| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Internetexplorer öffnet mehrere prozesse im HintergrundWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.08.2014, 17:45
| #1 |
 |  Internetexplorer öffnet mehrere prozesse im Hintergrund Hallo liebes Forum, zuallererst kenn ich mich mit Computern nicht wirklich aus. So hier nun mein problem: Nach dem hochfahrens meine Computers heute entdeckte ich im taskmanager einige prozesse vom Internetexplorer und nachdem ich sie schloss tauchten sie wieder auf. Ich ließ mein Antiviren Programm Avira durchlaufen,das aber leider nichts fand.Ich danke schon einmal im vorraus für die Hilfe Sctman Geändert von Sctman (17.08.2014 um 18:16 Uhr) |
|
17.08.2014, 19:05
| #2 |
| /// the machine /// TB-Ausbilder    | Internetexplorer öffnet mehrere prozesse im Hintergrund hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
17.08.2014, 19:12
| #3 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Die FRST Datei wäre dann das
__________________FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Lukas (administrator) on LUKAS-PC on 17-08-2014 18:33:28
Running from C:\Users\Lukas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) F:\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Spotify Ltd) C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Windows Net) C:\Users\Lukas\AppData\Roaming\Windows Net Data\net.exe
(LogMeIn Inc.) F:\LogMeIn Hamachi\hamachi-2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(LogMeIn, Inc.) F:\LogMeIn Hamachi\LMIGuardianSvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) F:\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sysinternals - www.sysinternals.com) F:\Taskneu\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoccatIsku] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => F:\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [190032 2014-07-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => F:\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-180031569-961694194-23704048-1001\...\Run: [Spotify Web Helper] => C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-17] (Spotify Ltd)
HKU\S-1-5-21-180031569-961694194-23704048-1001\...\MountPoints2: {4ab2a21a-4b94-11e2-b302-3085a9a10a87} - G:\pushinst.exe
HKU\S-1-5-21-180031569-961694194-23704048-1001\...\MountPoints2: {beeb54f7-4c29-11e2-8ba3-3085a9a10a87} - G:\pushinst.exe
IFEO\taskmgr.exe: [Debugger] "F:\TASKNEU\PROCESSEXPLORER\PROCEXP.EXE"
IFEO\utilman.exe: [Debugger] c:\windows\system32\cmd.exe
Startup: C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Lukas\AppData\Roaming\Windows Net Data\net.exe (Windows Net)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84EBF4972A10CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6DDCF356-4B0A-4E74-AF12-3E99145A00A4&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP6DDCF356-4B0A-4E74-AF12-3E99145A00A4&q={searchTerms}&SSPV=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.claro-search.com/?q={searchTerms}&affID=120133&babsrc=SP_ss&mntrId=f83379c7000000000000bc05430e8b00
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 launcher01.kalypsomedia.com
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default
FF DefaultSearchEngine: Startpage (SSL)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lukas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> F:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF user.js: detected! => C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\user.js
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\claro.xml
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\abs@avira.com [2014-08-04]
FF Extension: GFACE Experience Plugin - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: YouTube Unblocker - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: YouTube Center - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-10-24]
FF Extension: Flagfox - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: NoScript - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-24]
FF Extension: {b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25} - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25}.xpi [2014-04-19]
FF Extension: SkypeConverter - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{c683a396-4b39-47a4-8598-31b999693be8}.xpi [2014-04-22]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-24]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-30] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [141392 2014-07-24] (Avira Operations GmbH & Co. KG)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 Hamachi2Svc; F:\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R2 HiPatchService; F:\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-04] (DT Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 cpuz134; \??\C:\Users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\F:\Garena Plus\Room\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 18:33 - 2014-08-17 18:33 - 00023123 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-17 18:33 - 2014-08-17 18:33 - 00000000 ____D () C:\FRST
2014-08-17 18:32 - 2014-08-17 18:33 - 02101760 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:32 - 2014-08-17 18:32 - 00000472 _____ () C:\Users\Lukas\Downloads\defogger_disable.log
2014-08-17 18:32 - 2014-08-17 18:32 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-17 00:08 - 2014-08-17 00:09 - 00018473 _____ () C:\Windows\DirectX.log
2014-08-15 21:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 21:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 21:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 21:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 21:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 21:52 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 21:52 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:52 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 21:52 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 21:52 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 21:52 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 21:52 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 21:52 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 21:52 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 21:52 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 21:52 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 21:52 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 21:52 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 21:52 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 21:52 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 21:52 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 21:52 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:52 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:52 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:52 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:52 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 21:52 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 21:52 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 21:52 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 21:52 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 21:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 21:52 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 21:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 21:51 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 21:51 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-15 16:04 - 2014-08-17 18:07 - 00000840 _____ () C:\Windows\setupact.log
2014-08-15 16:04 - 2014-08-15 16:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-05 16:33 - 2014-08-05 16:33 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-02 23:32 - 2014-08-06 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-02 23:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 23:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 23:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 23:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 23:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 23:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 03:46 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:33 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-29 18:31 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-29 18:31 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-29 12:50 - 2014-07-29 12:50 - 00001456 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 12:50 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 12:49 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 12:49 - 2014-07-29 12:50 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 12:49 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-07-24 00:01 - 2014-07-24 00:09 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 19:34 - 2014-07-23 19:34 - 00000000 ___RD () C:\Sandbox
2014-07-23 19:27 - 2014-07-23 19:35 - 00002548 _____ () C:\Windows\Sandboxie.ini
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-22 13:03 - 2014-07-23 15:53 - 00000000 ____D () C:\Users\Lukas\Documents\ProfileCache
2014-07-22 13:03 - 2014-07-23 15:51 - 00000000 ____D () C:\Users\Lukas\Documents\The Crew
2014-07-22 13:02 - 2014-07-22 13:02 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Ubisoft
2014-07-22 12:15 - 2014-07-22 12:15 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 12:15 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 20:31 - 2014-07-21 20:31 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Guild Wars 2
2014-07-19 19:06 - 2014-07-19 19:06 - 09052192 _____ (Cheat Engine ) C:\Users\Lukas\Downloads\CheatEngine64.exe
2014-07-19 16:30 - 2014-07-19 16:30 - 00000000 ____D () C:\ProgramData\Riot Games
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-17 18:33 - 2014-08-17 18:33 - 00023123 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-17 18:33 - 2014-08-17 18:33 - 00000000 ____D () C:\FRST
2014-08-17 18:33 - 2014-08-17 18:32 - 02101760 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:32 - 2014-08-17 18:32 - 00000472 _____ () C:\Users\Lukas\Downloads\defogger_disable.log
2014-08-17 18:32 - 2014-08-17 18:32 - 00000000 _____ () C:\Users\Lukas\defogger_reenable
2014-08-17 18:32 - 2012-12-21 19:36 - 00000000 ____D () C:\Users\Lukas
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 18:19 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-17 18:19 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-17 18:16 - 2014-01-07 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-17 18:16 - 2012-12-20 13:10 - 01969755 _____ () C:\Windows\WindowsUpdate.log
2014-08-17 18:13 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-08-17 18:13 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-08-17 18:13 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-17 18:08 - 2013-01-24 18:08 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-08-17 18:07 - 2014-08-15 16:04 - 00000840 _____ () C:\Windows\setupact.log
2014-08-17 18:07 - 2012-12-20 13:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-17 18:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-17 18:05 - 2012-12-21 21:10 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-17 17:59 - 2013-06-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-08-17 16:52 - 2009-07-14 06:45 - 00341712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-17 00:09 - 2014-08-17 00:08 - 00018473 _____ () C:\Windows\DirectX.log
2014-08-16 16:54 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 11:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 21:58 - 2013-07-24 11:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:56 - 2012-12-21 20:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 21:49 - 2012-12-24 01:24 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TS3Client
2014-08-15 21:48 - 2013-01-31 17:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Spotify
2014-08-15 20:17 - 2013-01-31 17:42 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Spotify
2014-08-15 16:10 - 2012-12-21 20:02 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-15 16:04 - 2014-08-15 16:04 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-15 01:20 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Game Dev Tycoon - Steam
2014-08-13 00:00 - 2012-12-24 18:33 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-08-12 18:37 - 2012-12-21 21:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 20:58 - 2012-12-27 22:06 - 00000000 ____D () C:\Users\Lukas\Documents\My Games
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 03:10 - 2012-12-24 18:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-08 01:32 - 2013-06-18 17:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-06 15:14 - 2014-08-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-05 16:34 - 2014-01-02 22:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-05 16:33 - 2014-08-05 16:33 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 16:33 - 2012-12-21 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-05 16:33 - 2012-12-21 20:31 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-03 20:33 - 2014-04-09 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Nitro PDF
2014-08-02 07:57 - 2013-09-13 00:11 - 00000000 ____D () C:\Users\Lukas\Desktop\Herunterfahren
2014-08-01 20:54 - 2013-01-19 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-15 21:52 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-15 21:52 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 15:44 - 2013-03-13 14:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-31 15:44 - 2013-03-13 14:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 03:46 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 14:59 - 2012-12-21 20:31 - 00000000 ____D () C:\ProgramData\Avira
2014-07-29 18:34 - 2012-12-20 13:25 - 00000000 ____D () C:\Temp
2014-07-29 18:34 - 2012-12-20 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-29 18:33 - 2012-12-20 13:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-29 18:32 - 2012-12-20 13:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-29 18:29 - 2014-01-22 21:22 - 00000000 ____D () C:\Users\Lukas\AppData\Local\NVIDIA Corporation
2014-07-29 12:50 - 2014-07-29 12:50 - 00001456 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 12:50 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 12:50 - 2014-07-29 12:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 12:50 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 12:49 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-07-29 12:41 - 2013-03-13 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 03:46 - 2013-07-23 22:33 - 00000000 ____D () C:\Users\Lukas\Desktop\ksbot_1.1.3
2014-07-25 16:52 - 2014-08-15 21:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-15 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-15 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-15 21:52 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:50 - 2014-06-02 15:14 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-25 15:50 - 2014-06-02 15:14 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 15:50 - 2014-01-22 21:22 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-25 15:50 - 2014-01-22 21:22 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-25 15:30 - 2014-08-15 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-15 21:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-15 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-15 21:52 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-15 21:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-15 21:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-15 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-15 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-15 21:52 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-15 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-15 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-15 21:52 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-15 21:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-15 21:52 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-15 21:52 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-15 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-15 21:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-15 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-15 21:52 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-15 21:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-15 21:52 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-15 21:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-15 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-15 21:52 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-15 21:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-15 21:52 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-15 21:52 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-15 21:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-15 21:52 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-15 21:52 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-15 21:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-15 21:52 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-15 21:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-15 21:52 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-15 21:52 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-15 21:52 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-15 21:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-15 21:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-15 21:52 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-15 21:52 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-15 21:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-15 21:52 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-15 21:52 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-15 21:52 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-15 21:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-15 21:52 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-15 21:52 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-15 21:52 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-15 21:52 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-15 21:52 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 17:19 - 2012-12-24 01:19 - 00000000 ___RD () C:\Users\Lukas\Desktop\Spiele
2014-07-24 00:09 - 2014-07-24 00:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 19:35 - 2014-07-23 19:27 - 00002548 _____ () C:\Windows\Sandboxie.ini
2014-07-23 19:34 - 2014-07-23 19:34 - 00000000 ___RD () C:\Sandbox
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-23 15:53 - 2014-07-22 13:03 - 00000000 ____D () C:\Users\Lukas\Documents\ProfileCache
2014-07-23 15:51 - 2014-07-22 13:03 - 00000000 ____D () C:\Users\Lukas\Documents\The Crew
2014-07-22 13:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-22 13:02 - 2014-07-22 13:02 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Ubisoft
2014-07-22 12:21 - 2013-10-28 14:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 12:15 - 2014-07-22 12:15 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 12:15 - 2013-06-23 02:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-22 08:23 - 2013-12-11 18:59 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-07-21 20:31 - 2014-07-21 20:31 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Guild Wars 2
2014-07-21 20:31 - 2013-01-15 16:38 - 00000000 ____D () C:\Users\Lukas\Documents\Guild Wars 2
2014-07-20 22:15 - 2014-07-14 02:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Tropico 5
2014-07-19 19:06 - 2014-07-19 19:06 - 09052192 _____ (Cheat Engine ) C:\Users\Lukas\Downloads\CheatEngine64.exe
2014-07-19 16:30 - 2014-07-19 16:30 - 00000000 ____D () C:\ProgramData\Riot Games
2014-07-18 15:56 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Files to move or delete:
====================
C:\Users\Lukas\jagex_cl_runescape_LIVE.dat
C:\Users\Lukas\random.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\avgnt.exe
C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Lukas\AppData\Local\Temp\Uninstall.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-16 10:55
==================== End Of Log ============================
--- --- --- --- --- --- Und die Addition wäre dann das Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04
Ran by Lukas at 2014-08-17 18:34:02
Running from C:\Users\Lukas\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.135 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Mythology Gold (HKLM-x32\...\Age of Mythology Expansion Pack 1.0) (Version: 1.0 - Microsoft)
Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
Assassin's Creed(R) III v1.06 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.06 - Ubisoft)
Aufstieg des Hexenkönigs™ (HKLM-x32\...\{B931FB80-537A-4600-00AD-AC5DEDB6C25B}) (Version: - )
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.5.4.0 - Auslogics Labs Pty Ltd)
Avira (HKLM-x32\...\{9590977b-7b6f-467e-a11a-efa1fae804da}) (Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.18.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Black & White® 2 (HKLM-x32\...\{D9E52CD1-9DF1-4A8A-9BDC-1E5E53982F2B}) (Version: 1.00.0000 - Lionhead Studios)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version: - Criterion Games)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Crysis 2 Maximum Edition (HKLM-x32\...\Steam App 108800) (Version: - Crytek Studios)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0002.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{D7ECDD70-EBAB-42AD-8BE3-2F4D1CEC70A7}) (Version: 0.92.79 - Dotjosh Studios)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dead Space (HKLM-x32\...\Steam App 17470) (Version: - EA Redwood Shores)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
DEFIANCE (HKLM-x32\...\{58C7728C-D226-41B9-AA52-39CCC3ADB65F}_is1) (Version: - Trion Worlds, Inc.)
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Die Schlacht um Mittelerde™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version: - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version: - )
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve )
DUNGEONS (HKLM-x32\...\{79A65475-2F7F-491C-BF2F-8D5C0AF0775C}) (Version: 1.0.0.1 - Realmforge Studios GmbH)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version: - CCP Games Ltd.)
Fable - The Lost Chapters (HKLM-x32\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios)
Fable - The Lost Chapters (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Fable III (HKLM-x32\...\GFWL_{4D53090A-9B45-437B-A66A-831000008300}) (Version: 1.0.0000.131 - Microsoft Game Studios)
Fable III (x32 Version: 1.0.0000.131 - Microsoft Game Studios) Hidden
Fable III (x32 Version: 1.0.0002.131 - Microsoft Game Studios) Hidden
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Floris Mod Pack 2.54 (HKLM-x32\...\Floris Mod Pack_is1) (Version: - )
FoxyDeal (HKLM-x32\...\FoxyDeal) (Version: 1.1.0 - R&E Media GmbH)
Free Audio Converter version 5.0.24.419 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.24.419 - DVDVideoSoft Ltd.)
Free Video to iPod Converter version 5.0.26.622 (HKLM-x32\...\Free Video to iPod Converter_is1) (Version: 5.0.26.622 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.4.622 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.4.622 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - )
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Game Dev Tycoon Version 1.3.14 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.3.14 - Greenheart Games Pty. Ltd.)
Garena Plus (HKLM-x32\...\im) (Version: 2011 - Garena Online Pte Ltd.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Garry)
Ghost Recon Phantoms - EU (HKCU\...\d8be6c3f847d7d92) (Version: 1.35.7490.1 - Ubisoft)
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hawken (HKCU\...\Hawken) (Version: - Meteor Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version: - NetherRealm Studios)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
Just Cause 2: Multiplayer Mod (HKLM-x32\...\Steam App 259080) (Version: - JC2-MP Team)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LEGO Alpha Team (HKLM-x32\...\{C5C8DE40-1AB7-11D4-854E-00A0C99F6AF9}) (Version: - )
LEGO Racers (HKLM-x32\...\LEGO Racers) (Version: - )
LEGO Racers 2 (HKLM-x32\...\{3DD2E9EA-0544-4162-B8BE-E21E994E9F3B}) (Version: - )
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
Magicka (HKLM-x32\...\Steam App 42910) (Version: - Arrowhead Game Studios AB)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{09298F26-A95C-31E2-9D95-2C60F586F075}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Might & Magic Heroes VI (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 1.8 - Ubisoft)
MISERY version 2.0 (HKLM-x32\...\MISERY_is1) (Version: 2.0 - MISERY Development Team)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - )
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mount&Blade Warband (HKLM-x32\...\Mount&Blade Warband) (Version: - )
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140806.90000 - Square Enix Ltd)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 0.11.0.25686 - Grinding Gear Games)
Pflanzen gegen Zombies (HKLM-x32\...\Pflanzen gegen Zombies) (Version: - )
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Poke (HKLM-x32\...\{FC9F924E-9472-45F1-980D-8267E47AA054}) (Version: 2.0.1 - CodeFromThe70s.org)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.6-1.0.8500.17 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Renegade X (HKLM-x32\...\UDK-4fc3a6b6-3d0e-4dce-b127-8e60191e2b1e) (Version: Open Beta 1 - Totem Arts)
RIFT (HKCU\...\RIFT) (Version: - Trion Worlds, Inc.)
Rise Of Legends (HKLM-x32\...\InstallShield_{CADDE354-C78C-46CB-A006-E2B178EFC271}) (Version: 1.00.0000 - Microsoft Game Studios)
Rise Of Legends (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Risen 2 - Dark Waters (HKLM-x32\...\Steam App 40390) (Version: - Piranha Bytes)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version: - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version: - Cellar Door Games)
S.T.A.L.K.E.R.: Call of Pripyat (HKLM-x32\...\Steam App 41700) (Version: - GSC Game World)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization 4 Complete (HKCU\...\{30D1F3D2-54CF-481D-A005-F94B0E98FEEC}) (Version: 1.74 - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2070.0 - Hi-Rez Studios)
Smooth Operators - Indie Gala Edition (HKCU\...\6b0b0d2561055daf) (Version: 1.0.0.14 - Heydeck Games)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version: - Rebellion)
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Speccy (HKLM\...\Speccy) (Version: 1.26 - Piriform)
SpeechRedist (HKLM-x32\...\{8795CBED-55E2-4693-9F14-84EC446935BE}) (Version: 1.0.0 - Epic Games Inc.)
Spotify (HKCU\...\Spotify) (Version: 0.9.11.27.g2b1a638c - Spotify AB)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars Empire at War Forces of Corruption (HKLM-x32\...\{6592FDEC-2C1A-413A-9985-25FEC2F0848D}) (Version: 1.0 - LucasArts)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - )
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
System Ninja version 3.0 (HKLM-x32\...\{6E67710E-206D-43AB-BF21-E7CD63056C55}_is1) (Version: 3.0 - SingularLabs)
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version: - Ubisoft)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Witcher 2 (HKLM-x32\...\{F0A209B7-7F85-4BDD-8F1F-B98EEAD9E04B}) (Version: 1.00.0000 - CD Projekt Red)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.3.7 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tom Clancy's Splinter Cell Conviction (HKLM-x32\...\{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}) (Version: 1.04.000 - Ubisoft)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Tribes Ascend (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF010}) (Version: 1.0.1268.1 - Hi-Rez Studios)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version: - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Utils (HKLM-x32\...\Windows Utils) (Version: - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
12-08-2014 03:21:38 Geplanter Prüfpunkt
15-08-2014 19:52:44 Windows Update
16-08-2014 22:08:15 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2013-04-11 16:30 - 00000861 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 launcher01.kalypsomedia.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {289FFA41-A0C4-4B4F-ACAE-3E3737403FD4} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe <==== ATTENTION
Task: {5D088F9F-E54D-4A5F-B18F-A3FF3874C943} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {6810D696-93D2-4AB5-8644-F8CBD20FE2F9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
Task: {7659C391-777F-4AB6-9E06-EFFAF6568415} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F81CEA55-A99C-40D9-8A7D-5CB8F4C0E302} - System32\Tasks\{DD5395A5-9700-406F-BF65-9F80B78E65D8} => Firefox.exe hxxp://ui.skype.com/ui/0/6.14.59.104/de/abandoninstall?page=tsBing
==================== Loaded Modules (whitelisted) =============
2012-12-20 13:14 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-12-22 00:43 - 2014-06-03 18:00 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-24 11:50 - 2014-07-24 11:50 - 00137296 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-07-24 11:49 - 2014-07-24 11:49 - 00065104 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-07-30 14:59 - 2014-07-24 11:50 - 00049744 _____ () C:\Users\Lukas\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2012-12-24 16:26 - 2010-11-04 12:48 - 00061440 _____ () C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\hiddriver.dll
2012-12-24 18:32 - 2010-06-22 14:50 - 00061440 _____ () C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\hiddriver.dll
2014-07-31 03:46 - 2014-07-31 03:46 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-17 08:10 - 2014-08-17 08:10 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5744dbc804f3ddc8c5416a9de9e8c26d\IsdiInterop.ni.dll
2012-12-20 13:25 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-12-20 13:25 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Lukas^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Lukas\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Users\Lukas\Downloads\Tools\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GarenaPlus => "F:\Garena Plus\GarenaMessenger.exe" -autolaunch
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: iTunesHelper => "F:\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "F:\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Lukas\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Lukas\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "F:\Steam\Steam.exe" -silent
==================== Faulty Device Manager Devices =============
Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/17/2014 06:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17239, Zeitstempel: 0x53d22ad9
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17239, Zeitstempel: 0x53d26d9d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000011022df
ID des fehlerhaften Prozesses: 0x13b0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (08/17/2014 06:08:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 05:19:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.17239, Zeitstempel: 0x53d22ad9
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17239, Zeitstempel: 0x53d26d9d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000ce5c9
ID des fehlerhaften Prozesses: 0xd98
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (08/17/2014 04:54:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 02:21:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 00:09:17 AM) (Source: MsiInstaller) (EventID: 11316) (User: Lukas-PC)
Description: Produkt: NVIDIA PhysX -- Fehler 1316. Das angegebene Konto ist bereits vorhanden.
Error: (08/16/2014 08:38:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: eu4.exe, Version: 1.0.0.0, Zeitstempel: 0x53da0714
Name des fehlerhaften Moduls: eu4.exe, Version: 1.0.0.0, Zeitstempel: 0x53da0714
Ausnahmecode: 0xc0000005
Fehleroffset: 0x009c7821
ID des fehlerhaften Prozesses: 0x2554
Startzeit der fehlerhaften Anwendung: 0xeu4.exe0
Pfad der fehlerhaften Anwendung: eu4.exe1
Pfad des fehlerhaften Moduls: eu4.exe2
Berichtskennung: eu4.exe3
Error: (08/16/2014 05:04:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 04:06:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 04:05:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
System errors:
=============
Error: (08/17/2014 06:14:38 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 06:11:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 06:11:48 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 06:09:47 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sfdrv01a
sfsync02
Error: (08/17/2014 06:06:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfdrv01a.sys konnte nicht geladen werden.
Error: (08/17/2014 06:06:44 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Treiber sfsync02.sys konnte nicht geladen werden.
Error: (08/17/2014 06:05:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (08/17/2014 05:49:55 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 05:48:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Error: (08/17/2014 05:48:40 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.
Microsoft Office Sessions:
=========================
Error: (08/17/2014 06:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1723953d22ad9mshtml.dll11.0.9600.1723953d26d9dc000000500000000011022df13b001cfba357c8f50b2C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mshtml.dlld67e37e7-2628-11e4-9dad-bc05430e8b00
Error: (08/17/2014 06:08:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 05:19:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.1723953d22ad9mshtml.dll11.0.9600.1723953d26d9dc000000500000000000ce5c9d9801cfba2e546dbfe0C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\System32\mshtml.dlld0606d57-2621-11e4-b1bd-bc05430e8b00
Error: (08/17/2014 04:54:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 02:21:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/17/2014 00:09:17 AM) (Source: MsiInstaller) (EventID: 11316) (User: Lukas-PC)
Description: Produkt: NVIDIA PhysX -- Fehler 1316. Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (08/16/2014 08:38:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: eu4.exe1.0.0.053da0714eu4.exe1.0.0.053da0714c0000005009c7821255401cfb981101134a1F:\Steam\steamapps\common\Europa Universalis IV\eu4.exeF:\Steam\steamapps\common\Europa Universalis IV\eu4.exe86cb2305-2574-11e4-9c38-bc05430e8b00
Error: (08/16/2014 05:04:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 04:06:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/15/2014 04:05:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 43%
Total physical RAM: 8147.03 MB
Available physical RAM: 4633.87 MB
Total Pagefile: 16294.06 MB
Available Pagefile: 12248.33 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:200 GB) (Free:89.87 GB) NTFS
Drive d: () (Fixed) (Total:265.42 GB) (Free:196.86 GB) NTFS
Drive f: (HP Desktop Drive) (Fixed) (Total:1863.01 GB) (Free:639.25 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 78065F92)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=265.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0005E688)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
18.08.2014, 20:45
| #4 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund Adware & Co. deinstallieren
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
18.08.2014, 23:29
| #5 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Eine Frage habe ich da noch: Ist das schlimm wenn ich bei dem Programm Revo Uninstaller keine Programme finde mit dem Zusatz <=== Attention? Sctman So hier dann jetzt der Combofix Logfile Code:
ATTFilter ComboFix 14-08-17.01 - Lukas 19.08.2014 0:21.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8147.5437 [GMT 2:00]
ausgeführt von:: c:\users\Lukas\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Lukas\AppData\Roaming\technic-launcher.jar
c:\users\Lukas\AppData\Roaming\Windows Net Data
c:\users\Lukas\AppData\Roaming\Windows Net Data\id.dat
c:\users\Lukas\AppData\Roaming\Windows Net Data\net.exe
c:\users\Lukas\AppData\Roaming\Windows Net Data\uninstaller.exe
c:\windows\IsUn0407.exe
F:\Autorun.inf
F:\install.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-07-18 bis 2014-08-18 ))))))))))))))))))))))))))))))
.
.
2014-08-18 22:25 . 2014-08-18 22:25 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-18 18:58 . 2014-08-18 18:58 -------- d-----w- C:\SUPERDelete
2014-08-18 18:07 . 2014-08-18 20:19 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2014-08-17 16:33 . 2014-08-17 16:34 -------- d-----w- C:\FRST
2014-08-17 16:06 . 2014-08-17 16:06 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14EC6D9D-485A-4204-B05D-D4410278A2B0}\offreg.dll
2014-08-16 22:18 . 2014-08-16 22:18 -------- d-----w- c:\users\Lukas\AppData\Local\Risen3
2014-08-15 19:55 . 2014-07-02 03:09 10924376 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{14EC6D9D-485A-4204-B05D-D4410278A2B0}\mpengine.dll
2014-08-15 19:53 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-15 19:53 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-15 19:53 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-15 19:53 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-15 19:53 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-15 19:53 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-15 19:53 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-15 19:53 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-15 19:51 . 2014-07-14 02:02 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-08-15 19:51 . 2014-07-14 01:40 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2014-08-12 16:37 . 2014-08-12 16:37 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-07-29 16:33 . 2014-07-02 17:44 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-07-29 10:49 . 2014-07-29 10:49 -------- d-----w- c:\program files\iPod
2014-07-29 10:49 . 2014-07-29 10:50 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 10:49 . 2014-07-29 10:50 -------- d-----w- c:\program files\iTunes
2014-07-23 22:01 . 2014-07-23 22:09 -------- d-----w- c:\users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 17:34 . 2014-07-23 17:34 -------- d-----r- C:\Sandbox
2014-07-22 11:02 . 2014-07-22 11:02 -------- d-----w- c:\users\Lukas\AppData\Local\Ubisoft
2014-07-22 10:15 . 2014-07-22 10:15 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-07-21 18:31 . 2014-07-21 18:31 -------- d-----w- c:\users\Lukas\AppData\Roaming\Guild Wars 2
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-15 19:56 . 2012-12-21 18:07 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-15 14:10 . 2012-12-21 18:02 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 14:10 . 2012-12-21 18:02 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-05 07:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-25 13:50 . 2014-06-02 13:14 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2014-01-22 19:22 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-06-02 13:14 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2014-01-22 19:22 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-11 01:02 . 2013-10-28 12:35 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-10 10:10 . 2013-05-02 09:28 42040 ----a-w- c:\windows\system32\drivers\avnetflt.sys
2014-07-02 20:48 . 2012-12-20 11:14 75040 ----a-w- c:\windows\system32\OpenCL.dll
2014-07-02 20:48 . 2012-12-20 11:14 61912 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-07-02 20:48 . 2012-12-20 11:14 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2012-12-20 11:14 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 20:48 . 2012-12-20 11:14 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2012-12-20 11:14 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2012-12-20 11:14 16122344 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-07-02 20:48 . 2012-12-20 11:14 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 18:55 . 2012-12-20 11:14 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2012-12-20 11:14 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2012-12-20 11:14 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2012-12-20 11:14 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2012-12-20 11:14 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 18:55 . 2012-12-20 11:14 2559960 ----a-w- c:\windows\system32\nvsvcr.dll
2014-07-02 10:14 . 2012-12-20 11:14 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-21 01:12 . 2012-12-21 22:43 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-06-21 01:12 . 2012-12-21 22:43 290184 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-06-21 01:12 . 2012-12-21 22:43 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-06-18 02:18 . 2014-07-11 18:40 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-11 18:40 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-11 18:40 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-11 18:40 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-11 18:40 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-11 18:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-11 18:40 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-06-03 16:00 . 2012-12-21 22:43 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-05-30 08:08 . 2014-07-11 18:40 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-11 18:40 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-11 18:40 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-11 18:40 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-11 18:40 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-11 18:40 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-11 18:40 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-11 18:40 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-11 18:40 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-11 18:40 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-11 18:40 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-11 18:40 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-11 18:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-11 18:40 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-11 18:40 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"AVMWlanClient"="c:\program files (x86)\avmwlanstick\wlangui.exe" [2010-10-22 2105344]
"RoccatIsku"="c:\users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.EXE" [2012-11-09 542560]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-11 256896]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallDeleteDir"="rmdir" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R0 sfdrv01a;StarForce Protection Environment Driver (version 1.x.a);c:\windows\System32\drivers\sfdrv01a.sys;c:\windows\SYSNATIVE\drivers\sfdrv01a.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 cpuz134;cpuz134;c:\users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys;c:\users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;f:\garena plus\Room\safedrv.sys;f:\garena plus\Room\safedrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;f:\logmein hamachi\hamachi-2.exe;f:\logmein hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;f:\hi-rez studios\HiPatchService.exe;f:\hi-rez studios\HiPatchService.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 fwlanusbn;FRITZ!WLAN N;c:\windows\system32\DRIVERS\fwlanusbn.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusbn.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S4 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - avipbb
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-03-20 6468712]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-07-25 1283136]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mDefault_Search_URL = about:blank
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = about:blank
uInternet Settings,ProxyOverride = <local>;*.local
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\
FF - ExtSQL: !HIDDEN! 2012-12-24 14:31; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk - c:\users\Lukas\AppData\Roaming\Windows Net Data\net.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-LEGO Racers - c:\windows\IsUn0407.exe
AddRemove-Windows Utils - c:\users\Lukas\AppData\Roaming\Windows Net Data\uninstaller.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2898869 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2901126 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
AddRemove-{92FB6C44-E685-45AD-9B20-CADF4CABA132}.KB2931368 - c:\windows\Microsoft.NET\Framework64\v4.0.30319\SetupCache\v4.5.50938\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}"=hex:51,66,7a,6c,4c,1d,38,12,27,28,80,
ea,f2,9b,77,08,dc,cc,8d,48,4c,7b,c9,f2
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
"{555D4D79-4BD2-4094-A395-CFC534424A05}"=hex:51,66,7a,6c,4c,1d,38,12,17,4e,4e,
51,e0,05,fa,05,dc,83,8c,85,31,1c,0e,11
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:f8,7a,93,a8,8c,26,ce,01
.
[HKEY_USERS\S-1-5-21-180031569-961694194-23704048-1001\Software\SecuROM\License information*]
"datasecu"=hex:da,da,dc,66,ab,75,5a,9b,20,43,ca,dc,b9,d9,09,3e,9b,19,a6,87,6d,
75,fd,3f,80,fd,cf,08,20,d2,26,23,ea,85,01,dc,8a,a4,90,bc,63,7c,4f,47,b2,85,\
"rkeysecu"=hex:4c,91,47,7f,fa,8f,6f,e4,75,63,6b,d0,5a,01,ea,82
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_135_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_135.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-08-19 00:26:17
ComboFix-quarantined-files.txt 2014-08-18 22:26
.
Vor Suchlauf: 15 Verzeichnis(se), 96.488.169.472 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 96.172.376.064 Bytes frei
.
- - End Of File - - 6A6EC072C0BB53288987F99F3F2E7998
Geändert von Sctman (18.08.2014 um 21:37 Uhr) |
|
19.08.2014, 20:38
| #6 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Internetexplorer öffnet mehrere prozesse im Hintergrund |
|
19.08.2014, 21:49
| #7 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Ich kann leider keine Logfile von Junkware Removal Tool hierbei anfügen, weil das Programm ab einem bestimmten punkt aufhört seine Arbeit zu tun. Ich komme immer bis zu dem Punkt bei dem ich eine beliebige Taste drücken soll und wenn ich dies tue kommt: creating a registry backup und dann schließt es sich. Aber ich habe schon die anderen Logfiles. (ich habe auch meine Schutzsoftware beendet) mbam.txt: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 19.08.2014 Suchlauf-Zeit: 21:47:05 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.08.19.09 Rootkit Datenbank: v2014.08.16.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Lukas Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 339398 Verstrichene Zeit: 9 Min, 38 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 9 PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [175e8642d2a964d2f537aef9c141ec14], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [43326464f685da5c83aaf2b5ba4859a7], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [81f4bf095823f343dc319082a75c07f9], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [2b4ad7f11962171f7b798fa3ae5646ba], PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [7ef77157d5a6999d02b0529953afda26], PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.7, In Quarantäne, [93e2c701d1aabb7bff6a3ec6857ed927], PUP.Optional.InstallCore.A, HKU\S-1-5-21-180031569-961694194-23704048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [b9bc8f39adce4cead048be53649f42be], PUP.Optional.InstallCore.A, HKU\S-1-5-21-180031569-961694194-23704048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [8aebc50309725cda222a6cbb3ec6f40c], PUP.Optional.SystemSpeedup, HKU\S-1-5-21-180031569-961694194-23704048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [afc6b6124c2f8da93d74ea01867c817f], Registrierungswerte: 1 PUP.Optional.InstallCore.A, HKU\S-1-5-21-180031569-961694194-23704048-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0G2Y1R2X0G1M2S1M0G1S1H, In Quarantäne, [8aebc50309725cda222a6cbb3ec6f40c] Registrierungsdaten: 2 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[13625870413a55e1147d87508f750af6] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[3a3bf2d61c5ff640b9d83d9a90742ad6] Ordner: 6 PUP.Optional.OpenCandy, C:\Users\Lukas\AppData\Roaming\OpenCandy, In Quarantäne, [e4916e5adaa1fd391726b80256ac827e], PUP.Optional.OpenCandy, C:\Users\Lukas\AppData\Roaming\OpenCandy\0ED36F2BBE384D8C957BCACA33D92D50, In Quarantäne, [e4916e5adaa1fd391726b80256ac827e], PUP.Optional.NextLive.A, C:\Users\Lukas\AppData\Roaming\newnext.me, In Quarantäne, [8aeb695f5526b284eefac5f62fd3ad53], PUP.Optional.NextLive.A, C:\Users\Lukas\AppData\Roaming\newnext.me\cache, In Quarantäne, [8aeb695f5526b284eefac5f62fd3ad53], PUP.Optional.ShowPassword.A, C:\Program Files (x86)\Show-Password, In Quarantäne, [20558345d1aa5fd755c2c90ad23044bc], PUP.Optional.SystemSpeedup, C:\Users\Lukas\AppData\Roaming\Systweak\ssd, In Quarantäne, [0174a4243546c670cf4c2aa9fc0621df], Dateien: 12 Trojan.FakeMS.ED, C:\ProgramData\Windows Genuine Advantage\{ED902EBA-D69F-4E8A-A617-5CCF53CD1FEC}\winbio90.dll, In Quarantäne, [e09509bf790200361483d9d247ba28d8], PUP.Optional.Verti, C:\Users\Lukas\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe, In Quarantäne, [215437911c5f7db97781deb9be4613ed], PUP.Optional.Conduit.A, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\conduit-search.xml, In Quarantäne, [8bea2d9b34472c0a5bba9daaf014ef11], PUP.Optional.OpenCandy, C:\Users\Lukas\AppData\Roaming\OpenCandy\0ED36F2BBE384D8C957BCACA33D92D50\5682.ico, In Quarantäne, [e4916e5adaa1fd391726b80256ac827e], PUP.Optional.OpenCandy, C:\Users\Lukas\AppData\Roaming\OpenCandy\0ED36F2BBE384D8C957BCACA33D92D50\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [e4916e5adaa1fd391726b80256ac827e], PUP.Optional.OpenCandy, C:\Users\Lukas\AppData\Roaming\OpenCandy\0ED36F2BBE384D8C957BCACA33D92D50\GutscheinCodes.exe, In Quarantäne, [e4916e5adaa1fd391726b80256ac827e], PUP.Optional.NextLive.A, C:\Users\Lukas\AppData\Roaming\newnext.me\nengine.cookie, In Quarantäne, [8aeb695f5526b284eefac5f62fd3ad53], PUP.Optional.NextLive.A, C:\Users\Lukas\AppData\Roaming\newnext.me\cache\spark.bin, In Quarantäne, [8aeb695f5526b284eefac5f62fd3ad53], PUP.Optional.SystemSpeedup, C:\Users\Lukas\AppData\Roaming\Systweak\ssd\SSDPTstub.exe, In Quarantäne, [0174a4243546c670cf4c2aa9fc0621df], PUP.Optional.CrossRider.A, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1435082bf2136dd4e09256eee2962619");), Ersetzt,[7bfa01c765168caa1fa0888029dc5ba5] PUP.Optional.Babylon.A, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar_i.newTab", true);), Ersetzt,[165f9632d9a261d5428dd533be476799] PUP.Optional.Babylon.A, C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=120133&babsrc=NT_ss&mntrId=f83379c7000000000000bc05430e8b00");), Ersetzt,[007554740f6ca09625aaf5131aeb20e0] Physische Sektoren: 0 (No malicious items detected) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.307 - Bericht erstellt am 19/08/2014 um 22:04:14
# Aktualisiert 17/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Lukas - LUKAS-PC
# Gestartet von : C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\foxydeal.sqlite
Datei Gefunden : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\claro.xml
Datei Gefunden : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\user.js
Datei Gefunden : C:\Users\Lukas\daemonprocess.txt
Datei Gefunden : C:\Windows\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\SoftwareUpdater
Ordner Gefunden : C:\ProgramData\WPM
Ordner Gefunden : C:\Users\Lukas\AppData\Local\genienext
Ordner Gefunden : C:\Users\Lukas\AppData\Local\Mobogenie
Ordner Gefunden : C:\Users\Lukas\AppData\LocalLow\Claro LTD
Ordner Gefunden : C:\Users\Lukas\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Lukas\AppData\Roaming\goforfiles
Ordner Gefunden : C:\Users\Lukas\AppData\Roaming\Systweak
Ordner Gefunden : C:\Users\Lukas\Documents\Mobogenie
Ordner Gefunden : C:\Windows\SysWOW64\SearchProtect
***** [ Tasks ] *****
Task Gefunden : Desk 365 RunAsStdUser
Task Gefunden : GoforFilesUpdate
***** [ Verknüpfungen ] *****
Verknüpfung Gefunden : C:\Users\Lukas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9 )
Verknüpfung Gefunden : C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9 )
Verknüpfung Gefunden : C:\Users\Lukas\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk ( hxxp://www.nationzoom.com/?type=sc&ts=1388625011&from=vtt&uid=ST95005620AS_5YX1GZQ9XXXX5YX1GZQ9 )
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\dedddab335bf46
Schlüssel Gefunden : HKCU\Software\GoforFiles
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\powerpack
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\GoforFiles
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\powerpack
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\SOFTWARE\GoforFiles
Schlüssel Gefunden : HKLM\SOFTWARE\hdcode
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\SOFTWARE\systweak
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\prefs.js ]
Zeile gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=120133&babsrc=HP_ss&mntrId=f83379c7000000000000bc05430e8b00");
Zeile gefunden : user_pref("avg.install.userSPSettings", "Claro Search");
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Zeile gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=120133&babsrc=NT_ss&mntrId=f83379c7000000000000bc05430e8b00");
Zeile gefunden : user_pref("extensions.claro.admin", false);
Zeile gefunden : user_pref("extensions.claro.aflt", "babsst");
Zeile gefunden : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Zeile gefunden : user_pref("extensions.claro.autoRvrt", "false");
Zeile gefunden : user_pref("extensions.claro.dfltLng", "en");
Zeile gefunden : user_pref("extensions.claro.excTlbr", false);
Zeile gefunden : user_pref("extensions.claro.id", "f83379c7000000000000bc05430e8b00");
Zeile gefunden : user_pref("extensions.claro.instlDay", "15760");
Zeile gefunden : user_pref("extensions.claro.instlRef", "sst");
Zeile gefunden : user_pref("extensions.claro.prdct", "claro");
Zeile gefunden : user_pref("extensions.claro.prtnrId", "claro");
Zeile gefunden : user_pref("extensions.claro.rvrt", "false");
Zeile gefunden : user_pref("extensions.claro.tlbrId", "base");
Zeile gefunden : user_pref("extensions.claro.tlbrSrchUrl", "");
Zeile gefunden : user_pref("extensions.claro.vrsn", "1.8.8.5");
Zeile gefunden : user_pref("extensions.claro.vrsni", "1.8.8.5");
Zeile gefunden : user_pref("extensions.claro_i.excTlbr", false);
Zeile gefunden : user_pref("extensions.claro_i.newTab", false);
Zeile gefunden : user_pref("extensions.claro_i.smplGrp", "none");
Zeile gefunden : user_pref("extensions.claro_i.vrsnTs", "1.8.8.517:17:59");
Zeile gefunden : user_pref("extensions.crossrider.bic", "1435082bf2136dd4e09256eee2962619");
Zeile gefunden : user_pref("extensions.wajam.affiliate_id", "8752");
Zeile gefunden : user_pref("extensions.wajam.firstrun", "false");
Zeile gefunden : user_pref("extensions.wajam.install_timestamp", "1388604291");
Zeile gefunden : user_pref("extensions.wajam.landing_page_done", "true");
Zeile gefunden : user_pref("extensions.wajam.landing_page_on_first_run", "true");
Zeile gefunden : user_pref("extensions.wajam.log_send_info", "false");
Zeile gefunden : user_pref("extensions.wajam.machine_id", "2B55764164CF744F1A6452B8CDBBD8A6");
Zeile gefunden : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"update_interval\":911,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"update_url\":\"hxxp:\\/\\/www.wajam.com\\/addon\\/m[...]
Zeile gefunden : user_pref("extensions.wajam.no_trace", "false");
Zeile gefunden : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Zeile gefunden : user_pref("extensions.wajam.trace_log", "1388600696037 - onFlagInfoReceived - JSON Received: {\"unique_id\":\"4E5ADB4D4C6AAB8E917258BE4E2C713F\",\"urls_mapping_version\":\"0.21087\",\"send_debug_info\[...]
Zeile gefunden : user_pref("extensions.wajam.unique_id", "4E5ADB4D4C6AAB8E917258BE4E2C713F");
Zeile gefunden : user_pref("extensions.wajam.user_current_mapping_version", "0");
Zeile gefunden : user_pref("extensions.wajam.version", "1.27");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.SOFTONICREFRESHRATE", "140000");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
Zeile gefunden : user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.SOFTONICREFRESHRATE", "140000");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "0");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1375308995571");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1375050596729");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1375308995618");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1375311997513");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1375308995623");
Zeile gefunden : user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent134", "1375288513082");
*************************
AdwCleaner[R0].txt - [19536 octets] - [19/08/2014 22:04:14]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [19597 octets] ##########
AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.307 - Bericht erstellt am 19/08/2014 um 22:08:11
# Aktualisiert 17/08/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Lukas - LUKAS-PC
# Gestartet von : C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17239
-\\ Mozilla Firefox v31.0 (x86 de)
[ Datei : C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [20568 octets] - [19/08/2014 22:04:14]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [20629 octets] ##########
und hier ein frisches FRST FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Lukas (administrator) on LUKAS-PC on 19-08-2014 22:40:18
Running from C:\Users\Lukas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) F:\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) F:\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Thisisu) C:\Users\Lukas\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoccatIsku] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
IFEO\taskmgr.exe: [Debugger] "F:\TASKNEU\PROCESSEXPLORER\PROCEXP.EXE"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84EBF4972A10CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default
FF DefaultSearchEngine: Startpage (SSL)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lukas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> F:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: GFACE Experience Plugin - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: YouTube Unblocker - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: YouTube Center - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-10-24]
FF Extension: Flagfox - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: NoScript - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-24]
FF Extension: {b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25} - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25}.xpi [2014-04-19]
FF Extension: SkypeConverter - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{c683a396-4b39-47a4-8598-31b999693be8}.xpi [2014-04-22]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-24]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 Hamachi2Svc; F:\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R2 HiPatchService; F:\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-04] (DT Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\F:\Garena Plus\Room\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 22:40 - 2014-08-19 22:40 - 00016959 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:04 - 2014-08-19 22:10 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:04 - 2014-08-19 22:08 - 00020710 _____ () C:\Users\Lukas\Desktop\AdwCleaner[R0].txt
2014-08-19 22:02 - 2014-08-19 22:02 - 00006331 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-08-19 21:59 - 2014-08-19 22:35 - 00012922 _____ () C:\Windows\PFRO.log
2014-08-19 21:59 - 2014-08-19 22:35 - 00000504 _____ () C:\Windows\setupact.log
2014-08-19 21:59 - 2014-08-19 21:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-19 21:46 - 2014-08-19 22:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-19 21:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 21:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:50 - 2014-08-19 22:35 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 00:49 - 2014-08-19 22:35 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-19 00:49 - 2014-08-19 00:53 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:26 - 00023578 _____ () C:\ComboFix.txt
2014-08-19 00:08 - 2014-08-19 00:26 - 00000000 ____D () C:\Qoobox
2014-08-19 00:08 - 2014-08-19 00:25 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:07 - 2014-08-18 22:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:33 - 2014-08-19 22:40 - 00000000 ____D () C:\FRST
2014-08-17 18:32 - 2014-08-17 18:33 - 02101760 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 21:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 21:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 21:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 21:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 21:52 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 21:52 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:52 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 21:52 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 21:52 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 21:52 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 21:52 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 21:52 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 21:52 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 21:52 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 21:52 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 21:52 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 21:52 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 21:52 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 21:52 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 21:52 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 21:52 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:52 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:52 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:52 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:52 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 21:52 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 21:52 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 21:52 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 21:52 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 21:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 21:52 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 21:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 21:51 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 21:51 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-02 23:32 - 2014-08-06 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-02 23:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 23:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 23:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 23:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 23:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 23:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 03:46 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:33 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-29 18:31 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-29 18:31 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-29 12:50 - 2014-07-29 12:50 - 00001456 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 12:50 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 12:49 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 12:49 - 2014-07-29 12:50 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 12:49 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-07-24 00:01 - 2014-07-24 00:09 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 19:34 - 2014-07-23 19:34 - 00000000 ___RD () C:\Sandbox
2014-07-23 19:27 - 2014-07-23 19:35 - 00002548 _____ () C:\Windows\Sandboxie.ini
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-22 13:03 - 2014-07-23 15:53 - 00000000 ____D () C:\Users\Lukas\Documents\ProfileCache
2014-07-22 13:03 - 2014-07-23 15:51 - 00000000 ____D () C:\Users\Lukas\Documents\The Crew
2014-07-22 13:02 - 2014-07-22 13:02 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Ubisoft
2014-07-22 12:15 - 2014-07-22 12:15 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 12:15 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 20:31 - 2014-07-21 20:31 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Guild Wars 2
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-19 22:40 - 2014-08-19 22:40 - 00016959 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-19 22:40 - 2014-08-17 18:33 - 00000000 ____D () C:\FRST
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:35 - 2014-08-19 21:59 - 00012922 _____ () C:\Windows\PFRO.log
2014-08-19 22:35 - 2014-08-19 21:59 - 00000504 _____ () C:\Windows\setupact.log
2014-08-19 22:35 - 2014-08-19 00:50 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 22:35 - 2014-08-19 00:49 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-19 22:35 - 2012-12-20 13:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-19 22:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 22:35 - 2009-07-14 06:45 - 00341712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-19 22:34 - 2012-12-20 13:10 - 02072136 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 22:17 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 22:17 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 22:16 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 22:16 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 22:16 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:10 - 2014-08-19 22:04 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:08 - 2014-08-19 22:04 - 00020710 _____ () C:\Users\Lukas\Desktop\AdwCleaner[R0].txt
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:05 - 2012-12-21 19:36 - 00000000 ____D () C:\Users\Lukas
2014-08-19 22:02 - 2014-08-19 22:02 - 00006331 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-08-19 22:00 - 2014-08-19 21:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:59 - 2014-08-19 21:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-19 21:59 - 2013-01-24 18:08 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-08-19 21:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 21:19 - 2012-12-24 01:19 - 00000000 ___RD () C:\Users\Lukas\Desktop\Spiele
2014-08-19 21:18 - 2013-01-06 00:40 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Apps\2.0
2014-08-19 00:53 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:26 - 00023578 _____ () C:\ComboFix.txt
2014-08-19 00:26 - 2014-08-19 00:08 - 00000000 ____D () C:\Qoobox
2014-08-19 00:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-19 00:25 - 2014-08-19 00:08 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-19 00:10 - 2014-01-02 22:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 22:19 - 2014-08-18 20:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-18 18:46 - 2013-06-18 17:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-18 16:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 14:20 - 2012-12-24 18:33 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-08-18 14:20 - 2012-12-24 18:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:33 - 2014-08-17 18:32 - 02101760 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 18:16 - 2014-01-07 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-17 18:05 - 2012-12-21 21:10 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-17 17:59 - 2013-06-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:58 - 2013-07-24 11:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:56 - 2012-12-21 20:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 21:49 - 2012-12-24 01:24 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TS3Client
2014-08-15 21:48 - 2013-01-31 17:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Spotify
2014-08-15 20:17 - 2013-01-31 17:42 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Spotify
2014-08-15 16:10 - 2012-12-21 20:02 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-15 01:20 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Game Dev Tycoon - Steam
2014-08-12 18:37 - 2012-12-21 21:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 20:58 - 2012-12-27 22:06 - 00000000 ____D () C:\Users\Lukas\Documents\My Games
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-06 15:14 - 2014-08-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-03 20:33 - 2014-04-09 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Nitro PDF
2014-08-02 07:57 - 2013-09-13 00:11 - 00000000 ____D () C:\Users\Lukas\Desktop\Herunterfahren
2014-08-01 20:54 - 2013-01-19 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-15 21:52 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-15 21:52 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 15:44 - 2013-03-13 14:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-31 15:44 - 2013-03-13 14:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 03:46 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:34 - 2012-12-20 13:25 - 00000000 ____D () C:\Temp
2014-07-29 18:34 - 2012-12-20 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-29 18:33 - 2012-12-20 13:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-29 18:32 - 2012-12-20 13:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-29 18:29 - 2014-01-22 21:22 - 00000000 ____D () C:\Users\Lukas\AppData\Local\NVIDIA Corporation
2014-07-29 12:50 - 2014-07-29 12:50 - 00001456 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 12:50 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 12:50 - 2014-07-29 12:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 12:50 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 12:49 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-07-29 12:41 - 2013-03-13 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 03:46 - 2013-07-23 22:33 - 00000000 ____D () C:\Users\Lukas\Desktop\ksbot_1.1.3
2014-07-25 16:52 - 2014-08-15 21:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-15 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-15 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-15 21:52 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:50 - 2014-06-02 15:14 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-25 15:50 - 2014-06-02 15:14 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 15:50 - 2014-01-22 21:22 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-25 15:50 - 2014-01-22 21:22 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-25 15:30 - 2014-08-15 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-15 21:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-15 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-15 21:52 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-15 21:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-15 21:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-15 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-15 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-15 21:52 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-15 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-15 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-15 21:52 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-15 21:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-15 21:52 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-15 21:52 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-15 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-15 21:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-15 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-15 21:52 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-15 21:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-15 21:52 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-15 21:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-15 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-15 21:52 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-15 21:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-15 21:52 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-15 21:52 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-15 21:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-15 21:52 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-15 21:52 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-15 21:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-15 21:52 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-15 21:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-15 21:52 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-15 21:52 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-15 21:52 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-15 21:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-15 21:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-15 21:52 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-15 21:52 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-15 21:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-15 21:52 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-15 21:52 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-15 21:52 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-15 21:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-15 21:52 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-15 21:52 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-15 21:52 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-15 21:52 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-15 21:52 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 00:09 - 2014-07-24 00:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 19:35 - 2014-07-23 19:27 - 00002548 _____ () C:\Windows\Sandboxie.ini
2014-07-23 19:34 - 2014-07-23 19:34 - 00000000 ___RD () C:\Sandbox
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-23 15:53 - 2014-07-22 13:03 - 00000000 ____D () C:\Users\Lukas\Documents\ProfileCache
2014-07-23 15:51 - 2014-07-22 13:03 - 00000000 ____D () C:\Users\Lukas\Documents\The Crew
2014-07-22 13:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-22 13:02 - 2014-07-22 13:02 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Ubisoft
2014-07-22 12:21 - 2013-10-28 14:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 12:15 - 2014-07-22 12:15 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 12:15 - 2013-06-23 02:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-22 08:23 - 2013-12-11 18:59 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-07-21 20:31 - 2014-07-21 20:31 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Guild Wars 2
2014-07-21 20:31 - 2013-01-15 16:38 - 00000000 ____D () C:\Users\Lukas\Documents\Guild Wars 2
2014-07-20 22:15 - 2014-07-14 02:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Tropico 5
Files to move or delete:
====================
C:\Users\Lukas\jagex_cl_runescape_LIVE.dat
C:\Users\Lukas\random.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-18 16:09
==================== End Of Log ============================
--- --- --- |
|
20.08.2014, 11:01
| #8 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im HintergrundESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.08.2014, 13:12
| #9 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Das Problem besteht leider noch weiterhin Hier das erste Logfile Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=d7d15f46e216504785c03c8145545c5f
# engine=19745
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-08-20 05:04:50
# local_time=2014-08-20 07:04:50 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777213 100 100 34718 95688274 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 262723 160184140 0 0
# scanned=861147
# found=0
# cleaned=0
# scan_time=17704
Code:
ATTFilter Results of screen317's Security Check version 0.99.87
x64
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
AVG AntiVirus Free Edition 2014
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 65
Java version out of Date!
Adobe Flash Player 14.0.0.179
Mozilla Firefox (31.0)
Mozilla Thunderbird (17.0.)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-08-2014 04
Ran by Lukas (administrator) on LUKAS-PC on 20-08-2014 19:24:19
Running from C:\Users\Lukas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) F:\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) F:\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgui.exe
(Sysinternals - www.sysinternals.com) F:\Taskneu\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoccatIsku] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => F:\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-180031569-961694194-23704048-1001\...\Run: [Spotify Web Helper] => C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-17] (Spotify Ltd)
IFEO\taskmgr.exe: [Debugger] "F:\TASKNEU\PROCESSEXPLORER\PROCEXP.EXE"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84EBF4972A10CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default
FF DefaultSearchEngine: Startpage (SSL)
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lukas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> F:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\abs@avira.com [2014-08-19]
FF Extension: GFACE Experience Plugin - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: YouTube Unblocker - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: YouTube Center - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-10-24]
FF Extension: Flagfox - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: NoScript - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-24]
FF Extension: {b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25} - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25}.xpi [2014-04-19]
FF Extension: SkypeConverter - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{c683a396-4b39-47a4-8598-31b999693be8}.xpi [2014-04-22]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-24]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; F:\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; F:\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 Hamachi2Svc; F:\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R2 HiPatchService; F:\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-03] ()
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-04] (DT Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\F:\Garena Plus\Room\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 19:24 - 2014-08-20 19:24 - 00018867 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-20 14:34 - 2014-08-20 14:34 - 00854417 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-08-20 14:05 - 2014-08-20 14:05 - 02347384 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2014-08-19 22:56 - 2014-08-19 22:56 - 00000646 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ___HD () C:\$AVG
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:04 - 2014-08-19 22:10 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:04 - 2014-08-19 22:08 - 00020710 _____ () C:\Users\Lukas\Desktop\AdwCleaner[R0].txt
2014-08-19 22:02 - 2014-08-19 22:02 - 00006331 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-08-19 21:46 - 2014-08-19 22:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-19 21:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 21:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:50 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 00:49 - 2014-08-20 09:26 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-19 00:49 - 2014-08-19 00:53 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:26 - 00023578 _____ () C:\ComboFix.txt
2014-08-19 00:08 - 2014-08-19 00:26 - 00000000 ____D () C:\Qoobox
2014-08-19 00:08 - 2014-08-19 00:25 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:07 - 2014-08-18 22:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:33 - 2014-08-20 19:24 - 00000000 ____D () C:\FRST
2014-08-17 18:32 - 2014-08-17 18:33 - 02101760 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 21:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 21:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 21:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 21:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 21:52 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 21:52 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:52 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 21:52 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 21:52 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 21:52 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 21:52 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 21:52 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 21:52 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 21:52 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 21:52 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 21:52 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 21:52 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 21:52 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 21:52 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 21:52 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 21:52 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:52 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:52 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:52 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:52 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 21:52 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 21:52 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 21:52 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 21:52 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 21:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 21:52 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 21:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 21:51 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 21:51 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-02 23:32 - 2014-08-06 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-02 23:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 23:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 23:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 23:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 23:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 23:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-31 03:46 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:33 - 2014-07-02 19:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-07-29 18:31 - 2014-07-02 22:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-07-29 18:31 - 2014-07-02 22:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-07-29 18:31 - 2014-07-02 22:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-07-29 12:50 - 2014-07-29 12:50 - 00001456 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 12:50 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 12:49 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 12:49 - 2014-07-29 12:50 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 12:49 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-07-24 00:01 - 2014-07-24 00:09 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 19:34 - 2014-07-23 19:34 - 00000000 ___RD () C:\Sandbox
2014-07-23 19:27 - 2014-07-23 19:35 - 00002548 _____ () C:\Windows\Sandboxie.ini
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-22 13:03 - 2014-07-23 15:53 - 00000000 ____D () C:\Users\Lukas\Documents\ProfileCache
2014-07-22 13:03 - 2014-07-23 15:51 - 00000000 ____D () C:\Users\Lukas\Documents\The Crew
2014-07-22 13:02 - 2014-07-22 13:02 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Ubisoft
2014-07-22 12:15 - 2014-07-22 12:15 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 12:15 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-07-21 20:31 - 2014-07-21 20:31 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Guild Wars 2
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-20 19:25 - 2014-08-20 19:24 - 00018867 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-20 19:24 - 2014-08-17 18:33 - 00000000 ____D () C:\FRST
2014-08-20 18:08 - 2013-12-11 18:59 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-20 17:59 - 2013-01-31 17:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Spotify
2014-08-20 17:29 - 2013-01-31 17:42 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Spotify
2014-08-20 17:21 - 2012-12-20 13:10 - 02089732 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 14:34 - 2014-08-20 14:34 - 00854417 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-08-20 14:05 - 2014-08-20 14:05 - 02347384 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2014-08-20 09:26 - 2014-08-19 00:49 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-20 00:59 - 2013-01-24 18:08 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-08-19 22:56 - 2014-08-19 22:56 - 00000646 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ___HD () C:\$AVG
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 22:56 - 2014-08-19 00:50 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 22:42 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-19 22:42 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:35 - 2012-12-20 13:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-19 22:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-19 22:35 - 2009-07-14 06:45 - 00341712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-19 22:16 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 22:16 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 22:16 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:10 - 2014-08-19 22:04 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:08 - 2014-08-19 22:04 - 00020710 _____ () C:\Users\Lukas\Desktop\AdwCleaner[R0].txt
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:05 - 2012-12-21 19:36 - 00000000 ____D () C:\Users\Lukas
2014-08-19 22:02 - 2014-08-19 22:02 - 00006331 _____ () C:\Users\Lukas\Desktop\mbam.txt
2014-08-19 22:00 - 2014-08-19 21:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 21:19 - 2012-12-24 01:19 - 00000000 ___RD () C:\Users\Lukas\Desktop\Spiele
2014-08-19 21:18 - 2013-01-06 00:40 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Apps\2.0
2014-08-19 00:53 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:26 - 00023578 _____ () C:\ComboFix.txt
2014-08-19 00:26 - 2014-08-19 00:08 - 00000000 ____D () C:\Qoobox
2014-08-19 00:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-19 00:25 - 2014-08-19 00:08 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-19 00:10 - 2014-01-02 22:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 22:19 - 2014-08-18 20:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-18 18:46 - 2013-06-18 17:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-18 16:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-18 14:20 - 2012-12-24 18:33 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-08-18 14:20 - 2012-12-24 18:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:33 - 2014-08-17 18:32 - 02101760 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 18:16 - 2014-01-07 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-17 18:05 - 2012-12-21 21:10 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-17 17:59 - 2013-06-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:58 - 2013-07-24 11:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:56 - 2012-12-21 20:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 21:49 - 2012-12-24 01:24 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TS3Client
2014-08-15 16:10 - 2012-12-21 20:02 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-15 01:20 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Game Dev Tycoon - Steam
2014-08-12 18:37 - 2012-12-21 21:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 20:58 - 2012-12-27 22:06 - 00000000 ____D () C:\Users\Lukas\Documents\My Games
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-06 15:14 - 2014-08-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-03 20:33 - 2014-04-09 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Nitro PDF
2014-08-02 07:57 - 2013-09-13 00:11 - 00000000 ____D () C:\Users\Lukas\Desktop\Herunterfahren
2014-08-01 20:54 - 2013-01-19 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-15 21:52 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-15 21:52 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-31 15:44 - 2013-03-13 14:56 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-31 15:44 - 2013-03-13 14:56 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-31 03:46 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 18:34 - 2012-12-20 13:25 - 00000000 ____D () C:\Temp
2014-07-29 18:34 - 2012-12-20 13:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-07-29 18:33 - 2012-12-20 13:14 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-29 18:32 - 2012-12-20 13:13 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-29 18:29 - 2014-01-22 21:22 - 00000000 ____D () C:\Users\Lukas\AppData\Local\NVIDIA Corporation
2014-07-29 12:50 - 2014-07-29 12:50 - 00001456 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-29 12:50 - 2014-07-29 12:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-29 12:50 - 2014-07-29 12:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-29 12:50 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iTunes
2014-07-29 12:49 - 2014-07-29 12:49 - 00000000 ____D () C:\Program Files\iPod
2014-07-29 12:41 - 2013-03-13 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-28 03:46 - 2013-07-23 22:33 - 00000000 ____D () C:\Users\Lukas\Desktop\ksbot_1.1.3
2014-07-25 16:52 - 2014-08-15 21:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-25 16:02 - 2014-08-15 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-25 16:01 - 2014-08-15 21:52 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-25 15:51 - 2014-08-15 21:52 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-25 15:50 - 2014-06-02 15:14 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-07-25 15:50 - 2014-06-02 15:14 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-07-25 15:50 - 2014-01-22 21:22 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-07-25 15:50 - 2014-01-22 21:22 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-07-25 15:30 - 2014-08-15 21:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-25 15:28 - 2014-08-15 21:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-25 15:28 - 2014-08-15 21:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-25 15:25 - 2014-08-15 21:52 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-25 15:25 - 2014-08-15 21:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-25 15:11 - 2014-08-15 21:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-25 15:10 - 2014-08-15 21:52 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-25 15:04 - 2014-08-15 21:52 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-25 15:03 - 2014-08-15 21:52 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-25 15:00 - 2014-08-15 21:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-25 15:00 - 2014-08-15 21:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-25 14:59 - 2014-08-15 21:52 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-25 14:47 - 2014-08-15 21:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-25 14:40 - 2014-08-15 21:52 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-25 14:34 - 2014-08-15 21:52 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-25 14:34 - 2014-08-15 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-25 14:33 - 2014-08-15 21:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-25 14:30 - 2014-08-15 21:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-25 14:28 - 2014-08-15 21:52 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-25 14:28 - 2014-08-15 21:52 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-25 14:21 - 2014-08-15 21:52 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-25 14:19 - 2014-08-15 21:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-25 14:18 - 2014-08-15 21:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-25 14:17 - 2014-08-15 21:52 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-25 14:17 - 2014-08-15 21:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-25 14:12 - 2014-08-15 21:52 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-25 14:10 - 2014-08-15 21:52 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-25 14:10 - 2014-08-15 21:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-25 14:08 - 2014-08-15 21:52 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-25 14:06 - 2014-08-15 21:52 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-25 13:52 - 2014-08-15 21:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-25 13:47 - 2014-08-15 21:52 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-25 13:43 - 2014-08-15 21:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-25 13:42 - 2014-08-15 21:52 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-25 13:39 - 2014-08-15 21:52 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-25 13:39 - 2014-08-15 21:52 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-25 13:36 - 2014-08-15 21:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-25 13:34 - 2014-08-15 21:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-25 13:29 - 2014-08-15 21:52 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-25 13:23 - 2014-08-15 21:52 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-25 13:13 - 2014-08-15 21:52 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-25 13:07 - 2014-08-15 21:52 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-25 13:07 - 2014-08-15 21:52 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-25 13:03 - 2014-08-15 21:52 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-25 12:52 - 2014-08-15 21:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-25 12:26 - 2014-08-15 21:52 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-25 12:17 - 2014-08-15 21:52 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-25 12:09 - 2014-08-15 21:52 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-25 12:05 - 2014-08-15 21:52 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-25 12:00 - 2014-08-15 21:52 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 00:09 - 2014-07-24 00:01 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Meine Die Schlacht um Mittelerde™ II-Dateien
2014-07-23 19:35 - 2014-07-23 19:27 - 00002548 _____ () C:\Windows\Sandboxie.ini
2014-07-23 19:34 - 2014-07-23 19:34 - 00000000 ___RD () C:\Sandbox
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-07-23 18:48 - 2014-07-23 18:48 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-07-23 15:53 - 2014-07-22 13:03 - 00000000 ____D () C:\Users\Lukas\Documents\ProfileCache
2014-07-23 15:51 - 2014-07-22 13:03 - 00000000 ____D () C:\Users\Lukas\Documents\The Crew
2014-07-22 13:03 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-22 13:02 - 2014-07-22 13:02 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Ubisoft
2014-07-22 12:21 - 2013-10-28 14:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-22 12:15 - 2014-07-22 12:15 - 00004623 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_65-b20.log
2014-07-22 12:15 - 2013-06-23 02:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-07-21 20:31 - 2014-07-21 20:31 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Guild Wars 2
2014-07-21 20:31 - 2013-01-15 16:38 - 00000000 ____D () C:\Users\Lukas\Documents\Guild Wars 2
Files to move or delete:
====================
C:\Users\Lukas\jagex_cl_runescape_LIVE.dat
C:\Users\Lukas\random.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-18 16:09
==================== End Of Log ============================
--- --- --- Ich habe eine externe Festplatte angeschlossen, also wenn ich meinen PC neu aufsetze könnte sich der Virus in der externen verstecken? Geändert von Sctman (20.08.2014 um 18:26 Uhr) |
|
22.08.2014, 13:17
| #10 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund Nee die sollte sicher sein. Wieviele Tabs des IE waren offen als Du FRST gemacht hast? Java updatne. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.08.2014, 21:07
| #11 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Entschuldigung aber ich kann bis zum 31. August nicht mehr an den PC hier. Ich melde mich dann später gruß Sctman |
|
23.08.2014, 16:41
| #12 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2014, 13:43
| #13 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Wieviele Tabs offen waren weiß ich jetzt leider nicht mehr aber hier ist ein log von FSS Code:
ATTFilter Farbar Service Scanner Version: 21-07-2014
Ran by Lukas (administrator) on 31-08-2014 at 14:41:12
Running from "C:\Users\Lukas\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.
Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\SDRSVC.dll => File is digitally signed
C:\Windows\System32\vssvc.exe => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
**** End of log ****
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014
Ran by Lukas (administrator) on LUKAS-PC on 31-08-2014 14:52:36
Running from C:\Users\Lukas\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgwdsvc.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) F:\Hi-Rez Studios\HiPatchService.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgemca.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgrsa.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.exe
(ROCCAT GmbH) C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgui.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) F:\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\loggingserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) F:\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) F:\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sysinternals - www.sysinternals.com) F:\Taskneu\ProcessExplorer\procexp.exe
(Sysinternals - www.sysinternals.com) C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
(Valve Corporation) F:\Steam\Steam.exe
(Valve Corporation) F:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) F:\Steam\bin\steamwebhelper.exe
() F:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) F:\Steam\GameOverlayUI.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6468712 2012-03-20] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoccatIsku] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Isku Keyboard\IskuMonitor.EXE [542560 2012-11-09] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatKone+] => C:\Users\Lukas\Downloads\Tools\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [552960 2011-07-12] (ROCCAT GmbH)
HKLM-x32\...\Run: [AVG_UI] => F:\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2680344 2014-08-21] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-180031569-961694194-23704048-1001\...\Run: [Spotify Web Helper] => C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1178168 2014-07-17] (Spotify Ltd)
IFEO\taskmgr.exe: [Debugger] "F:\TASKNEU\PROCESSEXPLORER\PROCEXP.EXE"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x84EBF4972A10CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\3.2.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default
FF DefaultSearchEngine: Startpage (SSL)
FF SelectedSearchEngine: Startpage (SSL)
FF Homepage: https://mysearch.avg.com?cid={0AD14F67-F534-4502-BC19-6CC463CA048D}&mid=0a482b91193847d2af4d6d4c05ea62f3-1da56f1b2d98c9bf287923e5d312cc0311e6d429&lang=de&ds=AVG&coid=avgtbavg&pr=fr&d=2014-08-21 11:21:41&v=3.2.0.14&pid=wtu&sg=&sap=hp
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> F:\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\3.2.0\\npsitesafety.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Lukas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> F:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\searchplugins\startpage-ssl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\abs@avira.com [2014-08-31]
FF Extension: AVG Web TuneUp - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\avg@toolbar [2014-08-21]
FF Extension: GFACE Experience Plugin - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\cryenginebrowserplugin@crytek.com [2013-11-07]
FF Extension: No Name - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\staged [2014-08-31]
FF Extension: YouTube Unblocker - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\youtubeunblocker@unblocker.yt [2014-06-21]
FF Extension: YouTube Center - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\jid1-cwbvBTE216jjpg@jetpack.xpi [2013-10-24]
FF Extension: Flagfox - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-03-08]
FF Extension: NoScript - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-12-24]
FF Extension: {b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25} - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{b812ff8f-b1a0-41ce-ac1e-4ce36a2dee25}.xpi [2014-04-19]
FF Extension: SkypeConverter - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{c683a396-4b39-47a4-8598-31b999693be8}.xpi [2014-04-22]
FF Extension: Adblock Plus - C:\Users\Lukas\AppData\Roaming\Mozilla\Firefox\Profiles\2r9nywa2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-12-24]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; F:\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; F:\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
R2 Hamachi2Svc; F:\LogMeIn Hamachi\hamachi-2.exe [2544976 2014-07-21] (LogMeIn Inc.)
R2 HiPatchService; F:\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [163608 2012-03-06] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5124464 2012-12-16] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-21] ()
R2 vToolbarUpdater3.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe [1843736 2014-08-21] (AVG Secure Search)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-21] (AVG Technologies)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-04] (DT Soft Ltd)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S0 sfdrv01a; C:\Windows\System32\drivers\sfdrv01a.sys [77688 2006-07-05] (Protection Technology (StarForce))
S0 sfsync02; C:\Windows\System32\drivers\sfsync02.sys [22936 2006-07-10] (Protection Technology)
R0 sfvfs02; C:\Windows\System32\drivers\sfvfs02.sys [106360 2007-01-12] (Protection Technology (StarForce))
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz134; \??\C:\Users\Administrator\Desktop\Install_Test\MIFcom\Support\pcwiz_x64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\F:\Garena Plus\Room\safedrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 14:52 - 2014-08-31 14:52 - 00020844 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-31 14:52 - 2014-08-31 14:52 - 00000000 ____D () C:\Users\Lukas\Downloads\FRST-OlderVersion
2014-08-31 14:41 - 2014-08-31 14:41 - 00002757 _____ () C:\Users\Lukas\Desktop\FSS.txt
2014-08-31 14:31 - 2014-08-31 14:31 - 00415232 _____ (Farbar) C:\Users\Lukas\Desktop\FSS.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-21 11:21 - 2014-08-21 17:43 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-21 11:21 - 2014-08-21 16:24 - 00000000 ____D () C:\Users\Lukas\AppData\Local\AVG Web TuneUp
2014-08-21 11:21 - 2014-08-21 11:21 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-08-20 22:48 - 2014-08-31 11:08 - 00000840 _____ () C:\Windows\setupact.log
2014-08-20 22:48 - 2014-08-20 22:48 - 00000826 _____ () C:\Windows\PFRO.log
2014-08-20 22:48 - 2014-08-20 22:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-20 14:34 - 2014-08-20 14:34 - 00854417 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-08-20 14:05 - 2014-08-20 14:05 - 02347384 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2014-08-19 22:56 - 2014-08-19 22:56 - 00000646 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ___HD () C:\$AVG
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:04 - 2014-08-19 22:10 - 00000000 ____D () C:\AdwCleaner
2014-08-19 21:46 - 2014-08-19 22:00 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-19 21:46 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-19 21:46 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:50 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 00:49 - 2014-08-31 11:14 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-19 00:49 - 2014-08-19 00:53 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:26 - 00023578 _____ () C:\ComboFix.txt
2014-08-19 00:08 - 2014-08-19 00:26 - 00000000 ____D () C:\Qoobox
2014-08-19 00:08 - 2014-08-19 00:25 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-08-19 00:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-08-19 00:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-08-19 00:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:07 - 2014-08-18 22:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:33 - 2014-08-31 14:52 - 00000000 ____D () C:\FRST
2014-08-17 18:32 - 2014-08-31 14:52 - 02104320 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:53 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 21:53 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 21:53 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 21:53 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 21:53 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 21:53 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 21:52 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 21:52 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:52 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 21:52 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 21:52 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 21:52 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 21:52 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 21:52 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 21:52 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 21:52 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 21:52 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 21:52 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 21:52 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 21:52 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 21:52 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 21:52 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 21:52 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 21:52 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 21:52 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 21:52 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 21:52 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 21:52 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 21:52 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:52 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:52 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 21:52 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 21:52 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:52 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:52 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:52 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:52 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:52 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 21:52 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:52 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:52 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 21:52 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:52 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:52 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 21:52 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 21:52 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 21:52 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 21:52 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 21:52 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 21:52 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 21:52 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 21:52 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 21:52 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 21:52 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 21:52 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 21:52 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 21:52 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 21:51 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 21:51 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-02 23:32 - 2014-08-06 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-02 23:00 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 23:00 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 23:00 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 23:00 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 23:00 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 23:00 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 23:00 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 23:00 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-08-31 14:52 - 2014-08-31 14:52 - 00020844 _____ () C:\Users\Lukas\Downloads\FRST.txt
2014-08-31 14:52 - 2014-08-31 14:52 - 00000000 ____D () C:\Users\Lukas\Downloads\FRST-OlderVersion
2014-08-31 14:52 - 2014-08-17 18:33 - 00000000 ____D () C:\FRST
2014-08-31 14:52 - 2014-08-17 18:32 - 02104320 _____ (Farbar) C:\Users\Lukas\Downloads\FRST64.exe
2014-08-31 14:41 - 2014-08-31 14:41 - 00002757 _____ () C:\Users\Lukas\Desktop\FSS.txt
2014-08-31 14:31 - 2014-08-31 14:31 - 00415232 _____ (Farbar) C:\Users\Lukas\Desktop\FSS.exe
2014-08-31 13:56 - 2012-12-21 21:10 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Skype
2014-08-31 11:28 - 2012-12-20 13:10 - 01140183 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 11:17 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-31 11:17 - 2009-07-14 06:45 - 00021664 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-31 11:14 - 2014-08-19 00:49 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-31 11:10 - 2013-01-24 18:08 - 00000000 ____D () C:\Users\Lukas\AppData\Local\LogMeIn Hamachi
2014-08-31 11:08 - 2014-08-20 22:48 - 00000840 _____ () C:\Windows\setupact.log
2014-08-31 11:08 - 2012-12-20 13:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-31 11:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-31 02:26 - 2013-08-15 17:30 - 00000000 ____D () C:\ProgramData\Origin
2014-08-31 02:26 - 2012-12-24 01:24 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TS3Client
2014-08-31 02:17 - 2009-07-14 06:45 - 00341712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-22 22:37 - 2012-12-24 18:33 - 00000000 ____D () C:\Users\Lukas\AppData\Local\PMB Files
2014-08-22 22:37 - 2012-12-24 18:33 - 00000000 ____D () C:\ProgramData\PMB Files
2014-08-22 20:15 - 2014-02-06 14:35 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Game Dev Tycoon - Steam
2014-08-21 23:33 - 2012-12-22 00:43 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-21 23:33 - 2012-12-22 00:43 - 00297088 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-21 23:33 - 2012-12-22 00:43 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-21 23:28 - 2012-12-22 00:43 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-21 17:43 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-08-21 16:24 - 2014-08-21 11:21 - 00000000 ____D () C:\Users\Lukas\AppData\Local\AVG Web TuneUp
2014-08-21 14:40 - 2014-08-21 14:40 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-21 14:40 - 2014-08-21 14:40 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-21 14:40 - 2013-10-28 14:36 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-21 14:40 - 2013-06-23 02:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-21 11:21 - 2014-08-21 11:21 - 00050976 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Web TuneUp
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-08-21 11:21 - 2014-08-21 11:21 - 00000000 ____D () C:\Program Files (x86)\AVG Web TuneUp
2014-08-21 11:21 - 2014-07-31 03:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-21 03:29 - 2013-01-31 17:41 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Spotify
2014-08-20 22:52 - 2012-12-20 13:04 - 00000000 ____D () C:\Windows\Panther
2014-08-20 22:48 - 2014-08-20 22:48 - 00000826 _____ () C:\Windows\PFRO.log
2014-08-20 22:48 - 2014-08-20 22:48 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-20 18:08 - 2013-12-11 18:59 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Battle.net
2014-08-20 17:29 - 2013-01-31 17:42 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Spotify
2014-08-20 14:34 - 2014-08-20 14:34 - 00854417 _____ () C:\Users\Lukas\Desktop\SecurityCheck.exe
2014-08-20 14:05 - 2014-08-20 14:05 - 02347384 _____ (ESET) C:\Users\Lukas\Desktop\esetsmartinstaller_deu.exe
2014-08-19 22:56 - 2014-08-19 22:56 - 00000646 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ___HD () C:\$AVG
2014-08-19 22:56 - 2014-08-19 22:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-19 22:56 - 2014-08-19 00:50 - 00000000 ____D () C:\ProgramData\AVG2014
2014-08-19 22:36 - 2014-08-19 22:36 - 01016261 _____ (Thisisu) C:\Users\Lukas\Downloads\JRT.exe
2014-08-19 22:16 - 2011-04-12 09:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-08-19 22:16 - 2011-04-12 09:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-08-19 22:16 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-19 22:12 - 2014-08-19 22:12 - 00000000 ____D () C:\Windows\ERUNT
2014-08-19 22:11 - 2014-08-19 22:11 - 01016261 _____ (Thisisu) C:\Users\Lukas\Desktop\JRT.exe
2014-08-19 22:10 - 2014-08-19 22:04 - 00000000 ____D () C:\AdwCleaner
2014-08-19 22:07 - 2014-08-19 22:07 - 01361671 _____ () C:\Users\Lukas\Desktop\adwcleaner_3.307.exe
2014-08-19 22:05 - 2012-12-21 19:36 - 00000000 ____D () C:\Users\Lukas
2014-08-19 22:00 - 2014-08-19 21:46 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-19 21:58 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-19 21:46 - 2014-08-19 21:46 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-19 21:46 - 2014-08-19 21:46 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-08-19 21:44 - 2014-08-19 21:44 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Lukas\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-19 21:19 - 2012-12-24 01:19 - 00000000 ___RD () C:\Users\Lukas\Desktop\Spiele
2014-08-19 21:18 - 2013-01-06 00:40 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Apps\2.0
2014-08-19 00:53 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Avg2014
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\TuneUp Software
2014-08-19 00:51 - 2014-08-19 00:51 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\AVG2014
2014-08-19 00:49 - 2014-08-19 00:49 - 00000000 ____D () C:\Users\Lukas\AppData\Local\MFAData
2014-08-19 00:48 - 2014-08-19 00:48 - 158049496 _____ (AVG Technologies) C:\Users\Lukas\Downloads\avg_free_x86_all_2014_4745a8017.exe
2014-08-19 00:26 - 2014-08-19 00:26 - 00023578 _____ () C:\ComboFix.txt
2014-08-19 00:26 - 2014-08-19 00:08 - 00000000 ____D () C:\Qoobox
2014-08-19 00:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-08-19 00:25 - 2014-08-19 00:08 - 00000000 ____D () C:\Windows\erdnt
2014-08-19 00:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-08-19 00:10 - 2014-01-02 22:00 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-18 23:49 - 2014-08-18 23:49 - 05572035 ____R (Swearware) C:\Users\Lukas\Desktop\ComboFix.exe
2014-08-18 23:49 - 2014-08-18 23:49 - 00003126 _____ () C:\Windows\System32\Tasks\{AA14186A-60C7-49CF-99D8-3DCCE7F0C6B4}
2014-08-18 22:20 - 2014-08-18 22:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Lukas\Downloads\revosetup95.exe
2014-08-18 22:20 - 2014-08-18 22:20 - 00000621 _____ () C:\Users\Lukas\Desktop\Revo Uninstaller.lnk
2014-08-18 22:19 - 2014-08-18 20:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-18 20:58 - 2014-08-18 20:58 - 00000000 ____D () C:\SUPERDelete
2014-08-18 20:53 - 2014-08-18 20:53 - 18841864 _____ (SUPERAntiSpyware) C:\Users\Lukas\Downloads\SUPERAntiSpyware.exe
2014-08-18 20:06 - 2014-08-18 20:06 - 16409960 _____ (Safer Networking Limited ) C:\Users\Lukas\Downloads\spybotsd162.exe
2014-08-18 18:46 - 2013-06-18 17:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\.minecraft
2014-08-18 16:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-17 18:46 - 2014-08-17 18:46 - 00000244 _____ () C:\Users\Lukas\Downloads\defogger_enable.log
2014-08-17 18:31 - 2014-08-17 18:31 - 00050477 _____ () C:\Users\Lukas\Downloads\Defogger.exe
2014-08-17 18:16 - 2014-01-07 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-08-17 17:59 - 2013-06-14 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-08-17 16:50 - 2014-08-17 16:50 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-08-17 00:18 - 2014-08-17 00:18 - 00000000 ____D () C:\Users\Lukas\AppData\Local\Risen3
2014-08-15 21:58 - 2013-07-24 11:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:56 - 2012-12-21 20:07 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 16:10 - 2012-12-21 20:02 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 16:05 - 2014-08-15 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-08-12 18:37 - 2012-12-21 21:09 - 00000000 ____D () C:\ProgramData\Skype
2014-08-08 20:58 - 2012-12-27 22:06 - 00000000 ____D () C:\Users\Lukas\Documents\My Games
2014-08-08 14:28 - 2014-08-08 14:28 - 08291518 _____ () C:\Users\Lukas\Downloads\SFBot_v2.0.1_win.zip
2014-08-08 14:18 - 2014-08-08 14:18 - 20844879 _____ () C:\Users\Lukas\Downloads\sfbot v2.1.0 - 2014.07 allserversfix by sedative.zip
2014-08-08 00:54 - 2014-08-08 00:54 - 00675988 _____ () C:\Users\Lukas\Downloads\Minecraft.exe
2014-08-06 15:14 - 2014-08-02 23:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craft the World
2014-08-05 09:20 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 23:24 - 2014-08-03 23:24 - 00055624 _____ () C:\Users\Lukas\Downloads\steam_api.zip
2014-08-03 20:33 - 2014-04-09 21:55 - 00000000 ____D () C:\Users\Lukas\AppData\Roaming\Nitro PDF
2014-08-02 07:57 - 2013-09-13 00:11 - 00000000 ____D () C:\Users\Lukas\Desktop\Herunterfahren
2014-08-01 20:54 - 2013-01-19 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 01:41 - 2014-08-15 21:52 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 01:16 - 2014-08-15 21:52 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
Files to move or delete:
====================
C:\Users\Lukas\jagex_cl_runescape_LIVE.dat
C:\Users\Lukas\random.dat
Some content of TEMP:
====================
C:\Users\Lukas\AppData\Local\Temp\install_flashplayer14x32axau_mssa_aaa_aih.exe
C:\Users\Lukas\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Lukas\AppData\Local\Temp\PROCEXP64.exe
C:\Users\Lukas\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-18 16:09
==================== End Of Log ============================
Geändert von Sctman (31.08.2014 um 13:54 Uhr) |
|
31.08.2014, 17:09
| #14 |
| /// the machine /// TB-Ausbilder | Internetexplorer öffnet mehrere prozesse im Hintergrund hi, Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2014, 20:45
| #15 |
| | Internetexplorer öffnet mehrere prozesse im Hintergrund Hier ist der text Code:
ATTFilter 21:41:27.0209 0x3768 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
21:41:30.0201 0x3768 ============================================================
21:41:30.0201 0x3768 Current date / time: 2014/08/31 21:41:30.0201
21:41:30.0201 0x3768 SystemInfo:
21:41:30.0201 0x3768
21:41:30.0201 0x3768 OS Version: 6.1.7601 ServicePack: 1.0
21:41:30.0201 0x3768 Product type: Workstation
21:41:30.0202 0x3768 ComputerName: LUKAS-PC
21:41:30.0202 0x3768 UserName: Lukas
21:41:30.0202 0x3768 Windows directory: C:\Windows
21:41:30.0202 0x3768 System windows directory: C:\Windows
21:41:30.0202 0x3768 Running under WOW64
21:41:30.0202 0x3768 Processor architecture: Intel x64
21:41:30.0202 0x3768 Number of processors: 8
21:41:30.0202 0x3768 Page size: 0x1000
21:41:30.0202 0x3768 Boot type: Normal boot
21:41:30.0202 0x3768 ============================================================
21:41:30.0871 0x3768 KLMD registered as C:\Windows\system32\drivers\35481340.sys
21:41:31.0155 0x3768 System UUID: {6B1A2F23-276C-A91F-D0A3-9D7F126AFD21}
21:41:31.0559 0x3768 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:41:31.0566 0x3768 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C0F00000 ( 1863.01 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:41:31.0580 0x3768 ============================================================
21:41:31.0580 0x3768 \Device\Harddisk0\DR0:
21:41:31.0581 0x3768 MBR partitions:
21:41:31.0581 0x3768 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
21:41:31.0581 0x3768 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x18FFF800
21:41:31.0581 0x3768 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x190AF000, BlocksNum 0x212D6800
21:41:31.0581 0x3768 \Device\Harddisk1\DR1:
21:41:31.0581 0x3768 MBR partitions:
21:41:31.0581 0x3768 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07000
21:41:31.0581 0x3768 ============================================================
21:41:31.0650 0x3768 C: <-> \Device\Harddisk0\DR0\Partition2
21:41:31.0669 0x3768 D: <-> \Device\Harddisk0\DR0\Partition3
21:41:31.0694 0x3768 F: <-> \Device\Harddisk1\DR1\Partition1
21:41:31.0722 0x3768 ============================================================
21:41:31.0722 0x3768 Initialize success
21:41:31.0723 0x3768 ============================================================
21:41:53.0238 0x34e0 ============================================================
21:41:53.0238 0x34e0 Scan started
21:41:53.0238 0x34e0 Mode: Manual; SigCheck; TDLFS;
21:41:53.0238 0x34e0 ============================================================
21:41:53.0238 0x34e0 KSN ping started
21:42:17.0669 0x34e0 KSN ping finished: true
21:42:19.0595 0x34e0 ================ Scan system memory ========================
21:42:19.0595 0x34e0 System memory - ok
21:42:19.0596 0x34e0 ================ Scan services =============================
21:42:19.0717 0x34e0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
21:42:19.0808 0x34e0 1394ohci - ok
21:42:19.0827 0x34e0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:42:19.0839 0x34e0 ACPI - ok
21:42:19.0851 0x34e0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
21:42:19.0894 0x34e0 AcpiPmi - ok
21:42:19.0929 0x34e0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:42:19.0944 0x34e0 adp94xx - ok
21:42:19.0978 0x34e0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:42:19.0989 0x34e0 adpahci - ok
21:42:20.0012 0x34e0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:42:20.0021 0x34e0 adpu320 - ok
21:42:20.0043 0x34e0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:42:20.0176 0x34e0 AeLookupSvc - ok
21:42:20.0240 0x34e0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
21:42:20.0295 0x34e0 AFD - ok
21:42:20.0314 0x34e0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
21:42:20.0330 0x34e0 agp440 - ok
21:42:20.0341 0x34e0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
21:42:20.0376 0x34e0 ALG - ok
21:42:20.0392 0x34e0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
21:42:20.0406 0x34e0 aliide - ok
21:42:20.0418 0x34e0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
21:42:20.0433 0x34e0 amdide - ok
21:42:20.0447 0x34e0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
21:42:20.0469 0x34e0 AmdK8 - ok
21:42:20.0476 0x34e0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
21:42:20.0498 0x34e0 AmdPPM - ok
21:42:20.0540 0x34e0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:42:20.0557 0x34e0 amdsata - ok
21:42:20.0570 0x34e0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:42:20.0586 0x34e0 amdsbs - ok
21:42:20.0589 0x34e0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:42:20.0598 0x34e0 amdxata - ok
21:42:20.0603 0x34e0 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
21:42:20.0735 0x34e0 AppID - ok
21:42:20.0746 0x34e0 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:42:20.0774 0x34e0 AppIDSvc - ok
21:42:20.0802 0x34e0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
21:42:20.0846 0x34e0 Appinfo - ok
21:42:20.0895 0x34e0 [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:42:20.0909 0x34e0 Apple Mobile Device - ok
21:42:20.0951 0x34e0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
21:42:20.0967 0x34e0 arc - ok
21:42:20.0980 0x34e0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:42:20.0990 0x34e0 arcsas - ok
21:42:21.0017 0x34e0 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:42:21.0055 0x34e0 aspnet_state - ok
21:42:21.0067 0x34e0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:42:21.0115 0x34e0 AsyncMac - ok
21:42:21.0146 0x34e0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
21:42:21.0156 0x34e0 atapi - ok
21:42:21.0191 0x34e0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:42:21.0235 0x34e0 AudioEndpointBuilder - ok
21:42:21.0247 0x34e0 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
21:42:21.0275 0x34e0 AudioSrv - ok
21:42:21.0300 0x34e0 [ CDE60914D4ED81291F0CCFDB2CA311B9, 414D9BFF4E7DA17194695CB99B9E7F82C1616F4C228E6E9087208D290B9ED64D ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
21:42:21.0312 0x34e0 Avgdiska - ok
21:42:21.0438 0x34e0 [ 76AB36635951D8C96B485C9F8DCE7DE1, 1F57E2D85A0E766F79DCAC2CD2BBCBFDFBF88982CC01C2399255218B3DE18164 ] AVGIDSAgent F:\AVG\AVG2014\avgidsagent.exe
21:42:21.0503 0x34e0 AVGIDSAgent - ok
21:42:21.0532 0x34e0 [ 50E7E80BB5F3E2BB0B48F3F7E17ED6B1, 4E254506E03C9DC7376D47267CC987B0D4D93C064310CC8BA6FB679542638298 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
21:42:21.0543 0x34e0 AVGIDSDriver - ok
21:42:21.0551 0x34e0 [ B0E4A1F342A3F8B75C4A4ADB044761C9, 208D033EE04206FEDFC99102025A53D53EF2D3FB373882776DE43D663BE9A01B ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
21:42:21.0560 0x34e0 AVGIDSHA - ok
21:42:21.0591 0x34e0 [ 5D115BF49AE159D4D7D1EBC640CB138F, F529FB749AB8098B657DEB4637B9B87FA2DE4806F37AC9257542B7E522BA487E ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
21:42:21.0601 0x34e0 Avgldx64 - ok
21:42:21.0635 0x34e0 [ 197F28711B4B71E6575E5298CCEDC737, 16B7A9E59CA5EF8241029E16408CC1DD77004B195C9FE0677DE35A723FCA3DB4 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
21:42:21.0647 0x34e0 Avgloga - ok
21:42:21.0660 0x34e0 [ D9CED15E158573DE1BB67330C4206763, 6EEA9932318434448E167600A10FCD4C9DC8225A958708484E3A6EC5EF570012 ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
21:42:21.0668 0x34e0 Avgmfx64 - ok
21:42:21.0691 0x34e0 [ C4F9056928B26BCAF15872E46B29184F, 0A1574937D120B8872947C4C68F1706BB9713B0D00AD62BE8082499C944114BA ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
21:42:21.0697 0x34e0 Avgrkx64 - ok
21:42:21.0719 0x34e0 [ 0971913995F5FAFD711B0B2426A175E9, 1009E628997B56697BA976E376A9E9D39082E7057D6EFF37D57FDCA2057B9498 ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
21:42:21.0730 0x34e0 Avgtdia - ok
21:42:21.0741 0x34e0 [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
21:42:21.0748 0x34e0 avgtp - ok
21:42:21.0783 0x34e0 [ 5A63285CC0D3323D720E0C518FE74CA3, D990A75CC5FAC5B68DA8515A519D2B5F6312E546E31D54E36CB98271C1B308F3 ] avgwd F:\AVG\AVG2014\avgwdsvc.exe
21:42:21.0807 0x34e0 avgwd - ok
21:42:21.0842 0x34e0 [ C6F4C466B654C1BE98AF31418BB5AC30, 62AA4456F8E22A6E508EB44DE4309615057117AAF923C13BBED15AA39630E76B ] AVM WLAN Connection Service C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
21:42:21.0865 0x34e0 AVM WLAN Connection Service - detected UnsignedFile.Multi.Generic ( 1 )
21:42:24.0214 0x34e0 Detect skipped due to KSN trusted
21:42:24.0214 0x34e0 AVM WLAN Connection Service - ok
21:42:24.0245 0x34e0 [ 1DC2F715792CF33428AD7993ACBD224D, 129FBD517E016914CD61C35894C0B9B2074E680F1EB21201597E5C13CAF4529F ] avmeject C:\Windows\system32\drivers\avmeject.sys
21:42:24.0259 0x34e0 avmeject - ok
21:42:24.0273 0x34e0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:42:24.0330 0x34e0 AxInstSV - ok
21:42:24.0357 0x34e0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:42:24.0411 0x34e0 b06bdrv - ok
21:42:24.0440 0x34e0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
21:42:24.0469 0x34e0 b57nd60a - ok
21:42:24.0491 0x34e0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
21:42:24.0512 0x34e0 BDESVC - ok
21:42:24.0521 0x34e0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
21:42:24.0548 0x34e0 Beep - ok
21:42:24.0593 0x34e0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
21:42:24.0625 0x34e0 BFE - ok
21:42:24.0654 0x34e0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
21:42:24.0766 0x34e0 BITS - ok
21:42:24.0806 0x34e0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
21:42:24.0826 0x34e0 blbdrive - ok
21:42:24.0862 0x34e0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:42:24.0889 0x34e0 Bonjour Service - ok
21:42:24.0897 0x34e0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:42:24.0927 0x34e0 bowser - ok
21:42:24.0938 0x34e0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
21:42:24.0971 0x34e0 BrFiltLo - ok
21:42:24.0975 0x34e0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
21:42:24.0990 0x34e0 BrFiltUp - ok
21:42:25.0010 0x34e0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
21:42:25.0031 0x34e0 BridgeMP - ok
21:42:25.0036 0x34e0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
21:42:25.0048 0x34e0 Browser - ok
21:42:25.0069 0x34e0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
21:42:25.0087 0x34e0 Brserid - ok
21:42:25.0090 0x34e0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
21:42:25.0101 0x34e0 BrSerWdm - ok
21:42:25.0103 0x34e0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
21:42:25.0126 0x34e0 BrUsbMdm - ok
21:42:25.0130 0x34e0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
21:42:25.0150 0x34e0 BrUsbSer - ok
21:42:25.0169 0x34e0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
21:42:25.0180 0x34e0 BTHMODEM - ok
21:42:25.0199 0x34e0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
21:42:25.0219 0x34e0 bthserv - ok
21:42:25.0250 0x34e0 catchme - ok
21:42:25.0255 0x34e0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:42:25.0302 0x34e0 cdfs - ok
21:42:25.0334 0x34e0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
21:42:25.0370 0x34e0 cdrom - ok
21:42:25.0393 0x34e0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
21:42:25.0428 0x34e0 CertPropSvc - ok
21:42:25.0433 0x34e0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
21:42:25.0446 0x34e0 circlass - ok
21:42:25.0462 0x34e0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
21:42:25.0476 0x34e0 CLFS - ok
21:42:25.0492 0x34e0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:42:25.0502 0x34e0 clr_optimization_v2.0.50727_32 - ok
21:42:25.0526 0x34e0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:42:25.0536 0x34e0 clr_optimization_v2.0.50727_64 - ok
21:42:25.0565 0x34e0 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:42:25.0616 0x34e0 clr_optimization_v4.0.30319_32 - ok
21:42:25.0640 0x34e0 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:42:25.0683 0x34e0 clr_optimization_v4.0.30319_64 - ok
21:42:25.0702 0x34e0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
21:42:25.0735 0x34e0 CmBatt - ok
21:42:25.0740 0x34e0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
21:42:25.0752 0x34e0 cmdide - ok
21:42:25.0786 0x34e0 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
21:42:25.0820 0x34e0 CNG - ok
21:42:25.0837 0x34e0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
21:42:25.0845 0x34e0 Compbatt - ok
21:42:25.0857 0x34e0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
21:42:25.0880 0x34e0 CompositeBus - ok
21:42:25.0882 0x34e0 COMSysApp - ok
21:42:25.0908 0x34e0 cpuz134 - ok
21:42:25.0912 0x34e0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
21:42:25.0920 0x34e0 crcdisk - ok
21:42:25.0938 0x34e0 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:42:25.0995 0x34e0 CryptSvc - ok
21:42:26.0022 0x34e0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:42:26.0098 0x34e0 DcomLaunch - ok
21:42:26.0114 0x34e0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
21:42:26.0139 0x34e0 defragsvc - ok
21:42:26.0147 0x34e0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
21:42:26.0167 0x34e0 DfsC - ok
21:42:26.0180 0x34e0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
21:42:26.0218 0x34e0 Dhcp - ok
21:42:26.0222 0x34e0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
21:42:26.0279 0x34e0 discache - ok
21:42:26.0283 0x34e0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
21:42:26.0290 0x34e0 Disk - ok
21:42:26.0303 0x34e0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:42:26.0353 0x34e0 Dnscache - ok
21:42:26.0375 0x34e0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
21:42:26.0426 0x34e0 dot3svc - ok
21:42:26.0464 0x34e0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
21:42:26.0499 0x34e0 DPS - ok
21:42:26.0513 0x34e0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:42:26.0528 0x34e0 drmkaud - ok
21:42:26.0554 0x34e0 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
21:42:26.0564 0x34e0 dtsoftbus01 - ok
21:42:26.0595 0x34e0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:42:26.0628 0x34e0 DXGKrnl - ok
21:42:26.0647 0x34e0 EagleX64 - ok
21:42:26.0673 0x34e0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
21:42:26.0722 0x34e0 EapHost - ok
21:42:26.0833 0x34e0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:42:27.0001 0x34e0 ebdrv - ok
21:42:27.0010 0x34e0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
21:42:27.0044 0x34e0 EFS - ok
21:42:27.0091 0x34e0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
21:42:27.0161 0x34e0 ehRecvr - ok
21:42:27.0168 0x34e0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
21:42:27.0188 0x34e0 ehSched - ok
21:42:27.0222 0x34e0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
21:42:27.0239 0x34e0 elxstor - ok
21:42:27.0241 0x34e0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
21:42:27.0250 0x34e0 ErrDev - ok
21:42:27.0271 0x34e0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
21:42:27.0302 0x34e0 EventSystem - ok
21:42:27.0320 0x34e0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
21:42:27.0343 0x34e0 exfat - ok
21:42:27.0348 0x34e0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:42:27.0372 0x34e0 fastfat - ok
21:42:27.0399 0x34e0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
21:42:27.0433 0x34e0 Fax - ok
21:42:27.0448 0x34e0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
21:42:27.0470 0x34e0 fdc - ok
21:42:27.0473 0x34e0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
21:42:27.0503 0x34e0 fdPHost - ok
21:42:27.0507 0x34e0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
21:42:27.0527 0x34e0 FDResPub - ok
21:42:27.0559 0x34e0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:42:27.0566 0x34e0 FileInfo - ok
21:42:27.0569 0x34e0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:42:27.0590 0x34e0 Filetrace - ok
21:42:27.0608 0x34e0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
21:42:27.0617 0x34e0 flpydisk - ok
21:42:27.0632 0x34e0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:42:27.0643 0x34e0 FltMgr - ok
21:42:27.0681 0x34e0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
21:42:27.0726 0x34e0 FontCache - ok
21:42:27.0740 0x34e0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:42:27.0747 0x34e0 FontCache3.0.0.0 - ok
21:42:27.0750 0x34e0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:42:27.0756 0x34e0 FsDepends - ok
21:42:27.0768 0x34e0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:42:27.0774 0x34e0 Fs_Rec - ok
21:42:27.0789 0x34e0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:42:27.0800 0x34e0 fvevol - ok
21:42:27.0825 0x34e0 [ 15585492E45E2F30768B2D5B57929D99, C5E6A943C78AAFE10FD9C913324083DD4B3D2F1D998A38C8B69FDEAF22246527 ] fwlanusbn C:\Windows\system32\DRIVERS\fwlanusbn.sys
21:42:27.0873 0x34e0 fwlanusbn - ok
21:42:27.0884 0x34e0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:42:27.0891 0x34e0 gagp30kx - ok
21:42:27.0923 0x34e0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:42:27.0928 0x34e0 GEARAspiWDM - ok
21:42:27.0989 0x34e0 GGSAFERDriver - ok
21:42:28.0066 0x34e0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
21:42:28.0115 0x34e0 gpsvc - ok
21:42:28.0144 0x34e0 [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi C:\Windows\system32\DRIVERS\hamachi.sys
21:42:28.0159 0x34e0 hamachi - ok
21:42:28.0319 0x34e0 [ EE54F8C7DA3C4B2D2077EA811980F6FC, A2F2CF7EFA9058D73A1908616597B7E328724D8F7BE0A7628F0118072BFB8193 ] Hamachi2Svc F:\LogMeIn Hamachi\hamachi-2.exe
21:42:28.0403 0x34e0 Hamachi2Svc - ok
21:42:28.0433 0x34e0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
21:42:28.0461 0x34e0 hcw85cir - ok
21:42:28.0486 0x34e0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:42:28.0511 0x34e0 HdAudAddService - ok
21:42:28.0530 0x34e0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
21:42:28.0555 0x34e0 HDAudBus - ok
21:42:28.0558 0x34e0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
21:42:28.0571 0x34e0 HidBatt - ok
21:42:28.0596 0x34e0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
21:42:28.0609 0x34e0 HidBth - ok
21:42:28.0621 0x34e0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
21:42:28.0633 0x34e0 HidIr - ok
21:42:28.0636 0x34e0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
21:42:28.0675 0x34e0 hidserv - ok
21:42:28.0700 0x34e0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
21:42:28.0712 0x34e0 HidUsb - ok
21:42:28.0761 0x34e0 [ DFD1D30D8B68D883B5858748F7E35AD2, 051C9940054558DCB96746C0425A52F5294194163946B4A2A9CAEA64CFA855A1 ] HiPatchService F:\Hi-Rez Studios\HiPatchService.exe
21:42:28.0765 0x34e0 HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
21:42:31.0152 0x34e0 Detect skipped due to KSN trusted
21:42:31.0152 0x34e0 HiPatchService - ok
21:42:31.0174 0x34e0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:42:31.0210 0x34e0 hkmsvc - ok
21:42:31.0219 0x34e0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:42:31.0235 0x34e0 HomeGroupListener - ok
21:42:31.0252 0x34e0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:42:31.0273 0x34e0 HomeGroupProvider - ok
21:42:31.0326 0x34e0 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
21:42:31.0347 0x34e0 hpqcxs08 - ok
21:42:31.0354 0x34e0 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
21:42:31.0360 0x34e0 hpqddsvc - ok
21:42:31.0371 0x34e0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:42:31.0378 0x34e0 HpSAMD - ok
21:42:31.0411 0x34e0 [ D4F91CF4DE215D6F14A06087D46725E4, 656E78AB0CD5B3DA396F937CF05863F80C9E430EDED6F68A88F39604A052921B ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
21:42:31.0450 0x34e0 HPSLPSVC - ok
21:42:31.0469 0x34e0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:42:31.0503 0x34e0 HTTP - ok
21:42:31.0506 0x34e0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:42:31.0513 0x34e0 hwpolicy - ok
21:42:31.0545 0x34e0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
21:42:31.0554 0x34e0 i8042prt - ok
21:42:31.0578 0x34e0 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
21:42:31.0591 0x34e0 iaStor - ok
21:42:31.0606 0x34e0 [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:42:31.0611 0x34e0 IAStorDataMgrSvc - ok
21:42:31.0639 0x34e0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:42:31.0651 0x34e0 iaStorV - ok
21:42:31.0694 0x34e0 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:42:31.0701 0x34e0 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
21:42:34.0053 0x34e0 Detect skipped due to KSN trusted
21:42:34.0053 0x34e0 IDriverT - ok
21:42:34.0130 0x34e0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:42:34.0172 0x34e0 idsvc - ok
21:42:34.0197 0x34e0 IEEtwCollectorService - ok
21:42:34.0201 0x34e0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:42:34.0210 0x34e0 iirsp - ok
21:42:34.0240 0x34e0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
21:42:34.0272 0x34e0 IKEEXT - ok
21:42:34.0395 0x34e0 [ 5F6A3EA5BD7CA861863A3A06CECC115C, 312B27BB6664A2DFF3B48CF9DA04511AAB281A2521A6140C7DB1613DC6562D59 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:42:34.0524 0x34e0 IntcAzAudAddService - ok
21:42:34.0575 0x34e0 [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:42:34.0599 0x34e0 Intel(R) Capability Licensing Service Interface - ok
21:42:34.0603 0x34e0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
21:42:34.0609 0x34e0 intelide - ok
21:42:34.0622 0x34e0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
21:42:34.0645 0x34e0 intelppm - ok
21:42:34.0650 0x34e0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
21:42:34.0673 0x34e0 IPBusEnum - ok
21:42:34.0678 0x34e0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:42:34.0697 0x34e0 IpFilterDriver - ok
21:42:34.0727 0x34e0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:42:34.0761 0x34e0 iphlpsvc - ok
21:42:34.0779 0x34e0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
21:42:34.0789 0x34e0 IPMIDRV - ok
21:42:34.0802 0x34e0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:42:34.0824 0x34e0 IPNAT - ok
21:42:34.0890 0x34e0 [ 0FA89CB1B99AD494CE36DD2DE717D696, 5B35B26C625306A7AD5A00FCAC46FD6D60061F1C8171352B5EF1C916A667AC92 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
21:42:34.0932 0x34e0 iPod Service - ok
21:42:34.0937 0x34e0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:42:34.0971 0x34e0 IRENUM - ok
21:42:34.0976 0x34e0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:42:34.0988 0x34e0 isapnp - ok
21:42:35.0008 0x34e0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
21:42:35.0026 0x34e0 iScsiPrt - ok
21:42:35.0043 0x34e0 [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:42:35.0052 0x34e0 iusb3hcs - ok
21:42:35.0076 0x34e0 [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
21:42:35.0094 0x34e0 iusb3hub - ok
21:42:35.0122 0x34e0 [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:42:35.0141 0x34e0 iusb3xhc - ok
21:42:35.0156 0x34e0 [ 16FB3C63287DC1E0061101012844F26F, D469275B6843E09B889912F8CBA41DE7C2F72001C888A990850B592B535E34F1 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:42:35.0165 0x34e0 jhi_service - ok
21:42:35.0177 0x34e0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
21:42:35.0184 0x34e0 kbdclass - ok
21:42:35.0187 0x34e0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
21:42:35.0212 0x34e0 kbdhid - ok
21:42:35.0215 0x34e0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
21:42:35.0223 0x34e0 KeyIso - ok
21:42:35.0236 0x34e0 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:42:35.0244 0x34e0 KSecDD - ok
21:42:35.0257 0x34e0 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:42:35.0266 0x34e0 KSecPkg - ok
21:42:35.0269 0x34e0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:42:35.0288 0x34e0 ksthunk - ok
21:42:35.0318 0x34e0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
21:42:35.0345 0x34e0 KtmRm - ok
21:42:35.0368 0x34e0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
21:42:35.0402 0x34e0 LanmanServer - ok
21:42:35.0417 0x34e0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:42:35.0452 0x34e0 LanmanWorkstation - ok
21:42:35.0470 0x34e0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:42:35.0491 0x34e0 lltdio - ok
21:42:35.0507 0x34e0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:42:35.0533 0x34e0 lltdsvc - ok
21:42:35.0535 0x34e0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:42:35.0567 0x34e0 lmhosts - ok
21:42:35.0598 0x34e0 [ 8D7E37CDE7393D59C46A3A61D30C6228, 328E374075B73560E9F45B07A3331BC2E032C33309011DC47B0959B8B8D0E937 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:42:35.0608 0x34e0 LMS - ok
21:42:35.0629 0x34e0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
21:42:35.0637 0x34e0 LSI_FC - ok
21:42:35.0665 0x34e0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:42:35.0678 0x34e0 LSI_SAS - ok
21:42:35.0696 0x34e0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:42:35.0711 0x34e0 LSI_SAS2 - ok
21:42:35.0721 0x34e0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:42:35.0733 0x34e0 LSI_SCSI - ok
21:42:35.0752 0x34e0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
21:42:35.0777 0x34e0 luafv - ok
21:42:35.0782 0x34e0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
21:42:35.0793 0x34e0 Mcx2Svc - ok
21:42:35.0806 0x34e0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
21:42:35.0813 0x34e0 megasas - ok
21:42:35.0830 0x34e0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:42:35.0840 0x34e0 MegaSR - ok
21:42:35.0855 0x34e0 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
21:42:35.0862 0x34e0 MEIx64 - ok
21:42:35.0874 0x34e0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
21:42:35.0895 0x34e0 MMCSS - ok
21:42:35.0898 0x34e0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
21:42:35.0935 0x34e0 Modem - ok
21:42:35.0954 0x34e0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:42:35.0964 0x34e0 monitor - ok
21:42:35.0988 0x34e0 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\system32\DRIVERS\MijXfilt.sys
21:42:35.0995 0x34e0 MotioninJoyXFilter - ok
21:42:36.0010 0x34e0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
21:42:36.0016 0x34e0 mouclass - ok
21:42:36.0023 0x34e0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
21:42:36.0044 0x34e0 mouhid - ok
21:42:36.0049 0x34e0 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:42:36.0056 0x34e0 mountmgr - ok
21:42:36.0074 0x34e0 [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:42:36.0081 0x34e0 MozillaMaintenance - ok
21:42:36.0098 0x34e0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
21:42:36.0107 0x34e0 mpio - ok
21:42:36.0116 0x34e0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:42:36.0136 0x34e0 mpsdrv - ok
21:42:36.0163 0x34e0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:42:36.0197 0x34e0 MpsSvc - ok
21:42:36.0204 0x34e0 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:42:36.0215 0x34e0 MRxDAV - ok
21:42:36.0221 0x34e0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:42:36.0243 0x34e0 mrxsmb - ok
21:42:36.0263 0x34e0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:42:36.0276 0x34e0 mrxsmb10 - ok
21:42:36.0282 0x34e0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:42:36.0291 0x34e0 mrxsmb20 - ok
21:42:36.0294 0x34e0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
21:42:36.0301 0x34e0 msahci - ok
21:42:36.0309 0x34e0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
21:42:36.0317 0x34e0 msdsm - ok
21:42:36.0330 0x34e0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
21:42:36.0359 0x34e0 MSDTC - ok
21:42:36.0378 0x34e0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:42:36.0416 0x34e0 Msfs - ok
21:42:36.0419 0x34e0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:42:36.0438 0x34e0 mshidkmdf - ok
21:42:36.0463 0x34e0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:42:36.0469 0x34e0 msisadrv - ok
21:42:36.0484 0x34e0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:42:36.0522 0x34e0 MSiSCSI - ok
21:42:36.0524 0x34e0 msiserver - ok
21:42:36.0565 0x34e0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:42:36.0602 0x34e0 MSKSSRV - ok
21:42:36.0629 0x34e0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:42:36.0666 0x34e0 MSPCLOCK - ok
21:42:36.0676 0x34e0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:42:36.0699 0x34e0 MSPQM - ok
21:42:36.0726 0x34e0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:42:36.0740 0x34e0 MsRPC - ok
21:42:36.0744 0x34e0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
21:42:36.0751 0x34e0 mssmbios - ok
21:42:36.0761 0x34e0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:42:36.0781 0x34e0 MSTEE - ok
21:42:36.0796 0x34e0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
21:42:36.0806 0x34e0 MTConfig - ok
21:42:36.0809 0x34e0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
21:42:36.0816 0x34e0 Mup - ok
21:42:36.0834 0x34e0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
21:42:36.0862 0x34e0 napagent - ok
21:42:36.0894 0x34e0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:42:36.0925 0x34e0 NativeWifiP - ok
21:42:36.0957 0x34e0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
21:42:36.0989 0x34e0 NDIS - ok
21:42:37.0005 0x34e0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:42:37.0025 0x34e0 NdisCap - ok
21:42:37.0037 0x34e0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:42:37.0056 0x34e0 NdisTapi - ok
21:42:37.0067 0x34e0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:42:37.0102 0x34e0 Ndisuio - ok
21:42:37.0117 0x34e0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:42:37.0152 0x34e0 NdisWan - ok
21:42:37.0170 0x34e0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:42:37.0190 0x34e0 NDProxy - ok
21:42:37.0212 0x34e0 [ D4F51E88C71BF8F06EA1BE320B0BB75B, ABDA528F8159290BFDFBAAFC3BDA4484649FF612FD1D9E74284CA7DBA00A4B0D ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:42:37.0217 0x34e0 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:42:39.0569 0x34e0 Detect skipped due to KSN trusted
21:42:39.0569 0x34e0 Net Driver HPZ12 - ok
21:42:39.0619 0x34e0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:42:39.0665 0x34e0 NetBIOS - ok
21:42:39.0686 0x34e0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:42:39.0725 0x34e0 NetBT - ok
21:42:39.0728 0x34e0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
21:42:39.0735 0x34e0 Netlogon - ok
21:42:39.0755 0x34e0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
21:42:39.0781 0x34e0 Netman - ok
21:42:39.0799 0x34e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:39.0809 0x34e0 NetMsmqActivator - ok
21:42:39.0827 0x34e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:39.0835 0x34e0 NetPipeActivator - ok
21:42:39.0856 0x34e0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
21:42:39.0885 0x34e0 netprofm - ok
21:42:39.0890 0x34e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:39.0898 0x34e0 NetTcpActivator - ok
21:42:39.0902 0x34e0 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:42:39.0910 0x34e0 NetTcpPortSharing - ok
21:42:39.0914 0x34e0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:42:39.0920 0x34e0 nfrd960 - ok
21:42:39.0943 0x34e0 [ 2FF6B48563AAFC12BB8CE2B4E4D7C65F, AAA77EBD643D4EE7EF40E9388CC6F8EA9AC19E491DDE64A8D8B0CAD666B21C94 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
21:42:39.0951 0x34e0 NitroReaderDriverReadSpool3 - ok
21:42:39.0972 0x34e0 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:42:39.0986 0x34e0 NlaSvc - ok
21:42:39.0993 0x34e0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:42:40.0012 0x34e0 Npfs - ok
21:42:40.0014 0x34e0 npggsvc - ok
21:42:40.0028 0x34e0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
21:42:40.0047 0x34e0 nsi - ok
21:42:40.0050 0x34e0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:42:40.0084 0x34e0 nsiproxy - ok
21:42:40.0145 0x34e0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:42:40.0195 0x34e0 Ntfs - ok
21:42:40.0212 0x34e0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
21:42:40.0232 0x34e0 Null - ok
21:42:40.0267 0x34e0 [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
21:42:40.0287 0x34e0 NVHDA - ok
21:42:40.0571 0x34e0 [ 2232AE1BB51A96A7381A2CA17DF12E24, 4813E27BC14EB3CBD55AF89B098EA5C8DA4C7FF0B6CCB7AACFC43BC0E578C988 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:42:40.0914 0x34e0 nvlddmkm - ok
21:42:40.0984 0x34e0 [ 45D6780D0525D7BC29E2E3605CA73C18, C8BBE8BE9824CD1D3C4314FE370FA03BD6000187B4FC4FC935F8342E1A02FA7E ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:42:41.0035 0x34e0 NvNetworkService - ok
21:42:41.0052 0x34e0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:42:41.0060 0x34e0 nvraid - ok
21:42:41.0076 0x34e0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:42:41.0085 0x34e0 nvstor - ok
21:42:41.0090 0x34e0 [ A0D870DCE152EE5B92A41AD927201D19, 67FB025CB380D933BF0FDD4AFE9BE4E3C1D69A59865E02A96533BBE9EC260D71 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:42:41.0095 0x34e0 NvStreamKms - ok
21:42:41.0512 0x34e0 [ E5597D09E5239C0F908948DB7057AC26, A6045D4D9D2F8007B0F75DAAABB2AD9FEB4A898E33A51ECE9A9D788D8E8F84A4 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
21:42:42.0006 0x34e0 NvStreamSvc - ok
21:42:42.0047 0x34e0 [ 2C8DD5A34A81715865D66D7AF39362A6, 62F9D873127921EE2EAA80B73E8994C4BF6DA7EEDACAEA030B8D58E086FD3850 ] nvsvc C:\Windows\system32\nvvsvc.exe
21:42:42.0079 0x34e0 nvsvc - ok
21:42:42.0091 0x34e0 [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:42:42.0098 0x34e0 nvvad_WaveExtensible - ok
21:42:42.0109 0x34e0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:42:42.0117 0x34e0 nv_agp - ok
21:42:42.0134 0x34e0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
21:42:42.0144 0x34e0 ohci1394 - ok
21:42:42.0167 0x34e0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:42:42.0187 0x34e0 p2pimsvc - ok
21:42:42.0207 0x34e0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
21:42:42.0222 0x34e0 p2psvc - ok
21:42:42.0244 0x34e0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
21:42:42.0254 0x34e0 Parport - ok
21:42:42.0259 0x34e0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:42:42.0265 0x34e0 partmgr - ok
21:42:42.0273 0x34e0 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
21:42:42.0287 0x34e0 PcaSvc - ok
21:42:42.0301 0x34e0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
21:42:42.0312 0x34e0 pci - ok
21:42:42.0324 0x34e0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
21:42:42.0330 0x34e0 pciide - ok
21:42:42.0345 0x34e0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:42:42.0355 0x34e0 pcmcia - ok
21:42:42.0368 0x34e0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
21:42:42.0374 0x34e0 pcw - ok
21:42:42.0395 0x34e0 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:42:42.0427 0x34e0 PEAUTH - ok
21:42:42.0494 0x34e0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:42:42.0549 0x34e0 PerfHost - ok
21:42:42.0611 0x34e0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
21:42:42.0730 0x34e0 pla - ok
21:42:42.0789 0x34e0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:42:42.0827 0x34e0 PlugPlay - ok
21:42:42.0838 0x34e0 [ 9A80707D8B6C1806531BFD7399B3CC76, C9996A265B0C461843DECE336314AEDD38D3F0644A8AA4D3F20D3496AD17956B ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:42:42.0847 0x34e0 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
21:42:45.0194 0x34e0 Detect skipped due to KSN trusted
21:42:45.0194 0x34e0 Pml Driver HPZ12 - ok
21:42:45.0259 0x34e0 PnkBstrA - ok
21:42:45.0264 0x34e0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:42:45.0282 0x34e0 PNRPAutoReg - ok
21:42:45.0296 0x34e0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:42:45.0311 0x34e0 PNRPsvc - ok
21:42:45.0331 0x34e0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:42:45.0363 0x34e0 PolicyAgent - ok
21:42:45.0371 0x34e0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
21:42:45.0394 0x34e0 Power - ok
21:42:45.0420 0x34e0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:42:45.0441 0x34e0 PptpMiniport - ok
21:42:45.0444 0x34e0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
21:42:45.0464 0x34e0 Processor - ok
21:42:45.0483 0x34e0 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
21:42:45.0512 0x34e0 ProfSvc - ok
21:42:45.0515 0x34e0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:42:45.0524 0x34e0 ProtectedStorage - ok
21:42:45.0531 0x34e0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:42:45.0571 0x34e0 Psched - ok
21:42:45.0647 0x34e0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
21:42:45.0755 0x34e0 ql2300 - ok
21:42:45.0776 0x34e0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
21:42:45.0784 0x34e0 ql40xx - ok
21:42:45.0804 0x34e0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
21:42:45.0819 0x34e0 QWAVE - ok
21:42:45.0828 0x34e0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:42:45.0839 0x34e0 QWAVEdrv - ok
21:42:45.0856 0x34e0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:42:45.0875 0x34e0 RasAcd - ok
21:42:45.0879 0x34e0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:42:45.0900 0x34e0 RasAgileVpn - ok
21:42:45.0924 0x34e0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
21:42:45.0946 0x34e0 RasAuto - ok
21:42:45.0974 0x34e0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:42:45.0995 0x34e0 Rasl2tp - ok
21:42:46.0008 0x34e0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
21:42:46.0034 0x34e0 RasMan - ok
21:42:46.0047 0x34e0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:42:46.0069 0x34e0 RasPppoe - ok
21:42:46.0094 0x34e0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:42:46.0115 0x34e0 RasSstp - ok
21:42:46.0140 0x34e0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:42:46.0164 0x34e0 rdbss - ok
21:42:46.0177 0x34e0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
21:42:46.0186 0x34e0 rdpbus - ok
21:42:46.0189 0x34e0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
21:42:46.0207 0x34e0 RDPCDD - ok
21:42:46.0211 0x34e0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
21:42:46.0243 0x34e0 RDPENCDD - ok
21:42:46.0247 0x34e0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
21:42:46.0266 0x34e0 RDPREFMP - ok
21:42:46.0270 0x34e0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:42:46.0305 0x34e0 RdpVideoMiniport - ok
21:42:46.0324 0x34e0 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:42:46.0343 0x34e0 RDPWD - ok
21:42:46.0368 0x34e0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:42:46.0377 0x34e0 rdyboost - ok
21:42:46.0389 0x34e0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
21:42:46.0410 0x34e0 RemoteAccess - ok
21:42:46.0421 0x34e0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:42:46.0455 0x34e0 RemoteRegistry - ok
21:42:46.0462 0x34e0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:42:46.0482 0x34e0 RpcEptMapper - ok
21:42:46.0486 0x34e0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
21:42:46.0525 0x34e0 RpcLocator - ok
21:42:46.0554 0x34e0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
21:42:46.0580 0x34e0 RpcSs - ok
21:42:46.0585 0x34e0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:42:46.0605 0x34e0 rspndr - ok
21:42:46.0634 0x34e0 [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
21:42:46.0652 0x34e0 RTL8167 - ok
21:42:46.0655 0x34e0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
21:42:46.0663 0x34e0 SamSs - ok
21:42:46.0668 0x34e0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:42:46.0675 0x34e0 sbp2port - ok
21:42:46.0686 0x34e0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:42:46.0709 0x34e0 SCardSvr - ok
21:42:46.0724 0x34e0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:42:46.0757 0x34e0 scfilter - ok
21:42:46.0793 0x34e0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
21:42:46.0849 0x34e0 Schedule - ok
21:42:46.0855 0x34e0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
21:42:46.0873 0x34e0 SCPolicySvc - ok
21:42:46.0896 0x34e0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:42:46.0909 0x34e0 SDRSVC - ok
21:42:46.0912 0x34e0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:42:46.0932 0x34e0 secdrv - ok
21:42:46.0936 0x34e0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
21:42:46.0955 0x34e0 seclogon - ok
21:42:46.0982 0x34e0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
21:42:47.0003 0x34e0 SENS - ok
21:42:47.0044 0x34e0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:42:47.0078 0x34e0 SensrSvc - ok
21:42:47.0091 0x34e0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
21:42:47.0122 0x34e0 Serenum - ok
21:42:47.0155 0x34e0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
21:42:47.0175 0x34e0 Serial - ok
21:42:47.0203 0x34e0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
21:42:47.0217 0x34e0 sermouse - ok
21:42:47.0240 0x34e0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
21:42:47.0301 0x34e0 SessionEnv - ok
21:42:47.0320 0x34e0 [ DDA1B38A59DE5096E2619D4CFDE01F4A, 95E2244EC8FD87741169B75A25458C788A9355EBC7D12C5CD6509DBBB89D4EE6 ] sfdrv01a C:\Windows\system32\drivers\sfdrv01a.sys
21:42:47.0327 0x34e0 sfdrv01a - ok
21:42:47.0330 0x34e0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
21:42:47.0351 0x34e0 sffdisk - ok
21:42:47.0364 0x34e0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
21:42:47.0374 0x34e0 sffp_mmc - ok
21:42:47.0384 0x34e0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
21:42:47.0395 0x34e0 sffp_sd - ok
21:42:47.0399 0x34e0 [ 17F6BD95BF04B924F4C05CE78BEF8AE6, 68D38DC04349DA476B62F853B165EE6B6F42054BCAF2B8F615A6E6BAACD35EB4 ] sfhlp02 C:\Windows\system32\drivers\sfhlp02.sys
21:42:47.0404 0x34e0 sfhlp02 - ok
21:42:47.0407 0x34e0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
21:42:47.0415 0x34e0 sfloppy - ok
21:42:47.0419 0x34e0 [ 40CF333266E10137F805B8956FE19031, 9A0C296465E0D9E1F7534E6970090378646A21D168E67CB90810C642F7F33C9E ] sfsync02 C:\Windows\system32\drivers\sfsync02.sys
21:42:47.0425 0x34e0 sfsync02 - ok
21:42:47.0439 0x34e0 [ 4D31B845E4874E1D366EE7B2D8B45AC1, 6AB6D0A3CB5A2A0E0945F4BFCE1DD1ECE8A8B24C2DC33EABC7AB0E0A8413AF00 ] sfvfs02 C:\Windows\system32\drivers\sfvfs02.sys
21:42:47.0447 0x34e0 sfvfs02 - ok
21:42:47.0464 0x34e0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:42:47.0491 0x34e0 SharedAccess - ok
21:42:47.0511 0x34e0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:42:47.0537 0x34e0 ShellHWDetection - ok
21:42:47.0551 0x34e0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:42:47.0557 0x34e0 SiSRaid2 - ok
21:42:47.0561 0x34e0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:42:47.0568 0x34e0 SiSRaid4 - ok
21:42:47.0613 0x34e0 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:42:47.0634 0x34e0 SkypeUpdate - ok
21:42:47.0647 0x34e0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
21:42:47.0668 0x34e0 Smb - ok
21:42:47.0673 0x34e0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:42:47.0691 0x34e0 SNMPTRAP - ok
21:42:47.0694 0x34e0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
21:42:47.0700 0x34e0 spldr - ok
21:42:47.0719 0x34e0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
21:42:47.0743 0x34e0 Spooler - ok
21:42:47.0841 0x34e0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
21:42:47.0964 0x34e0 sppsvc - ok
21:42:47.0974 0x34e0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
21:42:47.0995 0x34e0 sppuinotify - ok
21:42:48.0016 0x34e0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:42:48.0047 0x34e0 srv - ok
21:42:48.0067 0x34e0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:42:48.0100 0x34e0 srv2 - ok
21:42:48.0115 0x34e0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:42:48.0126 0x34e0 srvnet - ok
21:42:48.0135 0x34e0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:42:48.0158 0x34e0 SSDPSRV - ok
21:42:48.0189 0x34e0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:42:48.0210 0x34e0 SstpSvc - ok
21:42:48.0244 0x34e0 [ 7E815DDD79CC73A02A33DF11FABE4E1E, A05A85CDB0CB0AA1AAC93AA801C39242BFE59082E2BC580F04EBFA71B5B61F07 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:42:48.0262 0x34e0 Steam Client Service - ok
21:42:48.0324 0x34e0 [ D2230317777033CD0456990BFC4994E5, 0F2F559593EAD7AB4596E67E9AE56E5ABF5C945201366CFC972357C22A4F776A ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
21:42:48.0347 0x34e0 Stereo Service - ok
21:42:48.0366 0x34e0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:42:48.0374 0x34e0 stexstor - ok
21:42:48.0385 0x34e0 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
21:42:48.0410 0x34e0 StillCam - ok
21:42:48.0441 0x34e0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
21:42:48.0482 0x34e0 stisvc - ok
21:42:48.0485 0x34e0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
21:42:48.0493 0x34e0 swenum - ok
21:42:48.0528 0x34e0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
21:42:48.0566 0x34e0 swprv - ok
21:42:48.0631 0x34e0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
21:42:48.0720 0x34e0 SysMain - ok
21:42:48.0734 0x34e0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:42:48.0746 0x34e0 TabletInputService - ok
21:42:48.0760 0x34e0 [ F9BE29D5E097F03F81D3CD12B794CB66, 5EC208DEAF7C721F4C36512E7DAD4AC66578AB935B9502A5E1E213BC91BE508C ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
21:42:48.0780 0x34e0 tap0901 - ok
21:42:48.0798 0x34e0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
21:42:48.0834 0x34e0 TapiSrv - ok
21:42:48.0838 0x34e0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
21:42:48.0858 0x34e0 TBS - ok
21:42:48.0936 0x34e0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:42:49.0052 0x34e0 Tcpip - ok
21:42:49.0095 0x34e0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:42:49.0125 0x34e0 TCPIP6 - ok
21:42:49.0170 0x34e0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:42:49.0188 0x34e0 tcpipreg - ok
21:42:49.0221 0x34e0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
21:42:49.0248 0x34e0 TDPIPE - ok
21:42:49.0264 0x34e0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
21:42:49.0281 0x34e0 TDTCP - ok
21:42:49.0291 0x34e0 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:42:49.0329 0x34e0 tdx - ok
21:42:49.0504 0x34e0 [ 9A019ABD9CEAA6EA528E5438402907F7, E1B58B376D142B4472C64D020800AE0AC868C8F4EC18EA45D236E0EB8C3CB6F4 ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
21:42:49.0677 0x34e0 TeamViewer9 - ok
21:42:49.0705 0x34e0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
21:42:49.0712 0x34e0 TermDD - ok
21:42:49.0736 0x34e0 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
21:42:49.0767 0x34e0 TermService - ok
21:42:49.0771 0x34e0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
21:42:49.0782 0x34e0 Themes - ok
21:42:49.0786 0x34e0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
21:42:49.0806 0x34e0 THREADORDER - ok
21:42:49.0826 0x34e0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
21:42:49.0848 0x34e0 TrkWks - ok
21:42:49.0873 0x34e0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:42:49.0895 0x34e0 TrustedInstaller - ok
21:42:49.0900 0x34e0 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
21:42:49.0940 0x34e0 tssecsrv - ok
21:42:49.0945 0x34e0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:42:49.0954 0x34e0 TsUsbFlt - ok
21:42:49.0967 0x34e0 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
21:42:49.0987 0x34e0 TsUsbGD - ok
21:42:49.0999 0x34e0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:42:50.0036 0x34e0 tunnel - ok
21:42:50.0064 0x34e0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:42:50.0077 0x34e0 uagp35 - ok
21:42:50.0104 0x34e0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:42:50.0139 0x34e0 udfs - ok
21:42:50.0144 0x34e0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:42:50.0156 0x34e0 UI0Detect - ok
21:42:50.0160 0x34e0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:42:50.0167 0x34e0 uliagpkx - ok
21:42:50.0171 0x34e0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
21:42:50.0180 0x34e0 umbus - ok
21:42:50.0190 0x34e0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
21:42:50.0198 0x34e0 UmPass - ok
21:42:50.0224 0x34e0 [ F8626F1D56FA417C3B4AB6114D8471D5, C8AC74A6B0395A2C317F4600630B47D433CF483F7E516EF7356084DA1E8C3275 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:42:50.0235 0x34e0 UNS - ok
21:42:50.0247 0x34e0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
21:42:50.0274 0x34e0 upnphost - ok
21:42:50.0279 0x34e0 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
21:42:50.0289 0x34e0 USBAAPL64 - ok
21:42:50.0298 0x34e0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
21:42:50.0320 0x34e0 usbccgp - ok
21:42:50.0339 0x34e0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
21:42:50.0359 0x34e0 usbcir - ok
21:42:50.0382 0x34e0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
21:42:50.0390 0x34e0 usbehci - ok
21:42:50.0415 0x34e0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
21:42:50.0430 0x34e0 usbhub - ok
21:42:50.0433 0x34e0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
21:42:50.0440 0x34e0 usbohci - ok
21:42:50.0443 0x34e0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
21:42:50.0462 0x34e0 usbprint - ok
21:42:50.0483 0x34e0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:42:50.0500 0x34e0 USBSTOR - ok
21:42:50.0511 0x34e0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
21:42:50.0534 0x34e0 usbuhci - ok
21:42:50.0553 0x34e0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
21:42:50.0583 0x34e0 UxSms - ok
21:42:50.0586 0x34e0 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
21:42:50.0594 0x34e0 VaultSvc - ok
21:42:50.0608 0x34e0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:42:50.0614 0x34e0 vdrvroot - ok
21:42:50.0633 0x34e0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
21:42:50.0679 0x34e0 vds - ok
21:42:50.0698 0x34e0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
21:42:50.0707 0x34e0 vga - ok
21:42:50.0710 0x34e0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
21:42:50.0744 0x34e0 VgaSave - ok
21:42:50.0785 0x34e0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
21:42:50.0803 0x34e0 vhdmp - ok
21:42:50.0808 0x34e0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
21:42:50.0821 0x34e0 viaide - ok
21:42:50.0834 0x34e0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:42:50.0843 0x34e0 volmgr - ok
21:42:50.0864 0x34e0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:42:50.0878 0x34e0 volmgrx - ok
21:42:50.0902 0x34e0 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:42:50.0915 0x34e0 volsnap - ok
21:42:50.0929 0x34e0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:42:50.0939 0x34e0 vsmraid - ok
21:42:50.0981 0x34e0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
21:42:51.0047 0x34e0 VSS - ok
21:42:51.0163 0x34e0 [ C3382C99F1D10BCBEBC689BF847B77B5, BB11A866595D745BA7427CCB9E1F39F2340BC55B3E61B48B47B8E64384D3FFEA ] vToolbarUpdater3.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\3.2.0\ToolbarUpdater.exe
21:42:51.0239 0x34e0 vToolbarUpdater3.2.0 - ok
21:42:51.0244 0x34e0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:42:51.0255 0x34e0 vwifibus - ok
21:42:51.0280 0x34e0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
21:42:51.0306 0x34e0 W32Time - ok
21:42:51.0334 0x34e0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
21:42:51.0342 0x34e0 WacomPen - ok
21:42:51.0358 0x34e0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
21:42:51.0389 0x34e0 WANARP - ok
21:42:51.0392 0x34e0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:42:51.0411 0x34e0 Wanarpv6 - ok
21:42:51.0452 0x34e0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
21:42:51.0499 0x34e0 wbengine - ok
21:42:51.0509 0x34e0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:42:51.0524 0x34e0 WbioSrvc - ok
21:42:51.0559 0x34e0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:42:51.0577 0x34e0 wcncsvc - ok
21:42:51.0580 0x34e0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:42:51.0591 0x34e0 WcsPlugInService - ok
21:42:51.0594 0x34e0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
21:42:51.0600 0x34e0 Wd - ok
21:42:51.0625 0x34e0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:42:51.0645 0x34e0 Wdf01000 - ok
21:42:51.0658 0x34e0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:42:51.0705 0x34e0 WdiServiceHost - ok
21:42:51.0708 0x34e0 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:42:51.0719 0x34e0 WdiSystemHost - ok
21:42:51.0740 0x34e0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
21:42:51.0768 0x34e0 WebClient - ok
21:42:51.0797 0x34e0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:42:51.0822 0x34e0 Wecsvc - ok
21:42:51.0852 0x34e0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:42:51.0873 0x34e0 wercplsupport - ok
21:42:51.0878 0x34e0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
21:42:51.0899 0x34e0 WerSvc - ok
21:42:51.0928 0x34e0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
21:42:51.0967 0x34e0 WfpLwf - ok
21:42:51.0994 0x34e0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:42:52.0004 0x34e0 WIMMount - ok
21:42:52.0018 0x34e0 WinDefend - ok
21:42:52.0037 0x34e0 WinHttpAutoProxySvc - ok
21:42:52.0063 0x34e0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:42:52.0093 0x34e0 Winmgmt - ok
21:42:52.0171 0x34e0 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
21:42:52.0279 0x34e0 WinRM - ok
21:42:52.0301 0x34e0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
21:42:52.0311 0x34e0 WinUsb - ok
21:42:52.0335 0x34e0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
21:42:52.0363 0x34e0 Wlansvc - ok
21:42:52.0421 0x34e0 [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
21:42:52.0489 0x34e0 wlidsvc - ok
21:42:52.0511 0x34e0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
21:42:52.0520 0x34e0 WmiAcpi - ok
21:42:52.0538 0x34e0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:42:52.0551 0x34e0 wmiApSrv - ok
21:42:52.0561 0x34e0 WMPNetworkSvc - ok
21:42:52.0564 0x34e0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:42:52.0584 0x34e0 WPCSvc - ok
21:42:52.0589 0x34e0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:42:52.0616 0x34e0 WPDBusEnum - ok
21:42:52.0619 0x34e0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:42:52.0654 0x34e0 ws2ifsl - ok
21:42:52.0669 0x34e0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
21:42:52.0682 0x34e0 wscsvc - ok
21:42:52.0684 0x34e0 WSearch - ok
21:42:52.0747 0x34e0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
21:42:52.0825 0x34e0 wuauserv - ok
21:42:52.0833 0x34e0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:42:52.0868 0x34e0 WudfPf - ok
21:42:52.0895 0x34e0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
21:42:52.0919 0x34e0 WUDFRd - ok
21:42:52.0930 0x34e0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:42:52.0941 0x34e0 wudfsvc - ok
21:42:52.0950 0x34e0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
21:42:52.0978 0x34e0 WwanSvc - ok
21:42:53.0006 0x34e0 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
21:42:53.0018 0x34e0 xusb21 - ok
21:42:53.0028 0x34e0 ================ Scan global ===============================
21:42:53.0046 0x34e0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:42:53.0065 0x34e0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:42:53.0076 0x34e0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
21:42:53.0084 0x34e0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:42:53.0102 0x34e0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
21:42:53.0108 0x34e0 [ Global ] - ok
21:42:53.0108 0x34e0 ================ Scan MBR ==================================
21:42:53.0110 0x34e0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:42:53.0434 0x34e0 \Device\Harddisk0\DR0 - ok
21:42:53.0437 0x34e0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
21:42:53.0903 0x34e0 \Device\Harddisk1\DR1 - ok
21:42:53.0903 0x34e0 ================ Scan VBR ==================================
21:42:53.0924 0x34e0 [ 9443E5EEA4F81B7171F0FE33359D4FFD ] \Device\Harddisk0\DR0\Partition1
21:42:53.0936 0x34e0 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
21:42:53.0936 0x34e0 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
21:42:56.0348 0x34e0 [ 8A811C0242ACD6F3CF191030C8E621CB ] \Device\Harddisk0\DR0\Partition2
21:42:56.0372 0x34e0 \Device\Harddisk0\DR0\Partition2 - ok
21:42:56.0394 0x34e0 [ CB1F0DF030BB01E5AAF437785A89057B ] \Device\Harddisk0\DR0\Partition3
21:42:56.0408 0x34e0 \Device\Harddisk0\DR0\Partition3 - ok
21:42:56.0424 0x34e0 [ B40BC0A08101F64916E605AE52C91653 ] \Device\Harddisk1\DR1\Partition1
21:42:56.0498 0x34e0 \Device\Harddisk1\DR1\Partition1 - ok
21:42:56.0498 0x34e0 ================ Scan generic autorun ======================
21:42:56.0685 0x34e0 [ C3803F8E0FC107EFC1F9DE4FB7B7D797, 2D78DE29F4791FCF9A5B358F8266A0E64338B84B95E695EAF1CE958676EEEEB6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:42:56.0898 0x34e0 RTHDVCPL - ok
21:42:56.0977 0x34e0 [ 05470C684B62C2F86325D8685E4513CB, EDE70A162AFA104D774AE1D8D3A077F2C12940851EC5BA785242F4032EEA902E ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:42:57.0087 0x34e0 NvBackend - ok
21:42:57.0093 0x34e0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:42:57.0104 0x34e0 ShadowPlay - ok
21:42:57.0115 0x34e0 [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:42:57.0126 0x34e0 USB3MON - ok
21:42:57.0193 0x34e0 [ 504C916D52ABA407FD4DC1E709AEA71E, 8F279620247481F28DF7D9FD4A81173396E39EB807E24587E89CAF1172CC846C ] C:\Program Files (x86)\avmwlanstick\wlangui.exe
21:42:57.0256 0x34e0 AVMWlanClient - detected UnsignedFile.Multi.Generic ( 1 )
21:42:59.0599 0x34e0 Detect skipped due to KSN trusted
21:42:59.0600 0x34e0 AVMWlanClient - ok
21:42:59.0701 0x34e0 [ 6FA1F6B8090F04D581E16212886BD861, 1A0D90C6BC9EBE319BF4524FA0EA326073A256252377B860AF48AECE46B6DAC2 ] C:\Users\Lukas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
21:42:59.0767 0x34e0 Spotify Web Helper - ok
21:42:59.0768 0x34e0 Waiting for KSN requests completion. In queue: 5
21:43:00.0768 0x34e0 Waiting for KSN requests completion. In queue: 5
21:43:01.0768 0x34e0 Waiting for KSN requests completion. In queue: 5
21:43:02.0807 0x34e0 AV detected via SS2: AVG AntiVirus Free Edition 2014, F:\AVG\AVG2014\avgwsc.exe ( 14.0.0.4745 ), 0x41000 ( enabled : updated )
21:43:03.0065 0x34e0 Win FW state via NFP2: enabled
21:43:05.0434 0x34e0 ============================================================
21:43:05.0434 0x34e0 Scan finished
21:43:05.0434 0x34e0 ============================================================
21:43:05.0443 0x3644 Detected object count: 1
21:43:05.0443 0x3644 Actual detected object count: 1
21:43:26.0374 0x3644 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
21:43:26.0374 0x3644 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
|
|
Revo Uninstaller herunter.
dann auf 
und dann auf 
.
WARNUNG an die MITLESER: 
Linear-Darstellung
