C:\ProgramData\megabits-5 => erfolgreich verschoben
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\zASRockInstantBoot => Wert erfolgreich entfernt
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ASRockXTU => Wert erfolgreich entfernt
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\son-bet => Wert erfolgreich entfernt
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Wondershare => Wert erfolgreich entfernt
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\essay-weekend => Wert erfolgreich entfernt
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\megabits-09 => Wert nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\machine-5.lnk => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\machine-43\machine-73.exe => erfolgreich verschoben
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
bfrzcslo => Dienst erfolgreich entfernt
hjaqokbf => Dienst erfolgreich entfernt
ilnicvuq => Dienst erfolgreich entfernt
lwohbkep => Dienst erfolgreich entfernt
oflhqklh => Dienst erfolgreich entfernt
pzlwhhvl => Dienst erfolgreich entfernt
C:\ProgramData\oyn => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\gaasfet-54" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{23E47DB0-3544-4C4E-8122-3AF142D39CF2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{23E47DB0-3544-4C4E-8122-3AF142D39CF2}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{FE343B28-0C3E-4572-A125-602BA17006E1} => => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FE343B28-0C3E-4572-A125-602BA17006E1} => => Schlüssel nicht gefunden.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{441BCDAB-F2FF-4FF2-9DA3-2944B02B50C9}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{030134B2-6BFA-4A00-8F5E-871122E4D09F}C:\users\thorsten\appdata\local\temp\tmpac76.tmp\faqfwupdatepkg.exe => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FA6D628A-9597-4D38-AFE0-C133A800113A} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A711E2D2-D963-4A6C-9C11-ABE0EFE722CA} => Wert erfolgreich entfernt
Wiederherstellungspunkt wurde erfolgreich erstellt.
EmptyTemp: => 2.8 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:53:50 ====
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (16-11-2015 12:57:12)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(NVIDIA Corporation) C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\WLMerger.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4278728 2015-11-11] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [opamp-12] => C:\Users\Thorsten\AppData\Roaming\opamp-07\opamp-16.exe [580096 2015-11-16] (American Megatrends, Inc)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-16] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-16] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-16 12:57 - 2015-11-16 12:57 - 00026188 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-16 12:50 - 2015-11-16 12:56 - 00000000 ____D C:\ProgramData\oyn
2015-11-16 07:49 - 2015-11-16 07:49 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\opamp-07
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 19:09 - 2015-11-15 19:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 18:58 - 2015-11-16 12:50 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\machine-43
2015-11-15 18:56 - 2015-11-15 18:56 - 00000000 ____D C:\ProgramData\hsdpa-2
2015-11-15 15:51 - 2015-11-16 12:57 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-15 15:51 - 02198528 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 13:34 - 2015-11-16 12:56 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-16 07:35 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-16 07:35 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-16 08:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-16 12:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-16 12:56 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-16 12:56 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-16 12:56 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-16 12:56 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-16 12:56 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-16 12:56 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-16 12:56 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-16 12:56 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-16 12:56 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-16 12:56 - 2009-07-14 05:51 - 00152841 _____ C:\Windows\setupact.log
2015-11-16 12:55 - 2015-02-19 10:51 - 00205226 _____ C:\Windows\PFRO.log
2015-11-16 12:55 - 2015-02-19 10:30 - 01772424 _____ C:\Windows\WindowsUpdate.log
2015-11-16 12:55 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-16 12:55 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-16 12:51 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-16 07:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-16 07:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-16 07:35 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-16 07:30 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-16 07:30 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-16 07:30 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-08 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft
2015-10-19 06:23 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxai8wr.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-11-2015
durchgeführt von Thorsten (2015-11-16 12:57:46)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TEC-IT TBarCode Office 10 (HKLM\...\{B9C3D27C-D72A-4F48-A0A4-8E1758219735}) (Version: 10.6.0.13858 - TEC-IT Datenverarbeitung GmbH)
TECIT.TBarCode.ExcelAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\29813F0DC48E97541FBED4F14E3701CDE7C4C491) (Version: 1.0.0.0 - TECIT.TBarCode.ExcelAddIn)
TECIT.TBarCode.WordAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\71AE37307294CC1A34110ADBD07E07D1842629B9) (Version: 9.0.0.12803 - TECIT.TBarCode.WordAddIn)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000001-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-11-2015 22:47:40 DirectX wurde installiert
03-11-2015 07:50:55 Windows Update
08-11-2015 19:00:13 Windows-Sicherung
12-11-2015 08:06:39 Windows Update
15-11-2015 19:00:13 Windows-Sicherung
16-11-2015 12:50:40 Restore Point Created by FRST

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-16 07:35 - 00348360 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-08-15 20:15 - 2011-08-15 20:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 16:48 - 2011-08-17 16:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 19:23 - 2011-08-15 19:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2012-04-16 11:37 - 2012-04-16 11:37 - 00071680 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ServiceManagerStarter.dll
2011-08-15 20:12 - 2011-08-15 20:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 16:41 - 2011-08-17 16:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2012-04-16 11:42 - 2012-04-16 11:42 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2012-04-16 11:41 - 2012-04-16 11:41 - 00484864 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2012-04-16 11:56 - 2012-04-16 11:56 - 00500032 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2012-04-16 11:38 - 2012-04-16 11:38 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-16 12:56 - 2015-11-16 12:56 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxai8wr.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 06:35 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-10-25 10:01 - 2015-10-25 10:01 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-10-25 10:01 - 2015-10-25 10:01 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66925414.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66925414.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

Thorstie 16.11.2015 13:05
Code:
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/16/2015 12:56:04 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/16/2015 12:50:42 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/16/2015 12:50:40 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
  Generatordaten werden gesammelt

Kontext:
  Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
  Generatorname: System Writer
  Generatorinstanz-ID: {58c5fbe4-46c9-4892-b20b-8862f52b7353}

Error: (11/16/2015 12:50:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ef9f1
Name des fehlerhaften Moduls: mozglue.dll, Version: 41.0.2.5765, Zeitstempel: 0x561ee53f
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000ec91
ID des fehlerhaften Prozesses: 0x9a8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3

Error: (11/16/2015 12:45:10 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/16/2015 12:43:51 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.DllNotFoundException
Stapel:

Server stack trace:
  bei System.Net.UnsafeNclNativeMethods.SafeNetHandles_SECURITY.EnumerateSecurityPackagesW(Int32& pkgnum, SafeFreeContextBuffer_SECURITY& handle)
  bei System.Net.SafeFreeContextBuffer.EnumeratePackages(SecurDll Dll, Int32& pkgnum, SafeFreeContextBuffer& pkgArray)
  bei System.Net.SSPIAuthType.EnumerateSecurityPackages(Int32& pkgnum, SafeFreeContextBuffer& pkgArray)
  bei System.Net.SSPIWrapper.EnumerateSecurityPackages(SSPIInterface SecModule)
  bei System.Net.SSPIWrapper.GetVerifyPackageInfo(SSPIInterface secModule, String packageName, Boolean throwIfMissing)
  bei System.Net.NTAuthentication.Initialize(Boolean isServer, String package, NetworkCredential credential, String spn, ContextFlags requestedContextFlags, ChannelBinding channelBinding)
  bei System.Net.NTAuthentication..ctor(Boolean isServer, String package, NetworkCredential credential, String spn, ContextFlags requestedContextFlags, ChannelBinding channelBinding)
  bei System.Net.Security.NegoState.ValidateCreateContext(String package, Boolean isServer, NetworkCredential credential, String servicePrincipalName, ChannelBinding channelBinding, ProtectionLevel protectionLevel, TokenImpersonationLevel impersonationLevel)
  bei System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, ChannelBinding binding, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
  bei System.Net.Security.NegotiateStream.AuthenticateAsClient(NetworkCredential credential, String targetName, ProtectionLevel requiredProtectionLevel, TokenImpersonationLevel allowedImpersonationLevel)
  bei System.ServiceModel.Channels.WindowsStreamSecurityUpgradeProvider.WindowsStreamSecurityUpgradeInitiator.OnInitiateUpgrade(Stream stream, SecurityMessageProperty& remoteSecurity)
  bei System.ServiceModel.Channels.StreamSecurityUpgradeInitiatorBase.InitiateUpgrade(Stream stream)
  bei System.ServiceModel.Channels.ConnectionUpgradeHelper.InitiateUpgrade(StreamUpgradeInitiator upgradeInitiator, IConnection& connection, ClientFramingDecoder decoder, IDefaultCommunicationTimeouts defaultTimeouts, TimeoutHelper& timeoutHelper)
  bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.SendPreamble(IConnection connection, ArraySegment`1 preamble, TimeoutHelper& timeoutHelper)
  bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.DuplexConnectionPoolHelper.AcceptPooledConnection(IConnection connection, TimeoutHelper& timeoutHelper)
  bei System.ServiceModel.Channels.ConnectionPoolHelper.EstablishConnection(TimeSpan timeout)
  bei System.ServiceModel.Channels.ClientFramingDuplexSessionChannel.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannel.OnOpen(TimeSpan timeout)
  bei System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannel.CallOpenOnce.System.ServiceModel.Channels.ServiceChannel.ICallOnce.Call(ServiceChannel channel, TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannel.CallOnceManager.CallOnce(TimeSpan timeout, CallOnceManager cascade)
  bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
  bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
  bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
  bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
  bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
  bei IAStorDataMgrSvcInterfaces.IPublisher.Subscribe()
  bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
  bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
  bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
  bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
  bei System.Threading.ThreadPoolWorkQueue.Dispatch()
  bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/16/2015 12:41:46 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/16/2015 07:24:56 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/15/2015 08:00:49 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/15/2015 07:58:58 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/16/2015 12:56:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5

Error: (11/16/2015 12:51:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/16/2015 12:50:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 21%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 9542.71 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 21336.73 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:89.5 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1191.49 GB) NTFS
Drive e: (KRD10) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka 16.11.2015 14:47
Schritt 1

Bitte lasse die Datei aus der Code-Box bei
http://deeprybka.trojaner-board.de/b...virustotal.png überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    C:\Users\Thorsten\AppData\Roaming\opamp-07\opamp-16.exe
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.

Thorstie 16.11.2015 17:57
https://www.virustotal.com/de/file/1fc587fc2eb77ddd6510de4f4784365744f211a954e86c9425e87139e1a2ad48/analysis/1447692942/

deeprybka 16.11.2015 18:09
Schritt 1

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) entfernen und poste mir das Log.

Nach einem Reboot:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie 17.11.2015 08:04
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 17.11.2015
Suchlaufzeit: 07:42
Protokolldatei: 1.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.17.01
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Thorsten

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 344599
Abgelaufene Zeit: 16 Min., 26 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8508FC21-85CA-41F7-888D-8B9A99BDE0F6}, , [859019665932da5c86612eafbd46847c],

Registrierungswerte: 2
Trojan.Dropper, HKU\S-1-5-21-3302927987-3442811057-85396348-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|pfmea-98, C:\Users\Thorsten\AppData\Roaming\pfmea-62\pfmea-6.exe -3, , [dc39f8878efd1323eccc4751ac559d63]
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8508FC21-85CA-41F7-888D-8B9A99BDE0F6}|AppPath, C:\PROGRA~2\WIA6EB~1\Datamngr\ToolBar, , [859019665932da5c86612eafbd46847c]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 1
Trojan.Dropper, C:\Users\Thorsten\AppData\Roaming\pfmea-62\pfmea-6.exe, , [dc39f8878efd1323eccc4751ac559d63],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (17-11-2015 08:03:01)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(NVIDIA Corporation) C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\wmi64.exe
() C:\Program Files (x86)\devolo\dlan\updates\firmware\devolo-firmware-dlan500-wifi\faqfwupdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4532680 2015-11-16] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [wideband-8] => C:\ProgramData\wideband-33\wideband-0.exe [601600 2015-11-17] (Oracle Corp)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\debounce-64.lnk [2015-11-16]
ShortcutTarget: debounce-64.lnk -> C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe (Intel(R) Corporation)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-17] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-17 08:02 - 2015-11-17 08:02 - 00000000 ____D C:\Users\Thorsten\Downloads\FRST-OlderVersion
2015-11-17 07:42 - 2015-11-17 07:42 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-17 07:41 - 2015-11-17 07:41 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-17 07:41 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-17 07:41 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-17 07:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-17 07:40 - 2015-11-17 07:41 - 22908888 _____ (Malwarebytes ) C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-17 07:38 - 2015-11-17 08:00 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\pfmea-62
2015-11-17 07:36 - 2015-11-17 07:36 - 00000000 ____D C:\ProgramData\wideband-33
2015-11-16 17:56 - 2015-11-16 17:56 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\debounce-2
2015-11-16 17:53 - 2015-11-16 17:53 - 00000000 ____D C:\ProgramData\siphon-32
2015-11-16 12:57 - 2015-11-17 08:03 - 00027025 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-16 12:57 - 2015-11-16 12:58 - 00047739 _____ C:\Users\Thorsten\Downloads\Addition.txt
2015-11-16 12:50 - 2015-11-16 17:53 - 00000000 ____D C:\ProgramData\oyn
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 19:09 - 2015-11-15 19:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 15:51 - 2015-11-17 08:03 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-17 08:02 - 02008576 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 13:34 - 2015-11-17 08:00 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-16 13:07 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-16 13:07 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-17 08:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-17 08:00 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-17 08:01 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-17 08:01 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-17 08:00 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-17 08:00 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-17 08:00 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-17 08:00 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-17 08:00 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-17 08:00 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-17 08:00 - 2015-02-19 10:51 - 00206740 _____ C:\Windows\PFRO.log
2015-11-17 08:00 - 2015-02-19 10:30 - 01848962 _____ C:\Windows\WindowsUpdate.log
2015-11-17 08:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-17 08:00 - 2009-07-14 05:51 - 00153009 _____ C:\Windows\setupact.log
2015-11-17 07:44 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-17 07:44 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-17 07:42 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-17 07:42 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-17 07:42 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-17 07:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-17 07:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-16 13:07 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-16 12:51 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-08 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft
2015-10-19 06:23 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp5ucgko.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================
Ich hoffe das war richtig so :applaus:

deeprybka 17.11.2015 09:46
Zitat:
Zitat von Thorstie (Beitrag 1535886)
Ich hoffe das war richtig so :applaus:
Ja. Aber bitte den PC ab jetzt vom Internet trennen und nur zur Durchführung der Anweisungen verwenden. Die Schritte müssen schnell nacheinander durchgeführt werden.

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
File: "C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe"
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [wideband-8] => C:\ProgramData\wideband-33\wideband-0.exe [601600 2015-11-17] (Oracle Corp)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\debounce-64.lnk [2015-11-16]
ShortcutTarget: debounce-64.lnk -> C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe (Intel(R) Corporation)
C:\Users\Thorsten\AppData\Roaming\debounce-2
2015-11-17 07:38 - 2015-11-17 08:00 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\pfmea-62
2015-11-17 07:36 - 2015-11-17 07:36 - 00000000 ____D C:\ProgramData\wideband-33
2015-11-16 17:56 - 2015-11-16 17:56 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\debounce-2
2015-11-16 17:53 - 2015-11-16 17:53 - 00000000 ____D C:\ProgramData\siphon-32
2015-11-16 12:50 - 2015-11-16 17:53 - 00000000 ____D C:\ProgramData\oyn
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset



Schritt 3

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Thorstie 17.11.2015 11:21
Ok super, bevor ich aber mit Schritt 2 beginne wieder eine Verbindung zum Internet herstellen?

Grüße

deeprybka 17.11.2015 11:44
Ja.

Thorstie 18.11.2015 06:08
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Thorsten (2015-11-17 18:07:29) Run:2
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
File: "C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe"
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [wideband-8] => C:\ProgramData\wideband-33\wideband-0.exe [601600 2015-11-17] (Oracle Corp)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\debounce-64.lnk [2015-11-16]
ShortcutTarget: debounce-64.lnk -> C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe (Intel(R) Corporation)
C:\Users\Thorsten\AppData\Roaming\debounce-2
2015-11-17 07:38 - 2015-11-17 08:00 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\pfmea-62
2015-11-17 07:36 - 2015-11-17 07:36 - 00000000 ____D C:\ProgramData\wideband-33
2015-11-16 17:56 - 2015-11-16 17:56 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\debounce-2
2015-11-16 17:53 - 2015-11-16 17:53 - 00000000 ____D C:\ProgramData\siphon-32
2015-11-16 12:50 - 2015-11-16 17:53 - 00000000 ____D C:\ProgramData\oyn
       
*****************

Prozess erfolgreich geschlossen.

========================= File: "C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe" ========================

Datei ist digital signiert
MD5: 8BB3C40F07EEDD04812F10BD0EDDA75C
Erstellungs- und Änderungsdatum: 2015-05-31 07:15 - 2015-11-16 17:53
Größe: 4532680
Attribute: ----A
Firmenname: MY.COM B.V.
Interne Name: MyComGames.exe
Original Name: MyComGames.exe
Produkt: MY.COM GAME CENTER
Beschreibung: MY.COM GAME CENTER
Datei Version: 3.0.157.31559
Produkt Version: 3.0.157.31559
Urheberrecht: Copyright (C) 2015 MY.COM B.V.

====== Ende von File: ======

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\wideband-8 => Wert nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\debounce-64.lnk => nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe => nicht gefunden.
"C:\Users\Thorsten\AppData\Roaming\debounce-2" => nicht gefunden.
"C:\Users\Thorsten\AppData\Roaming\pfmea-62" => nicht gefunden.
C:\ProgramData\wideband-33 => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\debounce-2" => nicht gefunden.
"C:\ProgramData\siphon-32" => nicht gefunden.
C:\ProgramData\oyn => erfolgreich verschoben


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:07:31 ====
Der Rest dauer noch :)

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=214907ac6644a14db26db8e73624b220
# end=init
# utc_time=2015-11-17 05:09:43
# local_time=2015-11-17 06:09:43 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26767
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=214907ac6644a14db26db8e73624b220
# end=updated
# utc_time=2015-11-17 05:13:07
# local_time=2015-11-17 06:13:07 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=214907ac6644a14db26db8e73624b220
# engine=26767
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-11-17 10:48:05
# local_time=2015-11-17 11:48:05 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1305 16777213 100 100 20396 12019137 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 58001 199430335 0 0
# scanned=370537
# found=20
# cleaned=0
# scan_time=20097
sh=D62E826B13E242DC0BABCAD05E3A4613795A024F ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\ffsearch_toolbar!1.0.0.1025.xpi.vir"
sh=6F2DDAFE7B526A4CC60D75CCB1D4EBEA6F5D0DDC ft=1 fh=a836ee7136df2313 vn="Win32/ELEX.BM evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\XTab\HPNotify.exe.vir"
sh=63B8C91672775A8A9D1641AF128B88DB0B1A9B3F ft=0 fh=0000000000000000 vn="JS/ClaraLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thorsten\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9739_0\scripts\content\montiera.js.vir"
sh=57C872446FAA34F3C1403986702F9177DFC0A7D0 ft=0 fh=0000000000000000 vn="JS/ClaraLab.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thorsten\AppData\Local\BoBrowser\User Data\Default\Extensions\gfmdmibgfbecppaeocifplgmepgcpcbi\1.3.0.9739_0\scripts\content\scriptInjection.js.vir"
sh=728D952AC1492F8331E2ED29921D5DDB8658697A ft=0 fh=0000000000000000 vn="Win32/Toolbar.TNT2.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\Extensions\fftoolbar2014@etech.com\chrome\content\toolbar.js.vir"
sh=DFF38BB9F4E64EFC4D1D67DA8840FCDB4D85B838 ft=1 fh=c0c1bc199acbe639 vn="Variante von Win32/Kryptik.ECFL Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\15.11.2015_19.56.20\susp0000\file0000\tsk0000.dta"
sh=7AA897506ED836323189474EBFF3274A9EEB0291 ft=1 fh=23843d0bbb8bc775 vn="Win32/Trustezeb.K Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\15.11.2015_19.56.20\susp0001\file0000\tsk0000.dta"
sh=C68B7A535713E8B316B25EF587F6F9D88BA11C03 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-03-07 082128\Backup Files 2015-03-07 082128\Backup files 3.zip"
sh=4493AB0E6ACBB08F383A2BB190764ACF91AB5701 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-04-20 074317\Backup Files 2015-04-20 074317\Backup files 4.zip"
sh=659C22DF4219227E5E1C7E4C1A3C5845A7F1CE8C ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-04-20 074317\Backup Files 2015-05-04 064028\Backup files 2.zip"
sh=5B4E9A18277090F4A643AD75B4FC1BBF143AADC2 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-04-20 074317\Backup Files 2015-05-10 190000\Backup files 1.zip"
sh=B0CA01AC8542ADB41B080AFDAB4A463A00A9CE5E ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-05-17 190048\Backup Files 2015-05-17 190048\Backup files 5.zip"
sh=CA1B7F8CAF9B7C43DE6A116200BA1945B8F025E3 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-05-17 190048\Backup Files 2015-05-30 170657\Backup files 2.zip"
sh=545408EAB66D41DB578F003C8C83335D3A4E5D6F ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadAdmin.I evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-06-07 190001\Backup Files 2015-06-14 194511\Backup files 3.zip"
sh=6F8594396007D0A54067FEA23C1033958B4E965D ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-09-06 092910\Backup Files 2015-09-06 092910\Backup files 8.zip"
sh=592B4FB614761A170808EBBCC13E8A1C7F7B96E0 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-09-06 092910\Backup Files 2015-10-04 190002\Backup files 16.zip"
sh=6FC61923FC14ACE2EBA2BBF370CFD94679A9AB63 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-10-18 190005\Backup Files 2015-10-25 190006\Backup files 1.zip"
sh=77D9B0952D3D0D1BC30457B0540635CC8BB68096 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-10-18 190005\Backup Files 2015-11-01 192100\Backup files 1.zip"
sh=854CA8675AB0348A3D70C6DF8299384223F5B6D0 ft=0 fh=0000000000000000 vn="Win32/TrojanDownloader.Nymaim.BA Trojaner" ac=I fn="D:\PC-THORSTEN\Backup Set 2015-10-18 190005\Backup Files 2015-11-08 190005\Backup files 1.zip"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/PSW.Papras.EH Trojaner" ac=I fn="${Memory}"
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (18-11-2015 06:06:20)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4532680 2015-11-16] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [valve-83] => C:\ProgramData\valve-1\valve-1.exe [464896 2015-11-18] (Quantum Corp)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\glonass-0.lnk [2015-11-17]
ShortcutTarget: glonass-0.lnk -> C:\Users\Thorsten\AppData\Roaming\glonass-8\glonass-2.exe (Intel(R) Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-17] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-17] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-18 06:06 - 2015-11-18 06:06 - 00026527 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-18 01:22 - 2015-11-18 01:22 - 00000000 ____D C:\ProgramData\valve-1
2015-11-17 19:21 - 2015-11-17 19:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\glonass-8
2015-11-17 19:19 - 2015-11-17 19:19 - 00000000 ____D C:\ProgramData\hoist-1
2015-11-17 18:09 - 2015-11-17 18:09 - 02870984 _____ (ESET) C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 18:08 - 2015-11-17 19:19 - 00000000 ____D C:\ProgramData\oyn
2015-11-17 17:46 - 2015-11-17 19:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasp-0
2015-11-17 17:40 - 2015-11-17 18:02 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\hardness-2
2015-11-17 07:42 - 2015-11-17 17:43 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-17 07:41 - 2015-11-17 07:41 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-17 07:41 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-17 07:41 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-17 07:41 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-17 07:40 - 2015-11-17 07:41 - 22908888 _____ (Malwarebytes ) C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 19:09 - 2015-11-15 19:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 15:51 - 2015-11-18 06:06 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-17 08:02 - 02008576 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 13:34 - 2015-11-17 18:08 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-17 18:20 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-17 18:20 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-18 06:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-18 05:58 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-18 05:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-18 05:40 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-18 03:44 - 2015-02-19 10:30 - 01918253 _____ C:\Windows\WindowsUpdate.log
2015-11-17 18:20 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-17 18:16 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-17 18:16 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-17 18:14 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-17 18:14 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-17 18:14 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-17 18:14 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-17 18:08 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-17 18:08 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-17 18:08 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-17 18:08 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-17 18:08 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-17 18:08 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-17 18:08 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-17 18:08 - 2015-02-19 10:51 - 00209282 _____ C:\Windows\PFRO.log
2015-11-17 18:08 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-17 18:08 - 2009-07-14 05:51 - 00153233 _____ C:\Windows\setupact.log
2015-11-16 12:51 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-08 11:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft
2015-10-19 06:23 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_fb57m.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================

Thorstie 18.11.2015 06:08
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Thorsten (2015-11-18 06:07:00)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TEC-IT TBarCode Office 10 (HKLM\...\{B9C3D27C-D72A-4F48-A0A4-8E1758219735}) (Version: 10.6.0.13858 - TEC-IT Datenverarbeitung GmbH)
TECIT.TBarCode.ExcelAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\29813F0DC48E97541FBED4F14E3701CDE7C4C491) (Version: 1.0.0.0 - TECIT.TBarCode.ExcelAddIn)
TECIT.TBarCode.WordAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\71AE37307294CC1A34110ADBD07E07D1842629B9) (Version: 9.0.0.12803 - TECIT.TBarCode.WordAddIn)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000001-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-11-2015 22:47:40 DirectX wurde installiert
03-11-2015 07:50:55 Windows Update
08-11-2015 19:00:13 Windows-Sicherung
12-11-2015 08:06:39 Windows Update
15-11-2015 19:00:13 Windows-Sicherung
16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-11-01 22:48 - 2015-11-17 18:20 - 00348360 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-17 18:08 - 2015-11-17 18:08 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_fb57m.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 06:35 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-02-28 08:27 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-10-01 19:30 - 2015-10-01 19:30 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\8db6991b5800d6791b92d33532627df2\PSIClient.ni.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66925414.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66925414.sys => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/18/2015 06:06:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 06:03:10 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:10:46 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/17/2015 06:12:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/17/2015 06:09:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/17/2015 06:09:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/17/2015 06:08:10 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/17/2015 06:07:35 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/17/2015 06:03:23 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/17/2015 05:43:32 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/17/2015 06:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/17/2015 06:13:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/17/2015 06:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/17/2015 06:13:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/17/2015 06:13:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/17/2015 06:13:02 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/17/2015 06:11:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/17/2015 06:11:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/17/2015 06:11:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/17/2015 06:11:30 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 8192.98 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 20380.52 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:87.19 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1191.49 GB) NTFS
Drive e: (KRD10) (CDROM) (Total:0.26 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka 18.11.2015 10:00
Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [valve-83] => C:\ProgramData\valve-1\valve-1.exe [464896 2015-11-18] (Quantum Corp)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\glonass-0.lnk [2015-11-17]
ShortcutTarget: glonass-0.lnk -> C:\Users\Thorsten\AppData\Roaming\glonass-8\glonass-2.exe (Intel(R) Corporation)
2015-11-18 01:22 - 2015-11-18 01:22 - 00000000 ____D C:\ProgramData\valve-1
2015-11-17 19:21 - 2015-11-17 19:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\glonass-8
2015-11-17 19:19 - 2015-11-17 19:19 - 00000000 ____D C:\ProgramData\hoist-1
2015-11-17 18:08 - 2015-11-17 19:19 - 00000000 ____D C:\ProgramData\oyn
2015-11-17 17:46 - 2015-11-17 19:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasp-0
2015-11-17 17:40 - 2015-11-17 18:02 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\hardness-2
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Rechner startet neu: Boote direkt in den abgesicherten Modus mit Netzwerktreibern:

http://deeprybka.trojaner-board.de/b...ir/safenet.PNG

Zitat:
halten Sie beim Neustart des Computers F8 gedrückt. F8 muss gedrückt werden, bevor das Windows-Logo angezeigt wird. Wiederholen Sie den Vorgang, wenn das Windows-Logo angezeigt wird. Warten Sie, bis die Windows-Anmeldeaufforderung angezeigt wird, fahren Sie den Computer herunter, und starten Sie ihn dann neu.
Starten des Computers im abgesicherten Modus - Windows-Hilfe

Rechner ab jetzt nur noch im abgesicherten Modus mit Netzwerktreibern hochfahren!

Dann bitte einen FRST-Scan aus dem abgesicherten Modus:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie 18.11.2015 12:54
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Thorsten (2015-11-18 12:41:35) Run:3
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [valve-83] => C:\ProgramData\valve-1\valve-1.exe [464896 2015-11-18] (Quantum Corp)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\glonass-0.lnk [2015-11-17]
ShortcutTarget: glonass-0.lnk -> C:\Users\Thorsten\AppData\Roaming\glonass-8\glonass-2.exe (Intel(R) Corporation)
2015-11-18 01:22 - 2015-11-18 01:22 - 00000000 ____D C:\ProgramData\valve-1
2015-11-17 19:21 - 2015-11-17 19:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\glonass-8
2015-11-17 19:19 - 2015-11-17 19:19 - 00000000 ____D C:\ProgramData\hoist-1
2015-11-17 18:08 - 2015-11-17 19:19 - 00000000 ____D C:\ProgramData\oyn
2015-11-17 17:46 - 2015-11-17 19:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\gaasp-0
2015-11-17 17:40 - 2015-11-17 18:02 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\hardness-2
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\Run\\valve-83 => Wert erfolgreich entfernt
C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\glonass-0.lnk => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\glonass-8\glonass-2.exe => erfolgreich verschoben
C:\ProgramData\valve-1 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\glonass-8 => erfolgreich verschoben
C:\ProgramData\hoist-1 => erfolgreich verschoben
C:\ProgramData\oyn => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\gaasp-0 => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\hardness-2" => nicht gefunden.


Das System musste neu gestartet werden.

==== Ende von Fixlog 12:41:37 ====
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (18-11-2015 12:52:53)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4532680 2015-11-16] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [ascii-1] => C:\Users\Thorsten\AppData\Roaming\ascii-0\ascii-7.exe [580608 2015-11-18] (American Megatrends, Inc)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-18] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-18 12:52 - 2015-11-18 12:53 - 00022014 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-18 12:41 - 2015-11-18 12:43 - 00000000 ____D C:\ProgramData\oyn
2015-11-18 12:39 - 2015-11-18 12:39 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ascii-0
2015-11-18 07:38 - 2015-11-18 07:38 - 00000000 ____D C:\Users\Thorsten\Desktop\0907 Waging am See
2015-11-17 18:09 - 2015-11-17 18:09 - 02870984 _____ (ESET) C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-17 07:40 - 2015-11-17 07:41 - 22908888 _____ (Malwarebytes ) C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 19:09 - 2015-11-15 19:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 15:51 - 2015-11-18 12:52 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-17 08:02 - 02008576 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-18 07:42 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-18 07:42 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-18 08:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-18 12:50 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-18 12:51 - 2015-02-19 10:51 - 00213160 _____ C:\Windows\PFRO.log
2015-11-18 12:50 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-18 12:50 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-18 12:50 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-18 12:50 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-18 12:49 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-18 12:49 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-18 12:49 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-18 12:49 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-18 12:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-18 12:49 - 2009-07-14 05:51 - 00153625 _____ C:\Windows\setupact.log
2015-11-18 12:48 - 2015-02-19 10:30 - 01962855 _____ C:\Windows\WindowsUpdate.log
2015-11-18 12:48 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-18 12:48 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-18 12:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-18 12:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-18 07:41 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-18 07:39 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-18 07:39 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-18 07:39 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-18 07:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-18 07:29 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft
2015-10-19 06:23 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfd66wn.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Thorsten (2015-11-18 12:53:26)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Safe Mode (with Networking)
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TEC-IT TBarCode Office 10 (HKLM\...\{B9C3D27C-D72A-4F48-A0A4-8E1758219735}) (Version: 10.6.0.13858 - TEC-IT Datenverarbeitung GmbH)
TECIT.TBarCode.ExcelAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\29813F0DC48E97541FBED4F14E3701CDE7C4C491) (Version: 1.0.0.0 - TECIT.TBarCode.ExcelAddIn)
TECIT.TBarCode.WordAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\71AE37307294CC1A34110ADBD07E07D1842629B9) (Version: 9.0.0.12803 - TECIT.TBarCode.WordAddIn)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000001-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-11-2015 22:47:40 DirectX wurde installiert
03-11-2015 07:50:55 Windows Update
08-11-2015 19:00:13 Windows-Sicherung
12-11-2015 08:06:39 Windows Update
15-11-2015 19:00:13 Windows-Sicherung
16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66925414.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66925414.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/18/2015 00:52:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:49:57 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:48:45 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:45:21 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:43:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:42:41 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:41:41 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:41:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:39:38 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:38:42 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/18/2015 00:53:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:52:46 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (11/18/2015 00:52:46 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (11/18/2015 00:51:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:51:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:51:53 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:51:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:51:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:51:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/18/2015 00:51:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 9%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 11088.62 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 23333.6 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:87.17 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1191.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka 18.11.2015 17:15
Boote bitte wieder in den abgesicherten Modus:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [ascii-1] => C:\Users\Thorsten\AppData\Roaming\ascii-0\ascii-7.exe [580608 2015-11-18] (American Megatrends, Inc)
2015-11-18 12:41 - 2015-11-18 12:43 - 00000000 ____D C:\ProgramData\oyn
2015-11-18 12:39 - 2015-11-18 12:39 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ascii-0
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Rechner startet neu: Boote bitte wieder direkt in den abgesicherten Modus mit Netzwerktreibern:


Dann bitte einen FRST-Scan aus dem abgesicherten Modus:

Schritt 2

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie 19.11.2015 07:35
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Thorsten (2015-11-19 07:31:30) Run:4
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Start-Modus: Safe Mode (with Networking)
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [ascii-1] => C:\Users\Thorsten\AppData\Roaming\ascii-0\ascii-7.exe [580608 2015-11-18] (American Megatrends, Inc)
2015-11-18 12:41 - 2015-11-18 12:43 - 00000000 ____D C:\ProgramData\oyn
2015-11-18 12:39 - 2015-11-18 12:39 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ascii-0
       
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ascii-1 => Wert nicht gefunden.
C:\ProgramData\oyn => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\ascii-0" => nicht gefunden.


Das System musste neu gestartet werden.

==== Ende von Fixlog 07:31:30 ====
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:16-11-2015
durchgeführt von Thorsten (2015-11-19 07:33:52)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Safe Mode (with Networking)
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TEC-IT TBarCode Office 10 (HKLM\...\{B9C3D27C-D72A-4F48-A0A4-8E1758219735}) (Version: 10.6.0.13858 - TEC-IT Datenverarbeitung GmbH)
TECIT.TBarCode.ExcelAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\29813F0DC48E97541FBED4F14E3701CDE7C4C491) (Version: 1.0.0.0 - TECIT.TBarCode.ExcelAddIn)
TECIT.TBarCode.WordAddIn (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\71AE37307294CC1A34110ADBD07E07D1842629B9) (Version: 9.0.0.12803 - TECIT.TBarCode.WordAddIn)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000001-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

01-11-2015 22:47:40 DirectX wurde installiert
03-11-2015 07:50:55 Windows Update
08-11-2015 19:00:13 Windows-Sicherung
12-11-2015 08:06:39 Windows Update
15-11-2015 19:00:13 Windows-Sicherung
16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============


==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\66925414.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\66925414.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/19/2015 07:32:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/19/2015 07:30:08 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/19/2015 07:27:38 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 07:15:33 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:52:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:49:57 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:48:45 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:45:21 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/18/2015 00:43:06 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/18/2015 00:42:41 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/19/2015 07:32:44 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{D3DCB472-7261-43CE-924B-0704BD730D5F}

Error: (11/19/2015 07:32:44 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068fdPHost{145B4335-FE2A-4927-A040-7C35AD3180EF}

Error: (11/19/2015 07:32:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (11/19/2015 07:32:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 9%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 11100.26 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 23353.17 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:87.17 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1191.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:16-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (19-11-2015 07:33:22)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Safe Mode (with Networking)
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4532680 2015-11-16] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88] => C:\Users\Thorsten\AppData\Roaming\battery-16\battery-7.exe [580608 2015-11-19] (American Megatrends, Inc)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {0003aa5a-06dc-11e5-975d-d050995a3687} - F:\iLinker.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {06c7c8d0-f570-11e4-9666-d050995a3687} - F:\pushinst.exe
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MountPoints2: {97395ad1-bf1e-11e4-adf7-806e6f6e6963} - E:\ASRSetup.exe
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk [2015-11-18]
ShortcutTarget: quark-08.lnk -> C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe (Intel(R) Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?PC=AV01
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2015-10-27] [ist nicht signiert]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
S2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
S2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-18] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-19] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-19 07:33 - 2015-11-19 07:33 - 00022261 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-19 07:28 - 2015-11-19 07:28 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\battery-16
2015-11-18 19:20 - 2015-11-18 19:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\quark-0
2015-11-18 19:18 - 2015-11-18 19:18 - 00000000 ____D C:\ProgramData\median-72
2015-11-18 07:38 - 2015-11-18 07:38 - 00000000 ____D C:\Users\Thorsten\Desktop\0907 Waging am See
2015-11-17 18:09 - 2015-11-17 18:09 - 02870984 _____ (ESET) C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-17 07:40 - 2015-11-17 07:41 - 22908888 _____ (Malwarebytes ) C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 19:09 - 2015-11-15 19:09 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 15:51 - 2015-11-19 07:33 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-17 08:02 - 02008576 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-08 12:07 - 2015-11-08 12:38 - 00000000 ____D C:\Users\Thorsten\Desktop\hp
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-03 07:43 - 2015-11-03 07:44 - 277045248 _____ C:\Users\Thorsten\Downloads\kav_rescue_10.iso
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 01640768 _____ C:\Users\Thorsten\Downloads\battlelog-web-plugins_2.7.1_162.exe
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-18 19:18 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 19:36 - 2015-11-01 19:36 - 31332760 _____ (Electronic Arts, Inc.) C:\Users\Thorsten\Downloads\OriginThinSetup.exe
2015-11-01 19:18 - 2015-11-01 19:28 - 00715099 _____ C:\Users\Thorsten\Downloads\pbsetup(1).zip
2015-11-01 10:06 - 2015-11-01 10:06 - 00711649 _____ C:\Users\Thorsten\Downloads\pbsetup.zip
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-30 17:54 - 2015-10-31 18:19 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-18 19:18 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:49 - 2015-10-27 19:49 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup(1).exe
2015-10-27 19:48 - 2015-11-18 22:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00717656 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\setup.exe
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-19 07:27 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:16 - 2015-10-27 13:16 - 01937280 _____ (Kaspersky Lab) C:\Users\Thorsten\Downloads\kis16.0.0.614de_8295.exe
2015-10-27 13:02 - 2015-10-27 13:02 - 01694208 _____ C:\Users\Thorsten\Downloads\adwcleaner_5.015.exe
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\993
2015-10-26 13:06 - 2015-10-26 13:06 - 00000000 ____D C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 12:44 - 2015-10-27 07:40 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 17:52 - 2015-10-25 17:52 - 00000000 ____D C:\Users\Thorsten\AppData\Local\9u92
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-19 07:28 - 2015-02-19 10:51 - 00213828 _____ C:\Windows\PFRO.log
2015-11-19 07:27 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-19 07:27 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-19 07:27 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-19 07:27 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-19 07:27 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-19 07:27 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-19 07:27 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-19 07:27 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-19 07:27 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-19 07:27 - 2009-07-14 05:51 - 00153737 _____ C:\Windows\setupact.log
2015-11-18 22:06 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-18 22:06 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-18 22:06 - 2015-02-19 10:30 - 01979730 _____ C:\Windows\WindowsUpdate.log
2015-11-18 19:23 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-18 19:23 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-18 19:21 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-18 19:21 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-18 19:21 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-18 19:18 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-18 07:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-18 07:29 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-15 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-15 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp662bn8.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================

deeprybka 19.11.2015 10:11
Hallo, das ist jetzt doch interessanter als erwartet. :D

Fragen:
Hast Du diese Email mit der "Mahnung" noch?
Welche dll meckert Kaspersky an? Bitte Log oder Screenshot posten.
Der PC wurde in der Zwischenzeit nur im abgesicherten Modus gestartet?
Hast Du einen zweiten PC von dem Du etwas downloaden könntest?
Hast Du noch etwas Zeit um das Problem zu lösen oder möchtest Du neuinstallieren?

Thorstie 19.11.2015 11:57
Hallo, das ist jetzt doch interessanter als erwartet.

-> Hi, ich dachte mir schon das ich ein Sonderfall bin ist normal bei mir!

Fragen:
Hast Du diese Email mit der "Mahnung" noch?

-> Nein das Teil habe ich direkt gelöscht. Ich wußte gleich was ich falsch gemacht hab.

Welche dll meckert Kaspersky an? Bitte Log oder Screenshot posten.

-> Im Moment gar keine mehr. Bis vor 2 Tagen hat er auch immer wieder .exe Dateien gefunden die schädlich waren/bzw. sind.

Der PC wurde in der Zwischenzeit nur im abgesicherten Modus gestartet?

-> jaein:balla:
Hast Du einen zweiten PC von dem Du etwas downloaden könntest?

-> ja gar kein Problem!

Hast Du noch etwas Zeit um das Problem zu lösen oder möchtest Du neuinstallieren?

-> Ja hab ich bitte nicht neuinstallieren:heulen:

deeprybka 19.11.2015 12:12
OK.
Vielleicht bin ich schon "trojanerblind" aber muss mir das nochmal in Ruhe genau anschauen. :)
Poste Dir am Abend neue Anweisungen.

Jetzt bitte mal Combofix im NormalBoot (!) laufen lassen. Kaspersky Echtzeitschutz vorher deaktivieren. Combofix auf den Desktop runterladen.

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Thorstie 19.11.2015 14:11
Code:
ComboFix 15-11-17.01 - Thorsten 19.11.2015  13:38:02.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.12230.9597 [GMT 1:00]
ausgeführt von:: c:\users\Thorsten\Desktop\ComboFix.exe
AV: Kaspersky Internet Security *Disabled/Updated* {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
FW: Kaspersky Internet Security *Disabled* {8C27F4BD-7F99-4CD1-5651-D3EB97674300}
SP: Kaspersky Internet Security *Disabled/Updated* {0F7D947C-13CC-4207-47BE-41AC12334EC6}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Thorsten\AppData\Roaming\993
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_npf
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-10-19 bis 2015-11-19  ))))))))))))))))))))))))))))))
.
.
2015-11-19 12:50 . 2015-11-19 12:50        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-11-19 11:05 . 2015-11-19 11:05        --------        d-----w-        c:\users\Thorsten\AppData\Roaming\glonass-0
2015-11-19 06:37 . 2015-11-19 12:52        94656        ----a-w-        c:\windows\system32\WPRO_41_2001woem.tmp
2015-11-19 06:37 . 2015-11-19 11:05        --------        d-----w-        c:\programdata\oyn
2015-11-18 18:20 . 2015-11-18 18:20        --------        d-----w-        c:\users\Thorsten\AppData\Roaming\quark-0
2015-11-18 18:18 . 2015-11-18 18:18        --------        d-----w-        c:\programdata\median-72
2015-11-17 06:41 . 2015-11-17 06:41        --------        d-----w-        c:\programdata\Malwarebytes
2015-11-17 06:41 . 2015-10-20 03:33        11140960        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{BE16EA4E-3FC4-4367-A159-9BF44C24462D}\mpengine.dll
2015-11-15 18:58 . 2015-11-15 18:58        --------        d-----w-        C:\TDSSKiller_Quarantine
2015-11-15 14:51 . 2015-11-19 06:33        --------        d-----w-        C:\FRST
2015-11-12 06:54 . 2015-11-03 17:55        3211264        ----a-w-        c:\windows\system32\win32k.sys
2015-11-09 18:30 . 2015-11-09 18:30        --------        d-----w-        c:\windows\SysWow64\%Data%
2015-11-05 07:50 . 2015-11-08 11:28        --------        d---a-w-        C:\Kaspersky Rescue Disk 10.0
2015-11-02 06:42 . 2015-11-02 06:42        --------        d-----w-        c:\users\Thorsten\AppData\Local\ESN
2015-11-02 06:42 . 2015-11-02 06:42        --------        d-----w-        c:\program files (x86)\Battlelog Web Plugins
2015-11-01 21:48 . 2015-11-19 11:09        348360        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2015-11-01 21:48 . 2015-11-02 06:45        76152        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2015-11-01 18:39 . 2015-11-01 18:43        --------        d-----w-        c:\program files (x86)\Origin Games
2015-11-01 18:38 . 2015-11-02 06:42        --------        d-----w-        c:\users\Thorsten\AppData\Local\Origin
2015-10-30 16:54 . 2015-10-31 17:19        --------        d-----w-        c:\users\Thorsten\AppData\Roaming\inrush-56
2015-10-27 23:02 . 2015-10-03 02:18        102520        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2015-10-27 18:51 . 2015-11-19 11:09        348360        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2015-10-27 18:09 . 2015-10-27 18:09        --------        d-----w-        c:\programdata\Kaspersky Lab Setup Files
2015-10-27 15:03 . 2015-10-27 15:03        --------        d-----w-        c:\windows\SysWow64\config\systemprofile\.oracle_jre_usage
2015-10-27 12:20 . 2013-05-06 07:13        110176        ----a-w-        c:\windows\system32\klfphc.dll
2015-10-27 12:20 . 2015-10-27 12:20        --------        d-----w-        c:\windows\ELAMBKUP
2015-10-27 12:20 . 2015-11-19 12:52        --------        d-----w-        c:\programdata\Kaspersky Lab
2015-10-27 12:20 . 2015-10-27 18:13        --------        d-----w-        c:\program files (x86)\Kaspersky Lab
2015-10-27 12:20 . 2015-10-27 12:40        940936        ----a-w-        c:\windows\system32\drivers\klif.sys
2015-10-27 12:20 . 2015-10-27 12:40        181640        ----a-w-        c:\windows\system32\drivers\klflt.sys
2015-10-26 12:06 . 2015-10-26 12:06        --------        d-----w-        c:\users\Thorsten\AppData\Local\4r50
2015-10-26 11:44 . 2015-10-27 06:40        --------        d-----w-        c:\users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 16:52 . 2015-10-25 16:52        --------        d-----w-        c:\users\Thorsten\AppData\Roaming\z86
2015-10-25 16:52 . 2015-10-25 16:52        --------        d-----w-        c:\users\Thorsten\AppData\Local\9u92
2015-10-25 09:01 . 2015-10-25 09:04        --------        d-----w-        c:\program files (x86)\Mozilla Thunderbird
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-11-19 12:52 . 2015-02-28 08:01        34752        ----a-w-        c:\windows\system32\drivers\WPRO_41_2001.sys
2015-11-19 11:09 . 2015-02-19 20:43        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2015-11-11 08:23 . 2015-02-19 10:17        145617392        ----a-w-        c:\windows\system32\MRT.exe
2015-11-06 17:54 . 2015-03-07 07:12        32320        ----a-w-        c:\windows\system32\drivers\FNETTBOH_305.SYS
2015-10-27 18:48 . 2015-02-27 07:50        780488        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-27 18:48 . 2015-02-27 07:50        142536        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-27 12:40 . 2015-06-08 18:43        41352        ----a-w-        c:\windows\system32\drivers\klpd.sys
2015-10-27 12:39 . 2015-07-04 01:18        227000        ----a-w-        c:\windows\system32\drivers\klhk.sys
2015-10-20 00:45 . 2015-11-11 07:04        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2015-10-13 10:24 . 2015-10-13 10:24        4587520        ----a-w-        c:\windows\SysWow64\GPhotos.scr
2015-10-12 03:05 . 2015-02-28 00:01        1423304        ----a-w-        c:\windows\SysWow64\nvspcap.dll
2015-10-12 03:05 . 2015-02-28 00:01        1316000        ----a-w-        c:\windows\SysWow64\nvspbridge.dll
2015-10-12 03:04 . 2015-02-28 00:01        1756424        ----a-w-        c:\windows\system32\nvspbridge64.dll
2015-10-12 03:04 . 2015-02-28 00:01        1710752        ----a-w-        c:\windows\system32\nvspcap64.dll
2015-10-03 05:06 . 2015-09-25 17:40        15002304        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2015-10-03 05:06 . 2015-02-28 00:06        112944        ----a-w-        c:\windows\system32\OpenCL.dll
2015-10-03 05:06 . 2015-02-28 00:06        105080        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2015-10-03 05:06 . 2015-02-28 00:06        3573832        ----a-w-        c:\windows\system32\nvapi64.dll
2015-10-03 05:06 . 2015-02-28 00:06        3154104        ----a-w-        c:\windows\SysWow64\nvapi.dll
2015-10-03 05:06 . 2015-02-28 00:06        17395512        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2015-10-03 05:06 . 2015-02-28 00:06        12769408        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2015-10-03 02:49 . 2015-02-28 00:06        6358648        ----a-w-        c:\windows\system32\nvcpl.dll
2015-10-03 02:49 . 2015-02-28 00:06        2982520        ----a-w-        c:\windows\system32\nvsvc64.dll
2015-10-03 02:49 . 2015-02-28 00:06        938800        ----a-w-        c:\windows\system32\nvvsvc.exe
2015-10-03 02:49 . 2015-02-28 00:06        62768        ----a-w-        c:\windows\system32\nvshext.dll
2015-10-03 02:49 . 2015-02-28 00:06        385328        ----a-w-        c:\windows\system32\nvmctray.dll
2015-10-03 02:49 . 2015-02-28 00:06        2554488        ----a-w-        c:\windows\system32\nvsvcr.dll
2015-10-01 18:06 . 2015-10-14 05:28        692672        ----a-w-        c:\windows\system32\winload.efi
2015-10-01 18:04 . 2015-10-14 05:28        616360        ----a-w-        c:\windows\system32\winresume.efi
2015-10-01 18:00 . 2015-10-14 05:28        63488        ----a-w-        c:\windows\system32\setbcdlocale.dll
2015-10-01 18:00 . 2015-10-14 05:28        59392        ----a-w-        c:\windows\system32\appidapi.dll
2015-10-01 18:00 . 2015-10-14 05:28        32768        ----a-w-        c:\windows\system32\appidsvc.dll
2015-10-01 18:00 . 2015-10-14 05:28        17920        ----a-w-        c:\windows\system32\appidcertstorecheck.exe
2015-10-01 18:00 . 2015-10-14 05:28        147456        ----a-w-        c:\windows\system32\appidpolicyconverter.exe
2015-10-01 17:50 . 2015-10-14 05:28        50688        ----a-w-        c:\windows\SysWow64\appidapi.dll
2015-10-01 17:00 . 2015-10-14 05:28        61440        ----a-w-        c:\windows\system32\drivers\appid.sys
2015-10-01 09:33 . 2015-02-28 00:06        5284082        ----a-w-        c:\windows\system32\nvcoproc.bin
2015-09-28 05:40 . 2015-02-21 13:14        97888        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-09-14 00:29 . 2015-09-25 17:40        1898288        ----a-w-        c:\windows\system32\nvdispco6435598.dll
2015-09-14 00:29 . 2015-09-25 17:40        1558832        ----a-w-        c:\windows\system32\nvdispgenco6435598.dll
2015-09-02 03:04 . 2015-09-14 05:34        41984        ----a-w-        c:\windows\system32\lpk.dll
2015-09-02 03:04 . 2015-09-14 05:34        100864        ----a-w-        c:\windows\system32\fontsub.dll
2015-09-02 03:04 . 2015-09-14 05:34        14336        ----a-w-        c:\windows\system32\dciman32.dll
2015-09-02 03:04 . 2015-09-14 05:34        46080        ----a-w-        c:\windows\system32\atmlib.dll
2015-09-02 02:48 . 2015-09-14 05:34        70656        ----a-w-        c:\windows\SysWow64\fontsub.dll
2015-09-02 02:48 . 2015-09-14 05:34        10240        ----a-w-        c:\windows\SysWow64\dciman32.dll
2015-09-02 02:48 . 2015-09-14 05:34        34304        ----a-w-        c:\windows\SysWow64\atmlib.dll
2015-09-02 02:47 . 2015-09-14 05:34        25600        ----a-w-        c:\windows\SysWow64\lpk.dll
2015-09-02 01:47 . 2015-09-14 05:34        372736        ----a-w-        c:\windows\system32\atmfd.dll
2015-09-02 01:33 . 2015-09-14 05:34        299520        ----a-w-        c:\windows\SysWow64\atmfd.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        198464        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Dropbox Update"="c:\users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe" [2015-06-17 134512]
"MyComGames"="c:\users\Thorsten\AppData\Local\MyComGames\MyComGames.exe" [2015-11-16 4532680]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2015-11-12 3638256]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-01-15 452016]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2012-09-11 133408]
"XFastUSB"="c:\program files (x86)\XFastUSB\XFastUsb.exe" [2015-02-28 5021448]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" [2012-09-12 56128]
"FireStormStartUpAutoRun"="c:\program files (x86)\ZotacFireStorm\FireStorm.exe" [2015-07-01 24279040]
"ProductUpdater"="c:\program files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe" [2015-06-17 62464]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
c:\users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-3-16 113664]
Dropbox.lnk - c:\users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 36713096]
quark-08.lnk - c:\users\Thorsten\AppData\Roaming\quark-0\quark-2.exe [2015-11-18 579584]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Kaspersky Software Updater Beta.lnk - c:\program files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe -hide [2015-6-1 1394848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 AVP16.0.0;Kaspersky Anti-Virus Service 16.0.0;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe;c:\program files (x86)\Freemake\CaptureLib\CaptureLibService.exe [x]
R3 AxtuDrv;AxtuDrv;c:\windows\SysWOW64\Drivers\AxtuDrv.sys;c:\windows\SysWOW64\Drivers\AxtuDrv.sys [x]
R3 CM_VENDER_CMD;CM_VENDER_CMD;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys;c:\program files\Common Files\Logitech\G430Install\CMVC64.sys [x]
R3 FNETTBOH_305;FNETTBOH_305;c:\windows\system32\drivers\FNETTBOH_305.SYS;c:\windows\SYSNATIVE\drivers\FNETTBOH_305.SYS [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ivusb;Initio Driver for USB Default Controller;c:\windows\system32\DRIVERS\ivusb.sys;c:\windows\SYSNATIVE\DRIVERS\ivusb.sys [x]
R3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
R3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 vssbrigde64;vssbrigde64;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 cm_km;Kaspersky Lab ZAO Cryptographic Module x64 (Weak);c:\windows\system32\DRIVERS\cm_km.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km.sys [x]
S0 iaStorA;iaStorA;c:\windows\system32\DRIVERS\iaStorA.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorA.sys [x]
S0 iaStorF;iaStorF;c:\windows\system32\DRIVERS\iaStorF.sys;c:\windows\SYSNATIVE\DRIVERS\iaStorF.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 klbackupdisk;Kaspersky Lab klbackupdisk;c:\windows\system32\DRIVERS\klbackupdisk.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupdisk.sys [x]
S1 AsrAppCharger;AsrAppCharger;c:\windows\system32\DRIVERS\AsrAppCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AsrAppCharger.sys [x]
S1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS;c:\windows\SYSNATIVE\drivers\FNETURPX.SYS [x]
S1 klbackupflt;Kaspersky Lab klbackupflt;c:\windows\system32\DRIVERS\klbackupflt.sys;c:\windows\SYSNATIVE\DRIVERS\klbackupflt.sys [x]
S1 klhk;Kaspersky Lab service driver;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;Kaspersky Lab format recognizer driver;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
S2 DevoloNetworkService;devolo Network Service;c:\program files (x86)\devolo\dlan\devolonetsvc.exe;c:\program files (x86)\devolo\dlan\devolonetsvc.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage-Technologie;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-11-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-27 18:48]
.
2015-11-19 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
- c:\users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 17:30]
.
2015-11-19 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
- c:\users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17 17:30]
.
2015-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28 08:07]
.
2015-11-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28 08:07]
.
2015-11-19 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
2015-11-19 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16 10:54]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2015-11-04 23:46        236352        ----a-w-        c:\users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BeatsOSDApp"="c:\program files\IDT\WDM\beats64.exe" [2010-10-21 37888]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-24 1425408]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-10-12 2655520]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-10-12 1710752]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-07-13 12936848]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2015-02-26 13318424]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-08-13 170256]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.google.com
mDefault_Page_URL = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-10 - (no file)
SafeBoot-66925414.sys
Toolbar-10 - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
@DACL=(02 0000)
"ExcludeProfileDirs"="AppData\\Local;AppData\\LocalLow;$Recycle.Bin"
"BuildNumber"=dword:00001db1
"FirstLogon"=dword:00000000
"ParseAutoexec"="1"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-11-19  14:08:58 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-11-19 13:08
.
Vor Suchlauf: 19 Verzeichnis(se), 96.557.965.312 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 96.037.908.480 Bytes frei
.
- - End Of File - - A84EC167FDB6CF07E7EBFBE2E4204C50
Danke schonmal für die ganze Mühe :party:

deeprybka 19.11.2015 18:01
Hallo,
bitte folgendes machen (Normalmodus):

Schritt 1
Downloade Dirhttp://deeprybka.trojaner-board.de/b...ns/proe1tb.pngProcess Explorer auf Deinen Desktop und entpacke die zip-Datei.
  • Rechtsklick auf das Icon und als Administrator starten.
  • Akzeptiere die Lizenzbedingungen.
  • Klicke auf Options und aktiviere "check for virustotal.com".
  • Bestätige die Nutzungsbedingungen und warte auf die Resultate.
  • Erstelle einen Screenshot der Prozesse und poste ihn hier. (Achte bitte darauf, dass alle Prozesse auf dem Bild enthalten sind)

Schritt 2
Download von https://sites.google.com/site/canned...b27e2-Zoek.png ZOEK (by Smeenk)
  • Speichere die zoek.exe auf dem Desktop.
  • Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
  • Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
  • Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:
    Code:
    filesrcm;
    C:\ProgramData;m3f
    C:\users\Thorsten\AppData\Roaming;m3f
    C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe;virustotal
    C:\Users\Thorsten\AppData\Roaming\battery-16\battery-7.exe;virustotal
    C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe;virustotal
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
    Zitat:
    Zoek.exe is running now.
    Do not start any browser windows, they may get closed automatically.
    Please wait! This window will close when finished.
    A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
  • Bitte poste mir das zoek-results.log.

Thorstie 19.11.2015 19:46
Liste der Anhänge anzeigen (Anzahl: 1)
Hier mal der Anhang als PDF! Das müßte die Prozesse zeigen! Hoffe ich

Thorstie 19.11.2015 19:57
Code:
Zoek.exe v5.0.0.1 Updated 19-November-2015
Tool run by Thorsten on 19.11.2015 at 19:49:06,15.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Thorsten\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.11.2015 19:50:13 Zoek.exe System Restore Point Created Successfully.

==== VirusTotal Scan ======================
 
C:\Users\Thorsten\AppData\Roaming\debounce-2\debounce-58.exe not found
C:\Users\Thorsten\AppData\Roaming\battery-16\battery-7.exe not found
C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-11-19 12:36:15        F042EE4C8D66248D9B86DCF52ABAE416        256000        ----a-w-        C:\Windows\PEV.exe
2015-11-19 12:36:15        9E05A9C264C8A908A8E79450FCBFF047        80412        ----a-w-        C:\Windows\grep.exe
2015-11-19 12:36:15        5E832F4FAF5F481F2EAF3B3A48F603B8        68096        ----a-w-        C:\Windows\zip.exe
2015-11-19 12:36:15        0297C72529807322B152F517FDB0A9FC        406528        ----a-w-        C:\Windows\SWSC.exe
2015-11-19 12:36:15        0277C027A26428DB64EF4F64F52BB4FD        208896        ----a-w-        C:\Windows\MBR.exe
====== C:\Users\Thorsten\AppData\Local\Temp ====
2015-11-19 17:35:09        ECA3AE15FC14FF9736F637143F4C5A96        71168        ----a-w-        C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp6ixhcl.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-11-11 07:04:57        D714B7F77DB7E1D81CBFCE8DDCDCC5FE        566784        ----a-w-        C:\Windows\SysWOW64\wuapi.dll
2015-11-11 07:04:56        F1BAAC5C7B35968EFAB7C21C32ECBB28        93696        ----a-w-        C:\Windows\SysWOW64\wudriver.dll
2015-11-11 07:04:56        B35154CD5A10368ED3DB277BB38012B3        35328        ----a-w-        C:\Windows\SysWOW64\wuapp.exe
2015-11-11 07:04:56        5670A441F06AE04D2B587D1BD2DC1DC0        30208        ----a-w-        C:\Windows\SysWOW64\wups.dll
2015-11-11 07:04:56        1E643C501E621F91776F9F9AC226FADF        174080        ----a-w-        C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 07:04:49        912EBD61017559C8163FAF3C1F54AD00        64000        ----a-w-        C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 07:04:49        68BF7EB3D428C57528E2D134B34512F1        76288        ----a-w-        C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 07:04:49        14A7260EAD6FAA708DA57E3C6E27A0E4        47616        ----a-w-        C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 07:04:48        91220E779EDE9C3511C42ECDAA58192B        504832        ----a-w-        C:\Windows\SysWOW64\vbscript.dll
2015-11-11 07:04:48        5FA5FD8DCE9BC04D87A17D0E335388CF        130048        ----a-w-        C:\Windows\SysWOW64\occache.dll
2015-11-11 07:04:48        25E81C8C9AE6251F472AD3677DE829E0        1311744        ----a-w-        C:\Windows\SysWOW64\urlmon.dll
2015-11-11 07:04:48        1840A7632E1E6EC26762D460F6D1B0E2        342728        ----a-w-        C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 07:04:48        035F1154B50CE7CAFB60405D83F13A78        60416        ----a-w-        C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 07:04:47        D49701891D475F61B23BA4DBEF6E71EC        20331520        ----a-w-        C:\Windows\SysWOW64\mshtml.dll
2015-11-11 07:04:47        2F898AFA929824861737488746FD5B47        689152        ----a-w-        C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 07:04:47        00F600046B58D98631487A8AADC7C200        279040        ----a-w-        C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 07:04:46        8C3D651836C2E9AADFAA47C5C25CF4D4        2724864        ----a-w-        C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 07:04:45        9A555780545211BD2DD89575088C39F4        2279936        ----a-w-        C:\Windows\SysWOW64\iertutil.dll
2015-11-11 07:04:45        8F13B52696EB7B0D24039E5CB24C088F        2052608        ----a-w-        C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 07:04:45        7FA7A377F32A3D8F2EE4128CF127EB93        710144        ----a-w-        C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 07:04:45        4BFA8AD57A5ED4508981732F862738EA        62464        ----a-w-        C:\Windows\SysWOW64\iesetup.dll
2015-11-11 07:04:44        ECB3E36B098F8C9BE9DFD6CF38BDBE69        663552        ----a-w-        C:\Windows\SysWOW64\jscript.dll
2015-11-11 07:04:44        D74C3DAD496F59FAFB9BAF3C24EAAB2F        47104        ----a-w-        C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 07:04:44        4484B41D0A3F07D71BBCB4DB5C426302        620032        ----a-w-        C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 07:04:43        9101F70E34D3E28E63299A105B7F12C4        30720        ----a-w-        C:\Windows\SysWOW64\iernonce.dll
2015-11-11 07:04:43        8C9EB49AA5E016500D3C29A59ED52345        416256        ----a-w-        C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 07:04:43        7B2F5324F28C71D69BC087E27B0BE7AE        12854272        ----a-w-        C:\Windows\SysWOW64\ieframe.dll
2015-11-11 07:04:43        4E84DCAF706E3447951212CFFE2A7B84        480256        ----a-w-        C:\Windows\SysWOW64\ieui.dll
2015-11-11 07:04:39        832CA97817B20B74E2D74A8154630311        2011136        ----a-w-        C:\Windows\SysWOW64\wininet.dll
2015-11-11 07:04:39        8215390B06602AC1FDA702CD74A7250C        230400        ----a-w-        C:\Windows\SysWOW64\webcheck.dll
2015-11-11 07:04:39        5AAEB88DF7F09677E9C8C849D4915132        4527616        ----a-w-        C:\Windows\SysWOW64\jscript9.dll
2015-11-11 07:04:39        4D20D5ACB439DA837E4329F28C35ADA1        1155072        ----a-w-        C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 07:04:39        1179043BBB3D0C8826D8BF8615A34EB6        115712        ----a-w-        C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 07:04:38        BCC36AC2241B092E30E0F47B62D7C4EA        168960        ----a-w-        C:\Windows\SysWOW64\msrating.dll
2015-11-11 07:04:38        68647B5AB71ABB5130CCA4FA55EFB0BD        341504        ----a-w-        C:\Windows\SysWOW64\html.iec
2015-11-11 07:04:22        A860CAA340D18B2CB7B93A9C67FDDB49        3935680        ----a-w-        C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 07:04:22        8DE94E8213ABE0F7C5154507305779A0        223232        ----a-w-        C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 07:04:22        64AD529B85D7E856F9A4FFF9C809E693        3991488        ----a-w-        C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 07:04:22        63F52FF6FCA2C492F4FB7EE545319FA8        251000        ----a-w-        C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 07:04:22        0DD296312E531C6E0BF1AB7F2C092801        251392        ----a-w-        C:\Windows\SysWOW64\schannel.dll
2015-11-11 07:04:22        05D37C4742B32B37ED953631B7B0A7A9        552960        ----a-w-        C:\Windows\SysWOW64\kerberos.dll
2015-11-11 07:04:21        C661D1599DA67BD411479A2C53058DE4        25600        ----a-w-        C:\Windows\SysWOW64\setup16.exe
2015-11-11 07:04:21        BA00A2FCB86D084F3E8F7D88EC85E216        50176        ----a-w-        C:\Windows\SysWOW64\auditpol.exe
2015-11-11 07:04:21        A748DEC93B4E8C9DDE11B79FB6E97088        172032        ----a-w-        C:\Windows\SysWOW64\wdigest.dll
2015-11-11 07:04:21        9FDCF3A01849F24625DE831C7749F080        259584        ----a-w-        C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 07:04:21        73F97CF58D1EF42F49B696951BDE6081        65536        ----a-w-        C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 07:04:21        50D21D408B0FD40019A6EACF94A62ACF        1311768        ----a-w-        C:\Windows\SysWOW64\ntdll.dll
2015-11-11 07:04:20        F357AE37073472DD0288B579B0B3E005        6656        ----a-w-        C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 07:04:20        CFF504AD277328CE10BE56D76297FDAC        665088        ----a-w-        C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 07:04:20        8A6DE61B5797F03F4E0BB62F467F4854        7680        ----a-w-        C:\Windows\SysWOW64\instnm.exe
2015-11-11 07:04:20        7B23D23E2F9D51F700BFDD5B5FCAE30A        17408        ----a-w-        C:\Windows\SysWOW64\credssp.dll
2015-11-11 07:04:20        5D369C45F0D2A993CCDC6BD160793822        274944        ----a-w-        C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 07:04:20        58ABF51E9107661559B801B07011202D        43008        ----a-w-        C:\Windows\SysWOW64\srclient.dll
2015-11-11 07:04:20        553F7D05AE3E2EC2EDE06416901F5803        14336        ----a-w-        C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 07:04:20        4166C05FA57548E6518D7EE20896C0A5        1114112        ----a-w-        C:\Windows\SysWOW64\kernel32.dll
2015-11-11 07:04:20        3B6668958DD782D37731EBF4ADA050CF        5120        ----a-w-        C:\Windows\SysWOW64\wow32.dll
2015-11-11 07:04:20        1D0826DF3F439FECBA99772D0A939A28        22016        ----a-w-        C:\Windows\SysWOW64\secur32.dll
2015-11-11 07:04:20        1C9E00CA0D823DC672017D8AB92DBC2A        36864        ----a-w-        C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 07:04:20        1690F4F1807AEC79CF4B6DEF34C366C0        2048        ----a-w-        C:\Windows\SysWOW64\user.exe
2015-11-11 07:04:20        000D8B84E09CC73472945560D411BDAC        96768        ----a-w-        C:\Windows\SysWOW64\sspicli.dll
2015-11-11 07:04:19        CC668F6D0C6F76398AF840C3C0048D93        686080        ----a-w-        C:\Windows\SysWOW64\adtschema.dll
2015-11-11 07:04:19        A2911E5C4BA462F2BD4129418A00449A        60416        ----a-w-        C:\Windows\SysWOW64\msobjs.dll
2015-11-11 07:04:19        7A8070653B42E81F8EFD19054B67C764        146432        ----a-w-        C:\Windows\SysWOW64\msaudite.dll
2015-11-11 07:04:11        6EAA9E88F7985BFA94F10A53725D3AA3        216064        ----a-w-        C:\Windows\SysWOW64\InkEd.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-11-19 06:37:48        8265CD5C67D0A35DFC40F3D1A8AC994C        94656        ----a-w-        C:\Windows\Sysnative\WPRO_41_2001woem.tmp
2015-11-12 06:54:56        92C729B1A03F8B55A68597A50394FB76        3211264        ----a-w-        C:\Windows\Sysnative\win32k.sys
2015-11-11 07:04:57        C64959F2D2EE6EDB96916902962D48B9        696320        ----a-w-        C:\Windows\Sysnative\wuapi.dll
2015-11-11 07:04:57        4AA4838D59A51B3B5A6C2BFC2092FDEC        3168768        ----a-w-        C:\Windows\Sysnative\wucltux.dll
2015-11-11 07:04:57        361845875ED8ED13086E7F37265C45DA        2608128        ----a-w-        C:\Windows\Sysnative\wuaueng.dll
2015-11-11 07:04:56        F62A6979E13872D744BA69F4F78109B8        12288        ----a-w-        C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-11-11 07:04:56        CDBE532602413E7FB0C395024749C7AA        140288        ----a-w-        C:\Windows\Sysnative\wuauclt.exe
2015-11-11 07:04:56        B2AA75E472BAB24818915342E44FF2AD        98816        ----a-w-        C:\Windows\Sysnative\wudriver.dll
2015-11-11 07:04:56        9D3A6E1660B3D6BF63E83A901D1109BB        37888        ----a-w-        C:\Windows\Sysnative\wuapp.exe
2015-11-11 07:04:56        500B7A762291EC4EE4B445337956BDBC        36864        ----a-w-        C:\Windows\Sysnative\wups.dll
2015-11-11 07:04:56        3E89AD28893A8E9C1F01D2A162C7D457        91136        ----a-w-        C:\Windows\Sysnative\WinSetupUI.dll
2015-11-11 07:04:56        24E1CD4E823628943540A63187AC282E        192512        ----a-w-        C:\Windows\Sysnative\wuwebv.dll
2015-11-11 07:04:56        246FD89B6B5521AD2CE1C560D666BAD7        37888        ----a-w-        C:\Windows\Sysnative\wups2.dll
2015-11-11 07:04:49        65075CAC90824B720E9EB0C6663CE157        48640        ----a-w-        C:\Windows\Sysnative\ieetwproxystub.dll
2015-11-11 07:04:49        478DD45708B600245916A2A0F81FE7C9        114688        ----a-w-        C:\Windows\Sysnative\ieetwcollector.exe
2015-11-11 07:04:48        CD59055A66EF5DFA3D5EFA2D29B14B0B        77824        ----a-w-        C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-11-11 07:04:48        95F3687EF1486833AC713A23C671B397        720896        ----a-w-        C:\Windows\Sysnative\ie4uinit.exe
2015-11-11 07:04:48        6686B946B973BA1C3B226A95D4E63D8E        2724864        ----a-w-        C:\Windows\Sysnative\mshtml.tlb
2015-11-11 07:04:48        1067787EC9DAD6D084306C6795BC409A        34304        ----a-w-        C:\Windows\Sysnative\iernonce.dll
2015-11-11 07:04:45        E4FB4DE391BB2BFBC5C30BBD519C83BE        152064        ----a-w-        C:\Windows\Sysnative\occache.dll
2015-11-11 07:04:45        2BE29ECF17FFCE762C1E3E21EFF06174        390344        ----a-w-        C:\Windows\Sysnative\iedkcs32.dll
2015-11-11 07:04:45        08D283FD8FEC1B45932783E8640C700F        1547264        ----a-w-        C:\Windows\Sysnative\urlmon.dll
2015-11-11 07:04:44        CA0F3F16FC677701DFF1087A58B6F5B4        4096        ----a-w-        C:\Windows\Sysnative\ieetwcollectorres.dll
2015-11-11 07:04:43        E78DD040D2786BFAF5DED3BC12B438EE        968704        ----a-w-        C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-11-11 07:04:43        DC1AE8930979FCDC137F44B848556439        801280        ----a-w-        C:\Windows\Sysnative\msfeeds.dll
2015-11-11 07:04:43        806A6CA05B4F1F69C84B871406C2D21D        315392        ----a-w-        C:\Windows\Sysnative\dxtrans.dll
2015-11-11 07:04:42        7E11CF5F472AEDD0D2BE3274FE709CF4        66560        ----a-w-        C:\Windows\Sysnative\iesetup.dll
2015-11-11 07:04:41        423072B7A458E1B274812796721197BE        2126336        ----a-w-        C:\Windows\Sysnative\inetcpl.cpl
2015-11-11 07:04:41        1275AFB2B4E55172F0AE939311F95468        800768        ----a-w-        C:\Windows\Sysnative\ieapfltr.dll
2015-11-11 07:04:40        B9DFC06F70545E14A0704698FBD9F926        2886656        ----a-w-        C:\Windows\Sysnative\iertutil.dll
2015-11-11 07:04:39        5EE8E2E6BFFC9DA9D816A62B904116CD        585728        ----a-w-        C:\Windows\Sysnative\vbscript.dll
2015-11-11 07:04:39        1837B220558BB96AAB5B95F1BB89BE99        54784        ----a-w-        C:\Windows\Sysnative\jsproxy.dll
2015-11-11 07:04:38        0C7CFA5A099A591A2B7CB2557F0AF1C1        489984        ----a-w-        C:\Windows\Sysnative\dxtmsft.dll
2015-11-11 07:04:37        EC72BB355FB8E34B3D4F6140F6795348        616960        ----a-w-        C:\Windows\Sysnative\ieui.dll
2015-11-11 07:04:37        1DF0E083D4D067B5798504CC3009F21C        14457856        ----a-w-        C:\Windows\Sysnative\ieframe.dll
2015-11-11 07:04:36        C4E8F3E26E7FFB4F85FBAC880BB3385C        92160        ----a-w-        C:\Windows\Sysnative\mshtmled.dll
2015-11-11 07:04:36        93CA9F81806793E79635D1B6CE4C10BA        1359360        ----a-w-        C:\Windows\Sysnative\mshtmlmedia.dll
2015-11-11 07:04:36        81529B486E446717F7F782D8AB18FC93        144384        ----a-w-        C:\Windows\Sysnative\ieUnatt.exe
2015-11-11 07:04:35        FBF2564A3F45F69A5D56D30129635691        817664        ----a-w-        C:\Windows\Sysnative\jscript.dll
2015-11-11 07:04:35        F2292865E0C8BCA069BB3F0BBB069265        814080        ----a-w-        C:\Windows\Sysnative\jscript9diag.dll
2015-11-11 07:04:35        7EFA2CD22DB05CBC41FF77E16431EF3B        5990912        ----a-w-        C:\Windows\Sysnative\jscript9.dll
2015-11-11 07:04:35        5698DE88DA9C901E92651394ACBFB34D        262144        ----a-w-        C:\Windows\Sysnative\webcheck.dll
2015-11-11 07:04:34        033E70DEEE5FED5E9A3E197A2DB1A618        2487808        ----a-w-        C:\Windows\Sysnative\wininet.dll
2015-11-11 07:04:33        E35836459E1FFFA011F4716A5B826966        199680        ----a-w-        C:\Windows\Sysnative\msrating.dll
2015-11-11 07:04:33        CDCCDC0CA9E094E9CE4EB0ECD970D77A        88064        ----a-w-        C:\Windows\Sysnative\MshtmlDac.dll
2015-11-11 07:04:33        99E634291C35D8281A772817AA40CD51        417792        ----a-w-        C:\Windows\Sysnative\html.iec
2015-11-11 07:04:32        67D3A8E2F5DECD6B6F7194BBF58696E6        25818624        ----a-w-        C:\Windows\Sysnative\mshtml.dll
2015-11-11 07:04:23        6D1CF2634A2EB33D3FCED43D96621FCC        5570496        ----a-w-        C:\Windows\Sysnative\ntoskrnl.exe
2015-11-11 07:04:23        48078433D1EF32AAA41FCB8109C5F3DC        729600        ----a-w-        C:\Windows\Sysnative\kerberos.dll
2015-11-11 07:04:22        BA6F0BC094ABBB9EFA3BB636D032C403        299632        ----a-w-        C:\Windows\Sysnative\bcryptprimitives.dll
2015-11-11 07:04:22        386BF677B78B66AABBA92C0FCA0579A6        1164800        ----a-w-        C:\Windows\Sysnative\kernel32.dll
2015-11-11 07:04:22        2068233A1C249B9FADF0690AC4C951D9        312320        ----a-w-        C:\Windows\Sysnative\ncrypt.dll
2015-11-11 07:04:22        08A922374554BA576F96FD3FDFE66964        344064        ----a-w-        C:\Windows\Sysnative\schannel.dll
2015-11-11 07:04:21        FF41063E45C6238CAF48CBE6D0D6FC4B        215040        ----a-w-        C:\Windows\Sysnative\winsrv.dll
2015-11-11 07:04:21        FA15610B77877F2BB2AC5D32277CE82B        64000        ----a-w-        C:\Windows\Sysnative\auditpol.exe
2015-11-11 07:04:21        F5AA5787F8B4E7200D1BF9171BED3AF0        424960        ----a-w-        C:\Windows\Sysnative\KernelBase.dll
2015-11-11 07:04:21        DF3FD4579118D6F13FE725CDB4F1F93E        1461760        ----a-w-        C:\Windows\Sysnative\lsasrv.dll
2015-11-11 07:04:21        CC4E8485336604846E50D28897AAE67F        136192        ----a-w-        C:\Windows\Sysnative\sspicli.dll
2015-11-11 07:04:21        998C50530F44CE2900779CE7FF6B205E        315392        ----a-w-        C:\Windows\Sysnative\msv1_0.dll
2015-11-11 07:04:21        9066AE964D95B1ABC999CED271556A7C        112640        ----a-w-        C:\Windows\Sysnative\smss.exe
2015-11-11 07:04:21        6818F2C2E6656E48D38951D753097797        1730496        ----a-w-        C:\Windows\Sysnative\ntdll.dll
2015-11-11 07:04:21        4494B06139E8EE6D19FC2BFD0955BCD6        503808        ----a-w-        C:\Windows\Sysnative\srcore.dll
2015-11-11 07:04:21        3716E2771C713387C8E8E2CAD170B2B6        243712        ----a-w-        C:\Windows\Sysnative\wow64.dll
2015-11-11 07:04:21        2BC45F4CF55B45BDD650828192F132B8        31232        ----a-w-        C:\Windows\Sysnative\lsass.exe
2015-11-11 07:04:21        27339655781D5F4C9995FC5202F1F239        296960        ----a-w-        C:\Windows\Sysnative\rstrui.exe
2015-11-11 07:04:21        1AE4881BAA7C3DE4D9EC8EA38A3F6BCC        1216512        ----a-w-        C:\Windows\Sysnative\rpcrt4.dll
2015-11-11 07:04:21        1A05FB05E701A9D65EB42656CF46D173        210944        ----a-w-        C:\Windows\Sysnative\wdigest.dll
2015-11-11 07:04:21        0EA14EE0C4B1DA2447E36FD3E183C015        338432        ----a-w-        C:\Windows\Sysnative\conhost.exe
2015-11-11 07:04:21        079317396D1E4F9EE8E745DF5C2372DD        86528        ----a-w-        C:\Windows\Sysnative\TSpkg.dll
2015-11-11 07:04:20        EED57582155969AA51789268FE41E254        43520        ----a-w-        C:\Windows\Sysnative\csrsrv.dll
2015-11-11 07:04:20        A10B9876772F1AB83DEC50EE9B0696B7        6656        ----a-w-        C:\Windows\Sysnative\apisetschema.dll
2015-11-11 07:04:20        95F7494638D489665CB1C172D62FC872        28160        ----a-w-        C:\Windows\Sysnative\secur32.dll
2015-11-11 07:04:20        926F7A2F153F004D492C0B8CC105AC2E        29184        ----a-w-        C:\Windows\Sysnative\sspisrv.dll
2015-11-11 07:04:20        9102E19E45AEDE6077023CF2945261F3        44032        ----a-w-        C:\Windows\Sysnative\cryptbase.dll
2015-11-11 07:04:20        60F8ECF4FCE0DDEC8D6E3E2E987867A4        16384        ----a-w-        C:\Windows\Sysnative\ntvdm64.dll
2015-11-11 07:04:20        286A1E8B06EE3E8E06176010C41988B2        13312        ----a-w-        C:\Windows\Sysnative\wow64cpu.dll
2015-11-11 07:04:20        20592BDF5A368B43BEF086DC61C6863D        50176        ----a-w-        C:\Windows\Sysnative\srclient.dll
2015-11-11 07:04:20        1CE982CF943680F776F46D6F9F53642F        362496        ----a-w-        C:\Windows\Sysnative\wow64win.dll
2015-11-11 07:04:20        105B82E40B82A5B5A140969099FE3FAF        22016        ----a-w-        C:\Windows\Sysnative\credssp.dll
2015-11-11 07:04:19        EB618353B1F34E790952982A226AFFB2        146432        ----a-w-        C:\Windows\Sysnative\msaudite.dll
2015-11-11 07:04:19        700E5B0452B1B2CE1AD23F1557995FF9        60416        ----a-w-        C:\Windows\Sysnative\msobjs.dll
2015-11-11 07:04:19        6F4AAA80DBB19CE945389FFEA43C1BA1        686080        ----a-w-        C:\Windows\Sysnative\adtschema.dll
2015-11-11 07:04:11        806E52CF244371661A7079A8A769B00B        275456        ----a-w-        C:\Windows\Sysnative\InkEd.dll
2015-11-11 07:04:11        663D10339325743941089DF3AE47B2C4        24576        ----a-w-        C:\Windows\Sysnative\jnwmon.dll
====== C:\Windows\Sysnative\drivers =====
2015-11-11 07:04:22        EC0511BB85BAA42A9734011685A6732C        460776        ----a-w-        C:\Windows\Sysnative\drivers\cng.sys
2015-11-11 07:04:22        33D52A96BEEE8AFCE9E07EEC9FE0C9DB        154560        ----a-w-        C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-11-11 07:04:21        BCC83F22805F560C8A487F2F296A78FE        95680        ----a-w-        C:\Windows\Sysnative\drivers\ksecdd.sys
2015-11-11 07:04:20        ACB763673BCCE6C7B3B8F858C9FE4F1F        129024        ----a-w-        C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-11-11 07:04:20        7C81098FBAF2EAF5B54B939F832B0F61        290816        ----a-w-        C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-11-11 07:04:20        73ADDCC406B86E7DA4416691E8E74BDA        159232        ----a-w-        C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-11-11 07:04:14        AA77EB517D2F07A947294F260E3ACA83        118272        ----a-w-        C:\Windows\Sysnative\drivers\tdx.sys
2015-11-11 07:04:14        9A4A1EEE802BF2F878EE8EAB407B21B7        497664        ----a-w-        C:\Windows\Sysnative\drivers\afd.sys
2015-11-11 07:04:12        F7309F42555F8AAB7144A51A1F2585B0        950720        ----a-w-        C:\Windows\Sysnative\drivers\ndis.sys
2015-10-27 23:01:08        36BAB895547EA82892292F05FA02142E        11114616        ----a-w-        C:\Windows\Sysnative\drivers\nvlddmkm.sys
2015-10-27 12:20:18        DE7D2DEDE9C9D5219AA439172BA8D21C        181640        ----a-w-        C:\Windows\Sysnative\drivers\klflt.sys
2015-10-27 12:20:18        11586A6A85FF124F53E1435A34DD1707        940936        ----a-w-        C:\Windows\Sysnative\drivers\klif.sys
====== C:\Windows\Tasks ======
2015-10-27 18:48:54        8A6668CCF52F5C520BD369ED9390B171        884        ----a-w-        C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 18:48:54        5F6FD71269E1CDBD1CE89AA464D1E9CF        3822        ----a-w-        C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-11-02 06:42:58        --------        d-----w-        C:\PROGRA~2\Battlelog Web Plugins
2015-11-01 18:39:25        --------        d-----w-        C:\PROGRA~2\Origin Games
2015-10-27 12:20:27        --------        d-----w-        C:\PROGRA~2\Kaspersky Lab
2015-10-25 09:01:29        --------        d-----w-        C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
====== C:\Users\Thorsten\AppData\Roaming ======
2015-11-19 18:15:24        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\vctxo-41
2015-11-19 13:09:26        --------        d-----w-        C:\Users\Public\AppData\Local\temp
2015-11-19 13:09:26        --------        d-----w-        C:\Users\Default\AppData\Local\temp
2015-11-19 13:09:26        --------        d-----w-        C:\Users\Default User\AppData\Local\temp
2015-11-19 11:05:12        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\glonass-0
2015-11-18 18:20:00        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\quark-0
2015-11-12 06:36:25        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-02 06:42:59        --------        d-----w-        C:\Users\Thorsten\AppData\Local\ESN
2015-11-01 18:38:57        --------        d-----w-        C:\Users\Thorsten\AppData\Local\Origin
2015-10-30 16:54:00        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\inrush-56
2015-10-26 12:06:53        --------        d-----w-        C:\Users\Thorsten\AppData\Local\4r50
2015-10-26 11:44:31        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\ampacity-9
2015-10-25 16:52:26        --------        d-----w-        C:\Users\Thorsten\AppData\Roaming\z86
2015-10-25 16:52:26        --------        d-----w-        C:\Users\Thorsten\AppData\Local\9u92
====== C:\Users\Thorsten ======
2015-11-19 18:12:41        --------        d-----w-        C:\ProgramData\digipot-5
2015-11-19 17:38:17        --------        d-----w-        C:\ProgramData\rs232-0
2015-11-19 13:09:26        --------        d-----w-        C:\Users\Public\AppData
2015-11-19 06:37:48        --------        d-----w-        C:\ProgramData\oyn
2015-11-17 17:09:00        87A629D7463BCEB2A02CA143EB2DEFF8        2870984        ----a-w-        C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 06:40:48        49E3825ACB348F848D9B841E4D48FD3B        22908888        ----a-w-        C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 18:09:28        0170A4503F85F2D7ABCBEF0419B1C35A        4404952        ----a-w-        C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 14:50:50        DF25A498414BCF82EA389CE2DDC3839B        2008576        ----a-w-        C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-01 21:48:52        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 18:37:42        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-10-27 18:13:58        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 18:09:45        --------        d-----w-        C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 15:03:01        --------        d-----w-        C:\Windows\sysWoW64\config\systemprofile\.oracle_jre_usage
2015-10-27 12:20:27        --------        d-----w-        C:\ProgramData\Kaspersky Lab

====== C: exe-files ==
2015-11-19 18:36:58        9D8A4379868618F46677DBF2B94C800A        2508432        ----a-w-        C:\Users\Thorsten\Desktop\Process\procexp.exe
2015-11-19 18:17:25        BD54CFC858CEB63AE4912EC0A462296C        6874568        ----a-w-        C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\Packages\000082f8\DAO.20185103.exe
2015-11-19 18:17:25        9169835679E4F0964AA711BA00CD3D6D        594832        ----a-w-        C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\Packages\000082f0\CoProc update.20184769.exe
2015-11-19 18:15:24        10A85C4FC4C7FC164DD5E05878DA4A43        578048        ------w-        C:\Users\Thorsten\AppData\Roaming\vctxo-41\vctxo-62.exe
2015-11-19 18:12:41        FC82DCCA97F786CDE8A4943A6B2C36CC        578048        ------w-        C:\ProgramData\digipot-5\digipot-57.exe
2015-11-19 17:38:17        F2C2E154EA0E87429A79D4A1A2C1C4C1        657408        ------w-        C:\ProgramData\rs232-0\rs232-0.exe
2015-11-19 13:39:38        9481BC5038CF2B8BC9622D74E25FD7A8        630200        ----a-w-        C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2015-11-19 13:39:34        A71115CB47AE13083515819AD674A013        172984        ----a-w-        C:\Users\Thorsten\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2015-11-19 12:36:15        F042EE4C8D66248D9B86DCF52ABAE416        256000        ----a-w-        C:\Windows\PEV.exe
2015-11-19 12:36:15        9E05A9C264C8A908A8E79450FCBFF047        80412        ----a-w-        C:\Windows\grep.exe
2015-11-19 12:36:15        5E832F4FAF5F481F2EAF3B3A48F603B8        68096        ----a-w-        C:\Windows\zip.exe
2015-11-19 12:36:15        0297C72529807322B152F517FDB0A9FC        406528        ----a-w-        C:\Windows\SWSC.exe
2015-11-19 12:36:15        0277C027A26428DB64EF4F64F52BB4FD        208896        ----a-w-        C:\Windows\MBR.exe
2015-11-19 11:05:12        25CA91280083550D724E4207F7514123        593920        ------w-        C:\Users\Thorsten\AppData\Roaming\glonass-0\glonass-0.exe
2015-11-18 00:22:30        3831E58CD22CC9BDF06F18F843CDFEE9        464896        ----a-w-        C:\FRST\Quarantine\C\ProgramData\valve-1\valve-1.exe
2015-11-17 18:19:10        73B5FC7C66C87C9E9421D42979217F6E        579584        ----a-w-        C:\FRST\Quarantine\C\ProgramData\hoist-1\hoist-1.exe
2015-11-17 17:09:00        87A629D7463BCEB2A02CA143EB2DEFF8        2870984        ----a-w-        C:\Users\Thorsten\Downloads\esetsmartinstaller_deu.exe
2015-11-17 06:40:48        49E3825ACB348F848D9B841E4D48FD3B        22908888        ----a-w-        C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-15 18:09:28        0170A4503F85F2D7ABCBEF0419B1C35A        4404952        ----a-w-        C:\Users\Thorsten\Downloads\tdsskiller.exe
2015-11-15 14:50:50        DF25A498414BCF82EA389CE2DDC3839B        2008576        ----a-w-        C:\Users\Thorsten\Downloads\FRST64.exe
=== C: other files ==
2015-11-19 18:36:00        E16CEB1197549AA19630AD0982D04E89        1186640        ----a-w-        C:\Users\Thorsten\Downloads\ProcessExplorer.zip
2015-11-17 06:36:43        6A9E97FD21794C7FE7B94353425AFB3B        2910982        ----a-w-        C:\Users\Thorsten\Dropbox\Datenaustausch Funkzentrale\MP-Feuer\Datensicherung\MPSEC_DATA35P_20151116_201026.ZIP

==== Files C:\ProgramData 0-3 Months Old ======================

2015-10-27 12:20:25        59071590099D21DD439896592338BF95        524288        --sha-w-        C:\ProgramData\ntuser.dat{c0eda2b6-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000002.regtrans-ms
2015-10-27 12:20:25        638E4112DCA9D0ABB8EF0267EDA0084D        524288        --sha-w-        C:\ProgramData\ntuser.dat{c0eda2b6-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000001.regtrans-ms
2015-10-27 12:20:25        9291BD89083DBBB2CFC382B7000FD6E4        65536        --sha-w-        C:\ProgramData\ntuser.dat{c0eda2b6-7ca4-11e5-bbc0-d050995a3687}.TM.blf
2015-10-27 12:20:25        946F0084E53FCDC32FE5812982BDBF3F        5120        --sha-w-        C:\ProgramData\ntuser.dat.LOG1
2015-10-27 12:20:25        BE6DE5D8805D2CA8CA935416D60A51DF        262144        ----a-w-        C:\ProgramData\ntuser.dat
2015-10-27 12:20:25        D41D8CD98F00B204E9800998ECF8427E        0        --sha-w-        C:\ProgramData\ntuser.dat.LOG2
2015-10-27 12:20:41        4ECC54AD30DF7DF4909667FE0B57047B        65536        --sha-w-        C:\ProgramData\ntuser.dat{c0eda2cb-7ca4-11e5-bbc0-d050995a3687}.TM.blf
2015-10-27 12:20:41        59071590099D21DD439896592338BF95        524288        --sha-w-        C:\ProgramData\ntuser.dat{c0eda2cb-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000002.regtrans-ms
2015-10-27 12:20:41        7D1C65FB9A7410C55AE9C06DEB27026C        524288        --sha-w-        C:\ProgramData\ntuser.dat{c0eda2cb-7ca4-11e5-bbc0-d050995a3687}.TMContainer00000000000000000001.regtrans-ms

==== Files C:\users\Thorsten\AppData\Roaming 0-3 Months Old ======================
1No files found aged 0-3 months

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on 19.11.2015 at 19:52:45,46 ======================

deeprybka 19.11.2015 22:15
Sehr gute Mitarbeit Thorsten! :daumenhoc

Alles im Normalboot-Modus:

Schritt 1

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn4.PNG

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88]
C:\ProgramData\digipot-5
C:\Users\Thorsten\AppData\Roaming\battery-16
C:\ProgramData\rs232-0
C:\Users\Thorsten\AppData\Roaming\vctxo-41
C:\Users\Thorsten\AppData\Roaming\glonass-0
C:\Users\Thorsten\AppData\Roaming\quark-0
C:\Users\Thorsten\AppData\Roaming\inrush-56
C:\Users\Thorsten\AppData\Local\4r50
C:\Users\Thorsten\AppData\Roaming\ampacity-9
C:\Users\Thorsten\AppData\Roaming\z86
C:\Users\Thorsten\AppData\Local\9u92
C:\ProgramData\median-72
C:\ProgramData\oyn
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk [2015-11-18]
ShortcutTarget: quark-08.lnk -> C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe (Intel(R) Corporation)
EmptyTemp:
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.


Neuer Scan mit Malwarebytes:

Schritt 2

http://deeprybka.trojaner-board.de/m...mbamlogo4a.pnghttp://deeprybka.trojaner-board.de/m...mbamlogo4b.png
  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 3

http://filepony.de/icon/frst.pnghttp://deeprybka.trojaner-board.de/b...e/frst/sn1.PNG

Bitte starte FRST erneut, und drücke auf Untersuchen.
Bitte poste mir den Inhalt des Logs.

Thorstie 20.11.2015 09:12
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Thorsten (2015-11-20 08:39:52) Run:5
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88]
C:\ProgramData\digipot-5
C:\Users\Thorsten\AppData\Roaming\battery-16
C:\ProgramData\rs232-0
C:\Users\Thorsten\AppData\Roaming\vctxo-41
C:\Users\Thorsten\AppData\Roaming\glonass-0
C:\Users\Thorsten\AppData\Roaming\quark-0
C:\Users\Thorsten\AppData\Roaming\inrush-56
C:\Users\Thorsten\AppData\Local\4r50
C:\Users\Thorsten\AppData\Roaming\ampacity-9
C:\Users\Thorsten\AppData\Roaming\z86
C:\Users\Thorsten\AppData\Local\9u92
C:\ProgramData\median-72
C:\ProgramData\oyn
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk [2015-11-18]
ShortcutTarget: quark-08.lnk -> C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe (Intel(R) Corporation)
EmptyTemp:
       
*****************

Prozess erfolgreich geschlossen.
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [battery-88] => Wert nicht gefunden.
C:\ProgramData\digipot-5 => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\battery-16" => nicht gefunden.
C:\ProgramData\rs232-0 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\vctxo-41 => erfolgreich verschoben
"C:\Users\Thorsten\AppData\Roaming\glonass-0" => nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\quark-0 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\inrush-56 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Local\4r50 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\ampacity-9 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\z86 => erfolgreich verschoben
C:\Users\Thorsten\AppData\Local\9u92 => erfolgreich verschoben
"C:\ProgramData\median-72" => nicht gefunden.
C:\ProgramData\oyn => erfolgreich verschoben
C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\quark-08.lnk => nicht gefunden.
C:\Users\Thorsten\AppData\Roaming\quark-0\quark-2.exe => nicht gefunden.
EmptyTemp: => 424.2 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 08:40:05 ====
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 20.11.2015
Suchlaufzeit: 08:45
Protokolldatei:
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.11.20.02
Rootkit-Datenbank: v2015.11.14.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Thorsten

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 357301
Abgelaufene Zeit: 13 Min., 21 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

deeprybka 20.11.2015 10:41
Schritt 3 noch bitte... :)

Thorstie 20.11.2015 11:09
Oh sorry ich glaub ich seh den Wald vor lauter Bäumen nicht. Mal aber eine grundsätzliche Frage - Den Kaspersky den ich benutze ist der in Ordnung oder sollte man sich anders aufstellen?

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:19-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (20-11-2015 11:06:56)
Gestartet von C:\Users\Thorsten\Downloads
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(PC Partner Co.Ltd) C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\wmiav.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4628936 2015-11-19] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [rs232-9] => C:\ProgramData\rs232-0\rs232-0.exe -7z
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\RunOnce: [vctxo-2] => C:\Users\Thorsten\AppData\Roaming\vctxo-8\vctxo-1.exe [606208 2015-11-20] (American Megatrends, Inc)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\evsys-4.lnk [2015-11-20]
ShortcutTarget: evsys-4.lnk -> C:\Users\Thorsten\AppData\Roaming\evsys-44\evsys-2.exe (Intel(R) Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-28] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-28] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-28] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [348360 2015-11-20] ()
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-20] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-20 11:06 - 2015-11-20 11:07 - 00026600 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-20 08:45 - 2015-11-20 09:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 08:45 - 2015-11-20 08:45 - 00001109 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-11-20 08:45 - 2015-11-20 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-20 08:44 - 2015-11-20 08:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-20 08:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-20 08:43 - 2015-11-20 08:43 - 22908888 _____ (Malwarebytes ) C:\Users\Thorsten\Downloads\mbam-setup-2.2.0.1024.exe
2015-11-20 08:39 - 2015-11-20 08:43 - 00000000 ____D C:\ProgramData\oyn
2015-11-20 08:39 - 2015-11-20 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\evsys-44
2015-11-20 08:39 - 2015-11-20 08:39 - 00000000 ____D C:\ProgramData\powercap-12
2015-11-20 08:38 - 2015-11-20 08:38 - 00000000 ____D C:\Users\Thorsten\Downloads\FRST-OlderVersion
2015-11-20 08:37 - 2015-11-20 08:37 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\vctxo-8
2015-11-19 19:50 - 2015-11-19 19:52 - 00025760 _____ C:\zoek-results.log
2015-11-19 19:49 - 2015-11-19 19:49 - 00000000 ____D C:\zoek_backup
2015-11-19 14:09 - 2015-11-19 14:09 - 00030817 _____ C:\ComboFix.txt
2015-11-19 13:36 - 2015-11-19 14:09 - 00000000 ____D C:\Qoobox
2015-11-19 13:36 - 2015-11-19 14:04 - 00000000 ____D C:\Windows\erdnt
2015-11-19 13:36 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-19 13:36 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-19 13:36 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-19 07:37 - 2015-11-20 08:40 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 15:51 - 2015-11-20 11:06 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-20 08:38 - 02020352 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-14 09:41 - 2015-11-14 09:49 - 00000000 ____D C:\Users\Thorsten\Desktop\Tattoo
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-20 10:39 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-20 10:39 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:48 - 2015-11-20 11:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-20 10:33 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-20 10:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-20 10:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-20 10:39 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-20 10:20 - 2015-02-19 10:30 - 01055363 _____ C:\Windows\WindowsUpdate.log
2015-11-20 09:55 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-20 09:13 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-20 08:48 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-20 08:48 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-20 08:47 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-20 08:47 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-20 08:47 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-20 08:41 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-20 08:41 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-20 08:41 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-20 08:40 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-20 08:40 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-20 08:40 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-20 08:40 - 2015-02-19 10:51 - 00217456 _____ C:\Windows\PFRO.log
2015-11-20 08:40 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-20 08:40 - 2009-07-14 05:51 - 00154073 _____ C:\Windows\setupact.log
2015-11-19 19:47 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-19 19:34 - 2015-02-20 08:36 - 00031232 _____ C:\Users\Thorsten\Desktop\Ausgaben.xls
2015-11-19 18:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Deployment
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apps\2.0
2015-11-19 13:53 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-19 13:52 - 2009-07-14 03:34 - 74186752 _____ C:\Windows\system32\config\software.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 24641536 _____ C:\Windows\system32\config\system.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\default.bak
2015-11-19 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-19 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-19 07:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 12:41 - 2009-07-14 05:45 - 00307832 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 13:01 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv4pt9v.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-11 18:58

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:19-11-2015
durchgeführt von Thorsten (2015-11-20 11:07:31)
Gestartet von C:\Users\Thorsten\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 41.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 41.0.2 (x86 de)) (Version: 41.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.2 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

12-11-2015 08:06:39 Windows Update
15-11-2015 19:00:13 Windows-Sicherung
16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update
19-11-2015 13:36:19 ComboFix created restore point
19-11-2015 14:12:57 Removed TEC-IT TBarCode Office 10
19-11-2015 19:50:04 zoek.exe restore point
20-11-2015 08:45:48 Windows Update

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-19 13:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-11-01 22:48 - 2015-11-20 10:39 - 00348360 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-20 08:40 - 2015-11-20 08:40 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpv4pt9v.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 06:35 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 22:45 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-10-01 19:30 - 2015-10-01 19:30 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\8db6991b5800d6791b92d33532627df2\PSIClient.ni.dll
2015-02-28 08:27 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 01016832 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00028160 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00029696 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00256000 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00266240 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00346112 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-11-01 19:38 - 2015-11-12 07:38 - 00243200 _____ () C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/20/2015 08:42:52 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/20/2015 08:41:23 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/20/2015 08:40:45 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/20/2015 08:39:58 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/20/2015 08:38:24 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/20/2015 08:36:58 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/19/2015 07:48:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/19/2015 07:47:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 41.0.2.5765, Zeitstempel: 0x561ee543
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x29c8f81c
ID des fehlerhaften Prozesses: 0x20e4
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (11/19/2015 06:35:04 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/19/2015 02:17:04 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2


Systemfehler:
=============
Error: (11/20/2015 08:40:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "FreemakeVideoCapture" wurde aufgrund folgenden Fehlers nicht gestartet:
%%5

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Google Update Service (gupdate)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage-Technologie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (11/20/2015 08:39:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2015-11-19 13:45:18.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-19 13:45:18.024
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 9116.04 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 21290.29 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:88.92 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1193.85 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Thorstie 21.11.2015 20:16
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-11-2015
durchgeführt von Thorsten (Administrator) auf PC-THORSTEN (21-11-2015 20:14:18)
Gestartet von C:\Users\Thorsten\Desktop
Geladene Profile: Thorsten (Verfügbare Profile: Thorsten)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(MY.COM B.V.) C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Dropbox, Inc.) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2010-10-21] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2655520 2015-10-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-02-26] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [133408 2012-09-11] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2015-02-28] (FNet Co., Ltd.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [FireStormStartUpAutoRun] => C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe [24279040 2015-07-01] (PC Partner Co.Ltd)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [62464 2015-06-17] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [Dropbox Update] => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-17] (Dropbox, Inc.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [MyComGames] => C:\Users\Thorsten\AppData\Local\MyComGames\MyComGames.exe [4628936 2015-11-19] (MY.COM B.V.)
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3638256 2015-11-12] (Electronic Arts)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-11-05] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2015-10-27]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (Kaspersky Lab ZAO)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2015-02-26]
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-12]
ShortcutTarget: Dropbox.lnk -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6A9B7F0C-5C7A-455B-BF64-760BB8F743E2}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{720D4403-8F43-45B4-901C-BD8E031074EB}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{82089FB0-DC87-49D9-955F-8527662DFF8E}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873120311&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873160313&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130892105873220316&GUID=D904A643-3B08-45E9-814C-C06CA328BEE5
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-3302927987-3442811057-85396348-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2410} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-21] (Oracle Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-21] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2015-10-27] (AO Kaspersky Lab)

FireFox:
========
FF ProfilePath: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-27] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-27] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-21] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3302927987-3442811057-85396348-1000: @my.com/Games -> C:\Users\Thorsten\AppData\Local\MyComGames\NPMyComDetector.dll [2015-07-15] (My.com, Inc)
FF SearchPlugin: C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\searchplugins\bing-avast.xml [2015-02-28]
FF Extension: Adblock Plus - C:\Users\Thorsten\AppData\Roaming\Mozilla\Firefox\Profiles\jglsw7k0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-11-21]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-26] (Adobe Systems) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2015-10-27] (Kaspersky Lab ZAO)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3755976 2015-07-01] (devolo AG)
S2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-06-17] (Ellora Assets Corp.) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89864 2014-12-11] (Hewlett-Packard Company)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-12] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-20] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-11-02] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-30] (Windows (R) Win 7 DDK provider)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2015-11-06] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2015-02-28] (FNet Co., Ltd.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28216 2012-09-01] (Intel Corporation)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2015-10-27] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2015-10-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940936 2015-10-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-27] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2015-07-01] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-11-21] ()
S3 AxtuDrv; \??\C:\Windows\SysWOW64\Drivers\AxtuDrv.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-21 20:02 - 2015-11-21 20:02 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-11-21 19:53 - 2015-11-21 19:53 - 00044953 _____ C:\Users\Thorsten\Desktop\Addition.txt
2015-11-21 19:52 - 2015-11-21 20:14 - 00026186 _____ C:\Users\Thorsten\Desktop\FRST.txt
2015-11-21 19:50 - 2015-11-21 19:50 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-21 19:50 - 2015-11-21 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-21 19:50 - 2015-11-21 19:50 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-21 19:49 - 2015-11-21 19:49 - 00584288 _____ (Oracle Corporation) C:\Users\Thorsten\Downloads\jxpiinstall.exe
2015-11-21 17:12 - 2015-11-21 17:12 - 02345984 _____ (Farbar) C:\Users\Thorsten\Desktop\FRST64.exe
2015-11-21 09:02 - 2015-11-21 19:13 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-11-21 09:02 - 2015-11-21 09:02 - 08202040 _____ (TeamViewer GmbH) C:\Users\Thorsten\Downloads\TeamViewer_Setup_de-jfa.exe
2015-11-21 09:02 - 2015-11-21 09:02 - 00001050 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-11-21 09:02 - 2015-11-21 09:02 - 00001038 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-11-20 11:07 - 2015-11-20 11:08 - 00045690 _____ C:\Users\Thorsten\Downloads\Addition.txt
2015-11-20 11:06 - 2015-11-20 11:08 - 00068784 _____ C:\Users\Thorsten\Downloads\FRST.txt
2015-11-20 08:45 - 2015-11-20 09:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-20 08:45 - 2015-11-20 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-11-20 08:44 - 2015-11-20 08:45 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-11-20 08:44 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-11-20 08:44 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-11-19 19:50 - 2015-11-19 19:52 - 00025760 _____ C:\zoek-results.log
2015-11-19 19:49 - 2015-11-19 19:49 - 00000000 ____D C:\zoek_backup
2015-11-19 14:09 - 2015-11-19 14:09 - 00030817 _____ C:\ComboFix.txt
2015-11-19 13:36 - 2015-11-19 14:09 - 00000000 ____D C:\Qoobox
2015-11-19 13:36 - 2015-11-19 14:04 - 00000000 ____D C:\Windows\erdnt
2015-11-19 13:36 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2015-11-19 13:36 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2015-11-19 13:36 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2015-11-19 13:36 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2015-11-17 07:41 - 2015-11-17 07:41 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-11-15 19:58 - 2015-11-15 19:58 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-11-15 15:51 - 2015-11-21 20:14 - 00000000 ____D C:\FRST
2015-11-15 15:50 - 2015-11-20 08:38 - 02020352 _____ (Farbar) C:\Users\Thorsten\Downloads\FRST64.exe
2015-11-12 07:54 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 07:36 - 2015-11-12 07:36 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-11-11 08:04 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 08:04 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 08:04 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 08:04 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 08:04 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 08:04 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 08:04 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 08:04 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 08:04 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 08:04 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 08:04 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 08:04 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 08:04 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 08:04 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 08:04 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 08:04 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 08:04 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 08:04 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 08:04 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 08:04 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 08:04 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 08:04 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 08:04 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 08:04 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 08:04 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 08:04 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 08:04 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 08:04 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 08:04 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 08:04 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 08:04 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 08:04 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 08:04 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 08:04 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 08:04 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 08:04 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 08:04 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 08:04 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 08:04 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 08:04 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-11 08:04 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-11 08:04 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-11 08:04 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-11 08:04 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-11 08:04 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 08:04 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 08:04 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 08:04 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 08:04 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 08:04 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 08:04 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 08:04 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 08:04 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 08:04 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 08:04 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 08:04 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 08:04 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 08:04 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 08:04 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 08:04 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 08:04 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 08:04 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 08:04 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 08:04 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 08:04 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 08:04 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 08:04 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 08:04 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 08:04 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 08:04 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 08:04 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 08:04 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 08:04 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 19:30 - 2015-11-09 19:30 - 00000000 ____D C:\Windows\SysWOW64\%Data%
2015-11-05 08:50 - 2015-11-08 12:28 - 00000000 ____D C:\Kaspersky Rescue Disk 10.0
2015-11-02 07:42 - 2015-11-02 07:45 - 00000000 ____D C:\Users\Thorsten\Documents\Battlefield 3
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\ESN
2015-11-02 07:42 - 2015-11-02 07:42 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-11-01 22:48 - 2015-11-20 17:32 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ C:\Windows\SysWOW64\PnkBstrA.exe
2015-11-01 22:48 - 2015-11-01 22:48 - 00001177 _____ C:\Users\Public\Desktop\Battlefield 3.lnk
2015-11-01 22:48 - 2015-11-01 22:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 3
2015-11-01 19:39 - 2015-11-01 19:43 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-11-01 19:38 - 2015-11-02 07:42 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Origin
2015-11-01 19:37 - 2015-11-01 19:37 - 00000986 _____ C:\Users\Public\Desktop\Origin.lnk
2015-11-01 19:37 - 2015-11-01 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2015-11-01 09:32 - 2015-11-01 09:32 - 00000000 ____D C:\Users\Thorsten\Documents\Updater
2015-10-31 18:13 - 2015-10-31 18:13 - 00262144 _____ C:\Windows\system32\config\elam
2015-10-28 00:02 - 2015-10-03 03:18 - 00102520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-10-28 00:01 - 2015-10-03 06:06 - 42914096 _____ C:\Windows\system32\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 37882488 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 22306936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 18359928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 16541040 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 15716648 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 14832968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 13518496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 12032200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 11114616 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-10-28 00:01 - 2015-10-03 06:06 - 02869880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 02489976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01905456 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 01564976 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435850.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00877176 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00861816 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00689456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00673912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00467912 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00422240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00414000 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00388024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00369272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00177416 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00155976 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-10-28 00:01 - 2015-10-03 06:06 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-10-27 19:51 - 2015-11-20 17:32 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-10-27 19:48 - 2015-11-21 19:02 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-27 19:48 - 2015-10-27 19:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-27 19:13 - 2015-10-27 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2015-10-27 19:09 - 2015-10-27 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2015-10-27 13:21 - 2015-10-27 13:21 - 00002453 _____ C:\Users\Thorsten\Desktop\Sicherer Zahlungsverkehr.lnk
2015-10-27 13:20 - 2015-11-21 20:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 19:13 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2015-10-27 13:20 - 2015-10-27 13:40 - 00940936 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2015-10-27 13:20 - 2015-10-27 13:40 - 00181640 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\Windows\ELAMBKUP
2015-10-27 13:20 - 2015-10-27 13:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2015-10-27 13:20 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2015-10-27 13:01 - 2015-11-21 19:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-27 13:01 - 2015-10-27 13:01 - 00001166 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-10-27 13:01 - 2015-10-27 13:01 - 00001154 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-10-25 10:01 - 2015-10-25 10:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-11-21 20:10 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-21 20:10 - 2009-07-14 05:45 - 00020320 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-21 20:08 - 2015-02-19 19:24 - 00700128 _____ C:\Windows\system32\perfh007.dat
2015-11-21 20:08 - 2015-02-19 19:24 - 00149766 _____ C:\Windows\system32\perfc007.dat
2015-11-21 20:08 - 2009-07-14 06:13 - 01622694 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-21 20:05 - 2015-04-24 06:22 - 00000000 ___RD C:\Users\Thorsten\Dropbox
2015-11-21 20:05 - 2015-04-24 06:20 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\Dropbox
2015-11-21 20:05 - 2015-02-19 10:30 - 01148530 _____ C:\Windows\WindowsUpdate.log
2015-11-21 20:04 - 2015-05-31 07:15 - 00000000 ____D C:\Users\Thorsten\AppData\Local\MyComGames
2015-11-21 20:04 - 2015-02-19 18:34 - 00000000 ____D C:\ProgramData\Origin
2015-11-21 20:02 - 2015-02-28 09:02 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-21 20:02 - 2015-02-28 09:01 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-11-21 20:02 - 2015-02-28 08:58 - 00000828 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2015-11-21 20:02 - 2015-02-28 01:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-21 20:02 - 2015-02-19 19:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-11-21 20:02 - 2015-02-19 10:51 - 00223486 _____ C:\Windows\PFRO.log
2015-11-21 20:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-21 20:02 - 2009-07-14 05:51 - 00154409 _____ C:\Windows\setupact.log
2015-11-21 19:51 - 2015-09-28 06:40 - 00000000 ____D C:\Users\Thorsten\.oracle_jre_usage
2015-11-21 19:51 - 2015-02-21 14:14 - 00000000 ____D C:\ProgramData\Oracle
2015-11-21 19:48 - 2015-02-19 10:28 - 00000000 ____D C:\Users\Thorsten
2015-11-21 19:41 - 2015-06-17 18:30 - 00001236 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job
2015-11-21 19:39 - 2015-02-28 09:02 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-11-21 18:17 - 2009-07-14 04:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-11-21 18:17 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-11-21 18:16 - 2015-10-13 08:12 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-21 18:16 - 2015-02-28 09:02 - 00004116 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-11-21 18:16 - 2015-02-28 09:02 - 00003864 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-11-21 15:52 - 2015-02-19 13:41 - 00068312 _____ C:\Users\Thorsten\AppData\Local\GDIPFONTCACHEV1.DAT
2015-11-21 15:51 - 2009-07-14 05:45 - 00310552 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-21 11:51 - 2015-02-28 08:58 - 00000830 _____ C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2015-11-21 11:41 - 2015-06-17 18:30 - 00001184 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job
2015-11-21 09:00 - 2015-08-24 09:28 - 00000000 ____D C:\Users\Thorsten\Desktop\Bilder
2015-11-20 17:31 - 2015-02-19 21:43 - 00280904 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-19 19:47 - 2015-03-05 10:09 - 00000000 ____D C:\Users\Thorsten\AppData\Local\CrashDumps
2015-11-19 18:36 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Deployment
2015-11-19 14:13 - 2015-07-05 08:39 - 00000000 ____D C:\Users\Thorsten\AppData\Local\Apps\2.0
2015-11-19 13:53 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2015-11-19 13:52 - 2009-07-14 03:34 - 74186752 _____ C:\Windows\system32\config\software.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 24641536 _____ C:\Windows\system32\config\system.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\sam.bak
2015-11-19 13:52 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\default.bak
2015-11-19 07:37 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-12 07:38 - 2015-02-19 18:33 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-11 19:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 09:28 - 2015-02-19 11:17 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 09:23 - 2015-02-19 11:17 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 09:22 - 2015-02-19 11:52 - 01595358 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 09:06 - 2009-07-14 08:45 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-06 18:54 - 2015-03-07 08:12 - 00032320 _____ (FNet Co., Ltd.) C:\Windows\system32\Drivers\FNETTBOH_305.SYS
2015-11-01 22:48 - 2015-02-19 21:42 - 00082513 _____ C:\Windows\DirectX.log
2015-11-01 22:48 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-10-28 00:03 - 2015-02-28 07:32 - 00000000 ____D C:\Temp
2015-10-28 00:03 - 2015-02-28 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-10-28 00:03 - 2015-02-19 12:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-10-28 00:02 - 2015-02-19 12:35 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-10-27 21:34 - 2015-02-19 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-27 19:51 - 2015-02-20 07:47 - 00000000 ____D C:\Users\Thorsten\AppData\Local\PunkBuster
2015-10-27 19:48 - 2015-03-10 08:15 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-27 19:48 - 2015-02-27 08:50 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-27 19:48 - 2015-02-27 08:50 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-27 13:40 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klpd.sys
2015-10-27 13:39 - 2015-07-04 02:18 - 00227000 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2015-10-27 13:17 - 2015-02-19 18:35 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-27 13:03 - 2015-02-28 08:07 - 00000000 ____D C:\AdwCleaner
2015-10-27 07:41 - 2015-03-29 12:21 - 00000000 ____D C:\Users\Thorsten\AppData\Roaming\DVDVideoSoft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-10 06:35 - 2015-07-10 06:35 - 0003584 _____ () C:\Users\Thorsten\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-30 06:47 - 2015-09-30 06:47 - 0007605 _____ () C:\Users\Thorsten\AppData\Local\Resmon.ResmonCfg
2015-02-28 08:29 - 2015-02-28 08:29 - 0000003 _____ () C:\Users\Thorsten\AppData\Local\user_data.ini

Einige Dateien in TEMP:
====================
C:\Users\Thorsten\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpomuhfd.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-20 13:25

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-11-2015
durchgeführt von Thorsten (2015-11-21 19:53:17)
Gestartet von C:\Users\Thorsten\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-02-19 09:28:31)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3302927987-3442811057-85396348-500 - Administrator - Disabled)
Gast (S-1-5-21-3302927987-3442811057-85396348-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3302927987-3442811057-85396348-1002 - Limited - Enabled)
Thorsten (S-1-5-21-3302927987-3442811057-85396348-1000 - Administrator - Enabled) => C:\Users\Thorsten

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Armored Warfare MyCom Beta) (Version: 1.47 - My.com B.V.)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version:  - )
ASRock App Charger v1.0.6 (HKLM\...\ASRock App Charger_is1) (Version: 1.0.6 - ASRock Inc.)
ASRock eXtreme Tuner v0.1.191 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock InstantBoot v1.31 (HKLM-x32\...\ASRock InstantBoot_is1) (Version: 1.31 - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon iP5300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP5300) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Deezer (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\DeezerDrive) (Version: 1.0.769.677 - Deezer)
devolo Cockpit (HKLM-x32\...\dlancockpit) (Version: 4.3.1.0 - devolo AG)
diclovit's mod pack 9.9.0 (HKLM-x32\...\{28B1238E-1C18-4637-A2B7-95315E94EB29}_is1) (Version: 9.9.0 - diclovit)
Dropbox (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
FireStorm version V1.0.46.001 (HKLM-x32\...\FireStorm_is1) (Version: V1.0.46.001 - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
Google Update Helper (x32 Version: 1.2.183.39 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HP Support Solutions Framework (HKLM-x32\...\{96D12EC9-720B-45FB-904C-36D6307A1C76}) (Version: 11.51.0048 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6346.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.36354 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel(R) Smart Connect Technology 2.0 x64 (HKLM\...\{54F8B6C7-9B25-4E85-A1E0-26CFB80DE787}) (Version: 2.0.1083.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{1090DB8D-3818-470D-8467-B1062169CC45}) (Version: 1.5.0.133 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.0.133 - Kaspersky Lab) Hidden
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.177 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
Mozilla Thunderbird 38.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.3.0 (x86 de)) (Version: 38.3.0 - Mozilla)
My.com Games (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\MyComGames) (Version: 3.123 - My.com B.V.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.4.1.0 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.4.1.0 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
WD My Cloud (HKLM\...\{3082756C-2147-411F-AE6A-9DCEF0121903}) (Version: 1.0.7.5 - Western Digital Technologies, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warships (HKU\S-1-5-21-3302927987-3442811057-85396348-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version:  - Wargaming.net)
XFastUSB (HKLM-x32\...\XFastUSB) (Version: 3.02.31 - ASRock Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000004-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000005-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{00000006-4544-5A45-4552-2D4452495645}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\DeezerDrive\DeezerDrive.Native.x64.dll (Deezer)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Thorsten\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3302927987-3442811057-85396348-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)

==================== Wiederherstellungspunkte =========================

16-11-2015 12:50:40 Restore Point Created by FRST
17-11-2015 07:41:12 Windows Update
19-11-2015 13:36:19 ComboFix created restore point
19-11-2015 14:12:57 Removed TEC-IT TBarCode Office 10
19-11-2015 19:50:04 zoek.exe restore point
20-11-2015 08:45:48 Windows Update
21-11-2015 19:45:43 Removed Java 8 Update 60
21-11-2015 19:46:20 Removed Java 8 Update 60

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-11-19 13:53 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2969EEED-20A1-4DE5-B86D-1C824567C0E0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {443448A1-89C8-4D78-874C-8CD2B13B57D4} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {4D65A4C3-3E99-418A-8726-1702A5A9140D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {81427BD1-0A16-422E-907D-31351B364BBB} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {97FE5EB6-9642-4739-9C50-053EA99B2C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-27] (Adobe Systems Incorporated)
Task: {A733FCCE-C3BC-402E-A67B-5B71CC41AA24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {A7543029-CB88-4A08-9933-16FF25260A7C} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2012-04-16] (Intel Corporation)
Task: {A82C063D-9C46-4C10-B1DD-82EBDCB58A50} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-28] (Google Inc.)
Task: {BABD2FC1-7BD2-4BD2-A106-4974CA2FF4D0} - System32\Tasks\{C384678A-0B16-4666-A32E-6F61F28CA818} => pcalua.exe -a C:\Users\Thorsten\Downloads\sp54425.exe -d C:\Users\Thorsten\Downloads
Task: {CDD1388C-27D9-4C4B-8068-F7402567FAAB} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-17] (Dropbox, Inc.)
Task: {F0471ACE-CC7D-44D6-B971-4D4C414AD564} - System32\Tasks\{FE500D95-E348-4016-9771-2A0711A2F9FD} => pcalua.exe -a C:\Users\Thorsten\AppData\Local\Temp\Temp1_Realtek_Win8-64_Win8_Win7-64_Win7_Vista64_Vista_XP64_XP(6690).zip\Audio(6690)\Setup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000Core.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3302927987-3442811057-85396348-1000UA.job => C:\Users\Thorsten\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-28 01:06 - 2015-10-03 03:49 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-11-21 17:46 - 2015-11-12 16:10 - 00613968 ____N () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 16:26 - 2012-02-09 16:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 16:26 - 2012-02-09 16:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-02-26 19:39 - 2015-02-26 19:39 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-11-01 22:48 - 2015-11-02 07:45 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-07-20 10:35 - 2015-06-17 08:00 - 00062464 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll
2015-05-01 08:11 - 2015-10-12 04:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00144896 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\zlib1.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00062464 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\pxd.dll
2015-05-31 07:15 - 2015-07-15 07:40 - 00179144 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\LightUpdate.dll
2015-05-31 07:15 - 2015-11-06 13:12 - 02340296 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\BigUp2.dll
2015-08-26 10:18 - 2015-08-26 10:18 - 50425344 _____ () C:\Users\Thorsten\AppData\Local\MyComGames\Chrome\3.2454.1317\libcef.dll
2015-11-21 19:30 - 2015-11-21 19:30 - 00071168 _____ () c:\users\thorsten\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmphnj3xa.dll
2015-10-01 19:30 - 2015-10-01 19:30 - 00016384 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\8db6991b5800d6791b92d33532627df2\PSIClient.ni.dll
2015-02-28 08:27 - 2012-07-18 06:55 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3302927987-3442811057-85396348-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Thorsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{E4EFEB4F-2C4C-4D0E-8F17-34FB7F590101}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{28F028E2-61EB-4939-A1C9-18D4087120F6}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{64CD0E7A-7715-4CBD-8ED7-1518313ED644}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AE5884DD-6514-4F77-8A1D-81CC30B6C4C1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CC099D50-0387-4C28-ACCF-056F5A8C5A71}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BA86B2F5-69CE-4761-8A47-8E3E919BFE5D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4838DB96-119E-4750-B1A0-022A39631609}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{808314F2-0603-4E4A-9D6F-3B0BF364C737}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA575668-199B-47E4-8D55-7E676A2AD01D}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{9706CBDF-EADB-4787-8EE9-CA02F2B18BDA}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{2517C3F0-81FE-4C42-8DE3-2164EA4DACD1}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{ABCB8F47-5A10-4AC0-8415-5262FC9D3828}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{F09B091E-8F1C-4CEA-919E-73F8C4B0C2E6}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{BF92B25C-7A21-4C0F-A6D7-F6E40AB5C72B}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{740021B2-6EEC-4679-B550-14DAC5CC8990}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E4E5A57B-54D6-434C-BC89-4DFBA73FFDE3}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{3E4C5A7E-DBA9-4FB3-A558-6233ACC605BE}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [UDP Query User{A2FA18C2-601B-469A-8D04-9697188D5461}C:\games\world_of_warplanes\wowplauncher.exe] => (Allow) C:\games\world_of_warplanes\wowplauncher.exe
FirewallRules: [{D783AADF-1F97-4888-BDBB-6D9EDA300520}] => (Allow) D:\Spiele\bin\x64r\emergency5.exe
FirewallRules: [{8BB1EA29-7A4A-4E35-8256-DB9156659EB1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3DD1E2EF-B1C1-4C6A-B24F-44836A9AF96E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BA19F522-E9D4-4EE0-A0D9-25D8DFDF4170}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{73BA38B9-70DA-4DE7-A3A7-179B19DDA2D2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Helicopter 2015 Natural Disasters\HelicopterND.exe
FirewallRules: [{7A04FE04-D0D3-4FAC-A493-5335949358D5}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{0CBCADB0-8365-4C70-8496-D249002D38A8}] => (Allow) C:\Users\Thorsten\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{8DD010FE-5DFA-4ACD-8CA4-6A34D50171CD}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{BFDBDD81-0522-491D-B687-640610F1C7C0}C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\thorsten\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76774C5B-8091-434D-8570-AEB2C35DC43D}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{A3549E7F-7D21-40A1-A5FF-21EA2B143894}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{58C4FE6F-EE4E-422E-93AE-6140FE774A2E}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [UDP Query User{44E8EFC9-AEB5-4652-99E6-379241289418}D:\wow\wowslauncher.exe] => (Allow) D:\wow\wowslauncher.exe
FirewallRules: [TCP Query User{7D49057B-88AA-4178-A628-46AF9E0DF46E}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{FB0C904B-AFC9-4DB7-8AA0-49D3D8C6B6D7}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{5AD0760A-19EA-4365-8B69-1117D2BCED53}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{D5E06918-2E24-4349-A3C4-5E1EFC3F7780}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{61084CC0-E25A-4BBA-9073-792074C572F3}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D428F6F6-4113-42EA-8734-6F65817CBAD0}] => (Allow) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
FirewallRules: [{D0BF5190-6714-4859-BE02-83E145710FA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{6FD0EB8D-1CD6-4B48-9746-B822401B3E83}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D98C54BA-65E2-4A7D-A8E4-D105AB5344A4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E6A9942D-997F-4254-8417-C87A8618D43F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B6790434-B146-48F0-A369-A2CC2B720F4D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{EC4EF857-6483-4C45-BF4D-48FDFBD5CEF4}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{4E70CA78-8870-4FF0-A5EE-6F3FE0EE7C70}C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe] => (Allow) C:\users\thorsten\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{D2E0F433-9A43-4D97-A09F-F37387116DD2}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{3BBCE2B7-EA39-4FEA-965B-33298042370E}D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe] => (Allow) D:\mygames\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [{E0F3F8F4-DA6C-4AA0-9A5A-56BF2E5ACB36}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{14C527EA-0B6D-4BAC-813D-BC1784CB14A2}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{28F23C4E-98C8-4D8F-8803-3935590419B7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C3FCA-9019-4D37-AA46-9B92E0571151}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{824C9AC0-2BE0-4409-8508-B89F5895BE95}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE06792E-5576-46F7-9A16-1B88BBB2BF07}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{9C710348-2DF3-4E5C-8848-E7D9BF56A3D2}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F5ECA1A3-DD94-4B31-A9D9-7642DD75FCB6}] => (Allow) C:\Program Files (x86)\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [{6886CDAF-C119-4B2A-ABE7-64AF99263A6D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6D8BF93A-D10F-4A8E-B287-D2BB868ABFC8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39A4659B-A005-4BCB-85F2-AB1539B69A1F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B61F5210-D039-4C54-9166-942DE502B98A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{03B6EA03-31D5-4293-986C-1C1FA536D6AC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B1B239FE-6558-4C1A-8905-FFF1507A603E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6D9CA709-65CD-4984-93FB-7F06E132D911}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CD0A7003-C839-4E1D-891C-580EF984E05A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{F245D147-DF5B-4D1E-9922-4BFFFEE099D5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{943251E6-15D0-45C4-BD79-01E438D587D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BEB9B0C4-6950-46F3-B5F9-A63897F97363}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{234B3EA9-A073-4BE1-8029-0BC0E658AC2C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0CF7166E-149E-4AA0-85D3-AD6E849AA274}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{983F165F-A589-4324-AB97-C848798E352B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/21/2015 07:50:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/21/2015 07:46:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:46:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:46:20 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360Safe Anti Hacker Service.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:45:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary BAPIDRV.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:45:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360FsFlt mini-filter driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:45:45 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary 360Safe Anti Hacker Service.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (11/21/2015 07:38:40 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (11/21/2015 07:29:53 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (11/21/2015 07:22:37 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Systemfehler:
=============
Error: (11/21/2015 07:39:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/21/2015 07:39:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/21/2015 07:39:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/21/2015 07:39:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/21/2015 07:39:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (11/21/2015 07:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (11/21/2015 07:39:13 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\Thorsten\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.


CodeIntegrity:
===================================
  Date: 2015-11-19 13:45:18.094
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-11-19 13:45:18.024
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 23%
Installierter physikalischer RAM: 12230.42 MB
Verfügbarer physikalischer RAM: 9314.54 MB
Summe virtueller Speicher: 24459.05 MB
Verfügbarer virtueller Speicher: 21280.48 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:223.47 GB) (Free:88.95 GB) NTFS
Drive d: (Daten) (Fixed) (Total:1863.01 GB) (Free:1193.85 GB) NTFS
Drive e: (eSysRescueLiveCD) (CDROM) (Total:0.32 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: E38ABEDA)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 5474C3AC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

deeprybka 21.11.2015 20:17

http://deeprybka.trojaner-board.de/b...ndeeprybka.gif
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)



http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.


http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
 Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

http://deeprybka.trojaner-board.de/eset/ESS.png
ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 09:46 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19