|
Log-Analyse und Auswertung: Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
19.10.2014, 14:25 | #16 | |
/// the machine /// TB-Ausbilder | Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchenZitat:
Poste bitte mal ein frisches FRST Log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
19.10.2014, 20:23 | #17 |
| Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen oh man hab gerade mal gelesen was ich da geschrieben habe ja Schwachsinn ist es, der Computer wird nicht langsamer wegen solchen Sachen. Was ich meinte war, dass meines Wissens nach Programme nicht richtig laufen und dadurch den Computer verlangsamen. wenn das falsch ist bitte berichtige mich.
__________________hier das log FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01 (ATTENTION: ====> FRST version is 13 days old and could be outdated) Ran by Kaiveman (administrator) on KAIVEMAN-PC on 19-10-2014 21:15:22 Running from E:\download Loaded Profile: Kaiveman (Available profiles: Kaiveman) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Check Point Software Technologies Ltd.) E:\tools\CheckPoint\ZoneAlarm\vsmon.exe (AVAST Software) E:\AVAST\AvastSvc.exe (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CtHdaSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\WINDOWS\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Razer Inc.) E:\tools\Razer Game Booster\RzKLService.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe (Check Point Software Technologies, Ltd.) E:\tools\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe () C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (ZTE) E:\tools\congstar\Internet-Manager\Bin\mcserver.exe (Check Point Software Technologies Ltd.) E:\tools\CheckPoint\ZoneAlarm\zatray.exe (AVAST Software) E:\AVAST\avastui.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () E:\tools\congstar\Internet-Manager\Bin\dbus-daemon.exe () E:\tools\congstar\Internet-Manager\Bin\db_daemon.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (VideoLAN) E:\tools\VLC\vlc.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () E:\tools\Internetstick\Internet Manager.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ZoneAlarm] => E:\tools\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [AvastUI.exe] => e:\AVAST\AvastUI.exe [4085896 2011-01-01] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3627684862-3205843232-128843101-1001\...\Run: [DellSystemDetect] => C:\Users\Kaiveman\AppData\Local\Apps\2.0\PK1DRX65.AWA\YGYA1RJH.1WJ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-10-19] (Dell) AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll File Not Found AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll File Not Found AppInit_DLLs-x32: c:\WINDOWS\SysWOW64\nvinit.dll => "c:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => "C:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => "C:\Windows\SysWOW64\nvinit.dll" File Not Found ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => e:\AVAST\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0269427E-05E6-4154-AD36-63814BA5B0AD&q={searchTerms}&SSPV= SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> e:\AVAST\aswWebRepIE64.dll (AVAST Software) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> e:\AVAST\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{38CA5376-EA40-40BF-8202-D9D6DC967021}: [NameServer] 10.74.210.210 10.74.210.211 Tcpip\..\Interfaces\{A60FD169-2157-463B-9998-0790E9D85AA9}: [NameServer] 10.74.210.210 10.74.210.211 FireFox: ======== FF ProfilePath: C:\Users\Kaiveman\AppData\Roaming\Mozilla\Firefox\Profiles\OPYVtYrl.default FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> E:\tools\java\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> E:\tools\java\bin\plugin2\npjp2.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> E:\tools\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Kaiveman\AppData\Roaming\Mozilla\Firefox\Profiles\OPYVtYrl.default\Extensions\abs@avira.com [2011-01-01] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - e:\AVAST\WebRep\FF FF Extension: avast! Online Security - e:\AVAST\WebRep\FF [2011-01-01] Chrome: ======= CHR Profile: C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-20] CHR Extension: (Google Drive) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-20] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-13] CHR Extension: (YouTube) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-20] CHR Extension: (Google-Suche) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-20] CHR Extension: (AdBlock) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-20] CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-08-29] CHR Extension: (Google Wallet) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20] CHR Extension: (Google Mail) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-20] CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Kaiveman\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - e:\AVAST\WebRep\Chrome\aswWebRepChrome.crx [2011-01-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; e:\AVAST\AvastSvc.exe [50344 2011-01-01] (AVAST Software) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-12-12] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-12-12] (Creative Labs) [File not signed] R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-20] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-28] (Creative Technology Ltd) R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 Internet Manager. RunOuc; E:\tools\Internetstick\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-02] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] () S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [997664 2014-10-06] (Overwolf LTD) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-01] () R2 RzKLService; E:\tools\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2014-02-21] (TuneUp Software) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-21] (TuneUp Software) R2 vsmon; E:\tools\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.) R2 ZAPrivacyService; E:\tools\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2011-01-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2011-01-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2011-01-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2011-01-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2011-01-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2011-01-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2011-01-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2011-01-01] () R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-28] (Creative Technology Ltd) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd) S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated) S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated) S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated) R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-11-30] (Huawei Technologies Co., Ltd.) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-06-11] (Kaspersky Lab ZAO) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-06] (Duplex Secure Ltd.) R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-04] (STMicroelectronics) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-24] (TuneUp Software) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.) S3 BANG; \??\C:\Users\Kaiveman\AppData\Local\Temp\BANG.SYS [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvkflt; system32\DRIVERS\nvkflt.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 21:13 - 2014-10-19 21:15 - 00000000 ____D () C:\FRST 2014-10-19 11:40 - 2014-10-19 11:40 - 00000000 ____D () C:\Windows\pss 2014-10-19 10:45 - 2014-10-19 10:45 - 00001338 _____ () C:\Users\Kaiveman\Desktop\171014 Malewarebytes.txt 2014-10-17 18:49 - 2014-10-17 18:49 - 00004436 _____ () C:\Users\Kaiveman\Desktop\Malwarebytes Anti-Malware protokoll02.txt 2014-10-15 23:31 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-15 23:31 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-15 23:31 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 23:31 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 23:31 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 23:31 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 23:31 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 23:31 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 23:31 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 23:31 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 23:31 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 23:31 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 23:31 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-15 23:30 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-15 23:30 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 23:30 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-15 23:30 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-15 23:30 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 23:30 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 23:30 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 23:30 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 23:30 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-15 23:30 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-15 23:30 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 23:30 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 23:30 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 23:30 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 23:30 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 23:30 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 23:30 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-10-15 23:30 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 23:30 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 23:30 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 23:30 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 23:30 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 23:30 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-15 22:45 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 22:45 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 22:44 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-15 22:44 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 22:44 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-15 22:44 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-15 22:44 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 22:44 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 22:44 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-15 22:44 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 22:44 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-15 22:44 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-15 22:44 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-15 22:44 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-15 22:44 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-15 22:44 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-15 22:44 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-15 22:44 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-15 22:44 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-15 22:44 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-15 22:44 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-15 22:44 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-15 22:44 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-15 22:44 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-15 22:44 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-15 22:44 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-15 22:44 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-15 22:44 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-15 22:44 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-15 22:44 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-15 22:44 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-15 22:44 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-15 22:44 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-15 22:44 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-15 22:44 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-15 22:44 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-15 22:44 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-15 22:44 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-15 22:44 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-15 22:44 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-15 22:44 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-15 22:44 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-15 22:44 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-15 22:44 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-15 22:44 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-15 22:44 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-15 22:44 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-15 22:44 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-15 22:44 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-15 22:44 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-15 22:44 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-15 22:44 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 22:44 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-15 22:44 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-15 22:44 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-15 22:44 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-15 22:44 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-15 22:44 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-15 22:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-15 22:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-15 22:43 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-15 22:43 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-15 22:43 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 22:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-15 22:43 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 22:43 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-15 22:43 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-15 22:43 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-15 22:43 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 22:43 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-15 22:42 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 22:42 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-13 13:42 - 2014-10-13 13:43 - 00001200 _____ () C:\DelFix.txt 2014-10-13 12:51 - 2014-10-13 12:52 - 00312744 _____ () C:\Windows\Minidump\101314-26410-01.dmp 2014-10-12 12:01 - 2014-10-12 12:01 - 41612328 _____ () C:\Users\Kaiveman\Desktop\MEI_Intel_VFP83_A00-Setup_ZPE.exe 2014-10-12 12:01 - 2014-10-12 12:01 - 03127136 _____ () C:\Users\Kaiveman\Desktop\Chipset_Intel_W74_MG1JJ_A00-Setup_ZPE.exe 2014-10-12 11:41 - 2014-10-19 12:06 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-10-12 11:41 - 2014-10-12 11:41 - 00004016 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2014-10-12 11:41 - 2014-10-12 11:41 - 00003218 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-10-12 11:41 - 2014-10-12 11:41 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Dell 2014-10-12 11:41 - 2014-10-12 11:41 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows 2014-10-12 11:40 - 2014-10-12 11:41 - 00000000 ____D () C:\Program Files\AlienAutopsy 2014-10-11 21:26 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\Deployment 2014-10-11 21:26 - 2014-10-11 21:26 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2014-10-11 21:26 - 2014-10-11 21:26 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\Apps\2.0 2014-10-11 20:46 - 2011-12-06 15:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2014-10-11 20:44 - 2014-10-11 20:44 - 00000000 ____D () C:\Dell 2014-10-11 14:26 - 2014-10-11 14:26 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2014-10-11 10:37 - 2014-10-11 10:37 - 00000687 _____ () C:\Users\Public\Desktop\Internet Manager.lnk 2014-10-11 10:37 - 2014-10-11 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager 2014-10-11 10:37 - 2013-12-10 07:37 - 00376704 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys 2014-10-11 10:37 - 2013-12-10 07:36 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys 2014-10-11 10:37 - 2013-11-30 11:11 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-10-11 10:37 - 2013-11-30 11:01 - 00456704 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-10-11 10:37 - 2013-11-30 10:55 - 00226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-10-11 10:37 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-10-11 10:37 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-10-11 10:37 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-10-11 10:37 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-10-10 19:15 - 2014-10-10 19:15 - 00353680 _____ () C:\Windows\Minidump\101014-28470-01.dmp 2014-10-10 18:13 - 2014-10-10 18:13 - 00000000 ____D () C:\ProgramData\Internet Manager 2014-10-09 23:37 - 2014-10-09 23:37 - 00001120 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-10-09 23:37 - 2014-10-09 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-10-09 23:37 - 2014-10-09 23:37 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-10-09 22:38 - 2014-10-09 22:38 - 00004726 _____ () C:\Users\Kaiveman\Desktop\ESET.txt 2014-10-08 21:18 - 2014-10-08 21:19 - 00309680 _____ () C:\Windows\Minidump\100814-26504-01.dmp 2014-10-08 19:30 - 2014-10-08 19:30 - 00311816 _____ () C:\Windows\Minidump\100814-21871-01.dmp 2014-10-08 19:17 - 2014-10-08 19:17 - 03868160 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Windows\SysWOW64\Qt5Core.dll 2014-10-08 19:16 - 2014-06-10 12:27 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe 2014-10-08 18:29 - 2014-10-08 18:30 - 00310520 _____ () C:\Windows\Minidump\100814-21590-01.dmp 2014-10-08 17:45 - 2014-10-08 17:45 - 00004261 _____ () C:\Users\Kaiveman\Desktop\mbam.txt 2014-10-08 17:31 - 2014-10-13 13:42 - 00000000 ____D () C:\Windows\ERUNT 2014-10-08 17:01 - 2014-10-19 10:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-08 17:00 - 2014-10-08 17:00 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-08 17:00 - 2014-10-08 17:00 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-08 17:00 - 2014-10-08 17:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-08 17:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-08 17:00 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-08 17:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-07 18:25 - 2014-10-07 18:25 - 00000000 ____D () C:\Windows\erdnt 2014-10-06 22:13 - 2014-10-06 22:13 - 00311848 _____ () C:\Windows\Minidump\100614-19952-01.dmp 2014-10-06 21:48 - 2014-10-06 21:48 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys 2014-10-06 21:39 - 2014-10-06 21:57 - 00000375 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-10-05 10:20 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-10-05 10:20 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-10-05 10:16 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-05 10:16 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-10-05 10:16 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-10-05 10:16 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-10-05 10:16 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-10-05 10:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-10-05 10:16 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-10-05 10:16 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-10-05 10:15 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-10-05 10:15 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-10-05 10:15 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-10-05 10:15 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-10-05 10:15 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-10-04 23:50 - 2014-10-04 23:50 - 00000000 ____D () C:\Users\Kaiveman\Desktop\Ofizierslaufbahn 2014-10-04 23:21 - 2014-10-04 23:21 - 00312064 _____ () C:\Windows\Minidump\100414-19812-01.dmp 2014-10-04 16:01 - 2014-10-04 16:01 - 00311432 _____ () C:\Windows\Minidump\100414-20124-01.dmp 2014-10-04 15:32 - 2014-10-04 15:32 - 00311528 _____ () C:\Windows\Minidump\100414-23088-01.dmp 2014-09-28 22:27 - 2014-09-28 22:27 - 00000000 ____D () C:\Users\Kaiveman\Desktop\âufstriche 2014-09-28 22:27 - 2014-09-28 22:27 - 00000000 ____D () C:\Users\Kaiveman\Desktop\alte dokumente 2014-09-28 22:26 - 2014-09-28 22:27 - 00000000 ____D () C:\Users\Kaiveman\Desktop\musik 2014-09-23 17:08 - 2014-09-23 17:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-09-23 16:33 - 2014-09-23 16:33 - 00000000 ____D () C:\NVIDIA 2014-09-20 19:01 - 2014-10-19 21:06 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-20 17:22 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-09-20 17:22 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-09-20 17:22 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-09-20 17:22 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-09-20 17:22 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-09-20 17:22 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-09-20 17:22 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-09-20 17:22 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-09-20 17:16 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-09-20 17:16 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-09-20 17:16 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-09-20 17:16 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-09-20 17:16 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-09-20 17:16 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-09-20 17:16 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-09-20 17:16 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-09-20 17:16 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-09-20 17:16 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-09-20 17:16 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-09-20 17:16 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-09-20 17:16 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-09-20 17:16 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-09-20 17:16 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-09-20 17:16 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-09-20 17:16 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-09-20 17:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-09-20 17:16 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-09-20 17:16 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-09-20 17:16 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-09-20 17:16 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-09-20 17:16 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-09-20 17:16 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-09-20 17:16 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-09-20 17:16 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-09-20 17:16 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-09-20 17:16 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-09-20 17:16 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-09-20 17:16 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-09-20 17:16 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-09-20 17:16 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-09-20 17:16 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2014-09-20 17:16 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2014-09-20 17:16 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs 2014-09-20 17:16 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-09-20 17:16 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-09-20 17:16 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2014-09-20 17:16 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-09-20 17:16 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-09-20 17:16 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll 2014-09-20 17:16 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2014-09-20 17:16 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2014-09-20 17:16 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-09-20 17:16 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-09-20 17:16 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-09-20 17:16 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2014-09-20 17:15 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-09-20 17:15 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-09-20 17:15 - 2014-02-04 04:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-09-20 17:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-09-20 17:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-09-20 17:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-09-20 17:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-09-20 17:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-09-20 17:15 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-09-20 17:15 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-09-20 17:14 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-09-20 17:14 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-20 17:14 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-09-20 17:14 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 21:07 - 2012-12-11 17:40 - 01397530 _____ () C:\Windows\WindowsUpdate.log 2014-10-19 21:06 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-10-19 21:06 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-10-19 21:04 - 2012-12-12 00:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-19 21:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-10-19 21:02 - 2014-02-20 06:56 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-19 19:57 - 2014-02-23 21:41 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\vlc 2014-10-19 12:05 - 2014-08-30 18:02 - 00000000 ____D () C:\Program Files (x86)\Overwolf 2014-10-19 11:50 - 2014-03-10 21:03 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\Battle.net 2014-10-19 11:25 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-19 11:25 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-19 11:18 - 2014-03-03 13:44 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Skype 2014-10-19 11:18 - 2012-12-12 01:09 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2014-10-19 11:17 - 2014-02-21 17:34 - 00093687 _____ () C:\Windows\setupact.log 2014-10-19 11:17 - 2014-02-20 06:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-19 11:17 - 2012-12-12 01:14 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2014-10-19 11:17 - 2012-12-12 01:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2014-10-19 11:17 - 2011-01-01 19:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-10-19 11:17 - 2011-01-01 01:34 - 00004124 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-19 11:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-18 15:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-18 15:14 - 2014-08-29 21:08 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2014-10-18 14:07 - 2014-02-21 17:33 - 00323326 _____ () C:\Windows\PFRO.log 2014-10-17 20:12 - 2014-08-29 21:08 - 00000000 ____D () C:\Program Files (x86)\Image-Line 2014-10-17 18:23 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-16 17:13 - 2009-07-14 06:45 - 00281840 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-16 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-16 16:50 - 2014-02-27 01:40 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 16:46 - 2014-02-27 01:40 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-15 23:18 - 2014-03-06 14:49 - 00013312 _____ () C:\Users\Kaiveman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-10-15 23:18 - 2014-03-03 19:50 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\DivX 2014-10-15 23:15 - 2014-02-19 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-10-15 23:15 - 2012-12-11 17:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-10-15 23:15 - 2012-12-11 17:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-10-15 23:15 - 2012-12-11 17:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-10-15 23:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-10-15 22:46 - 2014-08-30 18:01 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\TS3Client 2014-10-13 13:50 - 2014-02-20 17:35 - 00000000 ____D () C:\ProgramData\PCDr 2014-10-13 13:31 - 2012-12-12 01:10 - 00000000 ____D () C:\Temp 2014-10-13 12:51 - 2014-07-20 16:39 - 00000000 ____D () C:\Windows\Minidump 2014-10-13 12:51 - 2014-07-20 16:38 - 844334241 _____ () C:\Windows\MEMORY.DMP 2014-10-13 12:02 - 2014-02-20 17:36 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\PCDr 2014-10-12 11:41 - 2012-12-12 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2014-10-11 21:25 - 2011-02-11 12:22 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-10-11 20:46 - 2012-12-11 17:37 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-10-11 14:43 - 2014-02-24 21:19 - 00003800 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager 2014-10-11 14:26 - 2012-12-12 01:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-10-11 14:24 - 2014-03-10 21:04 - 00000000 ____D () C:\download 2014-10-11 10:38 - 2014-07-02 22:03 - 00000000 ____D () C:\ProgramData\DatacardService 2014-10-10 18:20 - 2014-02-19 21:32 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\VirtualStore 2014-10-09 17:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-08 17:21 - 2014-02-19 21:32 - 00001186 _____ () C:\Users\Kaiveman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-07 18:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-10-07 18:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-10-02 17:21 - 2014-02-20 06:56 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-02 17:21 - 2014-02-20 06:56 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-09-27 19:22 - 2014-09-14 19:56 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\dvdcss Some content of TEMP: ==================== C:\Users\Kaiveman\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-18 15:50 ==================== End Of Log ============================ hab keine Ahnung was dieses log aussagt ich werde wenn ich mal festnetz Internet habe das Turtorial ansehen damit ich weiß was es damit auf sich hat man seit mehr als zehn Tagen laber ich dich hier voll danke für die Hilfe |
19.10.2014, 20:34 | #18 |
| Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen bekam die Meldung, dass das Prog nicht akktuel ist habs neu runtergeladen und noch mal gescant hier das neue log
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-10-2014 Ran by Kaiveman (administrator) on KAIVEMAN-PC on 19-10-2014 21:29:40 Running from E:\download Loaded Profile: Kaiveman (Available profiles: Kaiveman) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Check Point Software Technologies Ltd.) E:\tools\CheckPoint\ZoneAlarm\vsmon.exe (AVAST Software) E:\AVAST\AvastSvc.exe (Creative Technology Ltd) C:\WINDOWS\SysWOW64\CtHdaSvc.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe (HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe () C:\ProgramData\DatacardService\HWDeviceService64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\WINDOWS\SysWOW64\PnkBstrA.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Razer Inc.) E:\tools\Razer Game Booster\RzKLService.exe (SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\SftService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesApp64.exe (Check Point Software Technologies, Ltd.) E:\tools\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Toaster.exe (SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe () C:\Program Files (x86)\AlienRespawn\Components\Scheduler\STService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (ZTE) E:\tools\congstar\Internet-Manager\Bin\mcserver.exe (Check Point Software Technologies Ltd.) E:\tools\CheckPoint\ZoneAlarm\zatray.exe (AVAST Software) E:\AVAST\avastui.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () E:\tools\congstar\Internet-Manager\Bin\dbus-daemon.exe () E:\tools\congstar\Internet-Manager\Bin\db_daemon.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe (Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe (Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Alienware) C:\Program Files\Alienware\Command Center\AlienFusionController.exe (Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (VideoLAN) E:\tools\VLC\vlc.exe (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe () E:\tools\Internetstick\Internet Manager.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe (Farbar) E:\download\FRST64 (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ZoneAlarm] => E:\tools\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-08-13] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [AvastUI.exe] => e:\AVAST\AvastUI.exe [4085896 2011-01-01] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3627684862-3205843232-128843101-1001\...\Run: [DellSystemDetect] => C:\Users\Kaiveman\AppData\Local\Apps\2.0\PK1DRX65.AWA\YGYA1RJH.1WJ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-10-19] (Dell) AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll File Not Found AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll File Not Found AppInit_DLLs-x32: c:\WINDOWS\SysWOW64\nvinit.dll => "c:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => "C:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => "C:\Windows\SysWOW64\nvinit.dll" File Not Found ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => e:\AVAST\ashShA64.dll (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3321902&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP0269427E-05E6-4154-AD36-63814BA5B0AD&q={searchTerms}&SSPV= SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> e:\AVAST\aswWebRepIE64.dll (AVAST Software) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> e:\AVAST\aswWebRepIE.dll (AVAST Software) DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\..\Interfaces\{38CA5376-EA40-40BF-8202-D9D6DC967021}: [NameServer] 10.74.210.210 10.74.210.211 Tcpip\..\Interfaces\{A60FD169-2157-463B-9998-0790E9D85AA9}: [NameServer] 10.74.210.210 10.74.210.211 FireFox: ======== FF ProfilePath: C:\Users\Kaiveman\AppData\Roaming\Mozilla\Firefox\Profiles\OPYVtYrl.default FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> E:\tools\java\bin\dtplugin\npDeployJava1.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> E:\tools\java\bin\plugin2\npjp2.dll No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> E:\tools\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Kaiveman\AppData\Roaming\Mozilla\Firefox\Profiles\OPYVtYrl.default\Extensions\abs@avira.com [2011-01-01] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - e:\AVAST\WebRep\FF FF Extension: avast! Online Security - e:\AVAST\WebRep\FF [2011-01-01] Chrome: ======= CHR HomePage: Default -> hxxp://search.zonealarm.com/?src=hp&tbid=HFA5&Lan=DE&gu=751d48a97ff24b9594de504a9c33fd80&tu=10G9z00Ff1D33N0&sku=&tstsId=&ver=& CHR StartupUrls: Default -> "https://www.google.de/" CHR Profile: C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-20] CHR Extension: (Google Drive) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-20] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-13] CHR Extension: (YouTube) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-20] CHR Extension: (Google-Suche) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-20] CHR Extension: (AdBlock) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-02-20] CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2014-08-29] CHR Extension: (Google Wallet) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-20] CHR Extension: (Google Mail) - C:\Users\Kaiveman\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-20] CHR HKCU\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Kaiveman\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-12] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - e:\AVAST\WebRep\Chrome\aswWebRepChrome.crx [2011-01-01] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; e:\AVAST\AvastSvc.exe [50344 2011-01-01] (AVAST Software) S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-12-12] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-12-12] (Creative Labs) [File not signed] R2 CTAudSvcService; c:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-20] (Creative Technology Ltd) [File not signed] R2 CtHdaSvc; C:\Windows\sysWow64\CtHdaSvc.exe [122880 2012-03-28] (Creative Technology Ltd) R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed] R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed] R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [351824 2013-10-28] () S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed] S2 Internet Manager. RunOuc; E:\tools\Internetstick\UpdateDog\ouc.exe [671744 2013-08-16] () [File not signed] R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-02] (Intel Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-02-26] () S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [997664 2014-10-06] (Overwolf LTD) S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed] R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-08-01] () R2 RzKLService; E:\tools\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.) S3 TuneUp.Defrag; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe [607040 2014-02-21] (TuneUp Software) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [1403200 2011-11-21] (TuneUp Software) R2 vsmon; E:\tools\CheckPoint\ZoneAlarm\vsmon.exe [3596752 2014-08-13] (Check Point Software Technologies Ltd.) R2 ZAPrivacyService; E:\tools\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [96272 2014-08-13] (Check Point Software Technologies, Ltd.) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-02-26] (Intel® Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2011-01-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2011-01-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2011-01-01] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2011-01-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2011-01-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2011-01-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2011-01-01] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2011-01-01] () R3 cthda; C:\Windows\System32\drivers\cthda.sys [1052760 2012-03-28] (Creative Technology Ltd) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-06] (Disc Soft Ltd) S3 HSPADataCardusbmdm; C:\Windows\System32\DRIVERS\HSPADataCardusbmdm.sys [122752 2011-08-19] (HSPADataCard Incorporated) S3 HSPADataCardusbnmea; C:\Windows\System32\DRIVERS\HSPADataCardusbnmea.sys [122752 2011-08-19] (HSPADataCard Incorporated) S3 HSPADataCardusbser; C:\Windows\System32\DRIVERS\HSPADataCardusbser.sys [122752 2011-08-19] (HSPADataCard Incorporated) R3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [246272 2013-11-30] (Huawei Technologies Co., Ltd.) R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2014-06-11] (Kaspersky Lab ZAO) U5 klflt; C:\Windows\System32\Drivers\klflt.sys [92768 2014-06-11] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [490592 2014-06-11] (Kaspersky Lab ZAO) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation) S3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek) R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek) R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek) S3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2014-03-06] (Duplex Secure Ltd.) R3 ST_ACCEL; C:\Windows\System32\DRIVERS\ST_ACCEL.sys [67184 2012-01-04] (STMicroelectronics) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [11856 2010-02-24] (TuneUp Software) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.) S3 BANG; \??\C:\Users\Kaiveman\AppData\Local\Temp\BANG.SYS [X] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 NVHDA; system32\drivers\nvhda64v.sys [X] S4 nvkflt; system32\DRIVERS\nvkflt.sys [X] S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X] S4 nvpciflt; \SystemRoot\system32\DRIVERS\nvpciflt.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 21:13 - 2014-10-19 21:29 - 00000000 ____D () C:\FRST 2014-10-19 11:40 - 2014-10-19 11:40 - 00000000 ____D () C:\Windows\pss 2014-10-19 10:45 - 2014-10-19 10:45 - 00001338 _____ () C:\Users\Kaiveman\Desktop\171014 Malewarebytes.txt 2014-10-17 18:49 - 2014-10-17 18:49 - 00004436 _____ () C:\Users\Kaiveman\Desktop\Malwarebytes Anti-Malware protokoll02.txt 2014-10-15 23:31 - 2014-08-19 05:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2014-10-15 23:31 - 2014-08-19 05:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2014-10-15 23:31 - 2014-07-07 04:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2014-10-15 23:31 - 2014-07-07 04:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2014-10-15 23:31 - 2014-07-07 04:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-10-15 23:31 - 2014-07-07 04:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2014-10-15 23:31 - 2014-07-07 04:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2014-10-15 23:31 - 2014-07-07 03:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2014-10-15 23:31 - 2014-07-07 03:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2014-10-15 23:31 - 2014-07-07 03:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2014-10-15 23:31 - 2014-07-07 03:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-10-15 23:31 - 2014-07-07 03:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-10-15 23:31 - 2014-06-28 02:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2014-10-15 23:31 - 2014-06-28 02:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2014-10-15 23:31 - 2014-06-28 02:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2014-10-15 23:30 - 2014-08-19 05:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2014-10-15 23:30 - 2014-08-19 05:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2014-10-15 23:30 - 2014-08-19 05:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2014-10-15 23:30 - 2014-08-19 05:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2014-10-15 23:30 - 2014-08-19 05:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2014-10-15 23:30 - 2014-08-19 05:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2014-10-15 23:30 - 2014-08-19 05:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2014-10-15 23:30 - 2014-08-19 05:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2014-10-15 23:30 - 2014-08-19 04:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2014-10-15 23:30 - 2014-08-19 04:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2014-10-15 23:30 - 2014-08-19 04:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2014-10-15 23:30 - 2014-07-07 04:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2014-10-15 23:30 - 2014-07-07 04:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2014-10-15 23:30 - 2014-07-07 04:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2014-10-15 23:30 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2014-10-15 23:30 - 2014-07-07 04:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2014-10-15 23:30 - 2014-07-07 04:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2014-10-15 23:30 - 2014-07-07 04:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2014-10-15 23:30 - 2014-07-07 04:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2014-10-15 23:30 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2014-10-15 23:30 - 2014-07-07 03:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2014-10-15 23:30 - 2014-07-07 03:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2014-10-15 23:30 - 2014-07-07 03:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2014-10-15 23:30 - 2014-07-07 03:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2014-10-15 23:30 - 2014-07-07 03:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2014-10-15 22:45 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-10-15 22:45 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll 2014-10-15 22:45 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-10-15 22:44 - 2014-10-07 04:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-10-15 22:44 - 2014-10-07 04:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-10-15 22:44 - 2014-09-26 00:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-10-15 22:44 - 2014-09-26 00:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-10-15 22:44 - 2014-09-26 00:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-10-15 22:44 - 2014-09-26 00:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-10-15 22:44 - 2014-09-26 00:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-10-15 22:44 - 2014-09-26 00:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-10-15 22:44 - 2014-09-26 00:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-10-15 22:44 - 2014-09-19 04:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-10-15 22:44 - 2014-09-19 03:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-10-15 22:44 - 2014-09-19 03:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-10-15 22:44 - 2014-09-19 03:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-10-15 22:44 - 2014-09-19 03:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-10-15 22:44 - 2014-09-19 03:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-10-15 22:44 - 2014-09-19 03:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-10-15 22:44 - 2014-09-19 03:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-10-15 22:44 - 2014-09-19 03:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-10-15 22:44 - 2014-09-19 03:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-10-15 22:44 - 2014-09-19 03:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-10-15 22:44 - 2014-09-19 03:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-10-15 22:44 - 2014-09-19 03:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-10-15 22:44 - 2014-09-19 03:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-10-15 22:44 - 2014-09-19 03:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-10-15 22:44 - 2014-09-19 03:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-10-15 22:44 - 2014-09-19 03:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-10-15 22:44 - 2014-09-19 03:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-10-15 22:44 - 2014-09-19 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-10-15 22:44 - 2014-09-19 03:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-10-15 22:44 - 2014-09-19 03:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-10-15 22:44 - 2014-09-19 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-10-15 22:44 - 2014-09-19 03:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-10-15 22:44 - 2014-09-19 03:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-10-15 22:44 - 2014-09-19 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-10-15 22:44 - 2014-09-19 03:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-10-15 22:44 - 2014-09-19 02:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-10-15 22:44 - 2014-09-19 02:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-10-15 22:44 - 2014-09-19 02:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-10-15 22:44 - 2014-09-19 02:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-10-15 22:44 - 2014-09-19 02:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-10-15 22:44 - 2014-09-19 02:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-10-15 22:44 - 2014-09-19 02:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-10-15 22:44 - 2014-09-19 02:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-10-15 22:44 - 2014-09-19 02:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-10-15 22:44 - 2014-09-19 02:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-10-15 22:44 - 2014-09-19 02:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-10-15 22:44 - 2014-09-19 02:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-10-15 22:44 - 2014-09-19 02:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-10-15 22:44 - 2014-09-19 02:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-10-15 22:44 - 2014-09-19 02:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-10-15 22:44 - 2014-09-19 02:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-10-15 22:44 - 2014-09-19 02:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-10-15 22:44 - 2014-09-19 01:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-10-15 22:44 - 2014-09-19 01:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-10-15 22:44 - 2014-09-19 01:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-10-15 22:44 - 2014-09-19 01:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL 2014-10-15 22:44 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL 2014-10-15 22:44 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL 2014-10-15 22:44 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls 2014-10-15 22:44 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls 2014-10-15 22:43 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll 2014-10-15 22:43 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll 2014-10-15 22:43 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll 2014-10-15 22:43 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-10-15 22:43 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-10-15 22:43 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-10-15 22:43 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-10-15 22:43 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-10-15 22:43 - 2014-07-17 03:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-10-15 22:43 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-10-15 22:43 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-10-15 22:43 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-10-15 22:42 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-10-15 22:42 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll 2014-10-13 13:42 - 2014-10-13 13:43 - 00001200 _____ () C:\DelFix.txt 2014-10-13 12:51 - 2014-10-13 12:52 - 00312744 _____ () C:\Windows\Minidump\101314-26410-01.dmp 2014-10-12 12:01 - 2014-10-12 12:01 - 41612328 _____ () C:\Users\Kaiveman\Desktop\MEI_Intel_VFP83_A00-Setup_ZPE.exe 2014-10-12 12:01 - 2014-10-12 12:01 - 03127136 _____ () C:\Users\Kaiveman\Desktop\Chipset_Intel_W74_MG1JJ_A00-Setup_ZPE.exe 2014-10-12 11:41 - 2014-10-19 12:06 - 00003460 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2014-10-12 11:41 - 2014-10-12 11:41 - 00004016 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2014-10-12 11:41 - 2014-10-12 11:41 - 00003218 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest 2014-10-12 11:41 - 2014-10-12 11:41 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Dell 2014-10-12 11:41 - 2014-10-12 11:41 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows 2014-10-12 11:40 - 2014-10-12 11:41 - 00000000 ____D () C:\Program Files\AlienAutopsy 2014-10-11 21:26 - 2014-10-19 12:07 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\Deployment 2014-10-11 21:26 - 2014-10-11 21:26 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell 2014-10-11 21:26 - 2014-10-11 21:26 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\Apps\2.0 2014-10-11 20:46 - 2011-12-06 15:55 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll 2014-10-11 20:44 - 2014-10-11 20:44 - 00000000 ____D () C:\Dell 2014-10-11 14:26 - 2014-10-11 14:26 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader X.lnk 2014-10-11 10:37 - 2014-10-11 10:37 - 00000687 _____ () C:\Users\Public\Desktop\Internet Manager.lnk 2014-10-11 10:37 - 2014-10-11 10:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager 2014-10-11 10:37 - 2013-12-10 07:37 - 00376704 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_wwanecm.sys 2014-10-11 10:37 - 2013-12-10 07:36 - 00121728 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_cdcacm.sys 2014-10-11 10:37 - 2013-11-30 11:11 - 00246272 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys 2014-10-11 10:37 - 2013-11-30 11:10 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys 2014-10-11 10:37 - 2013-11-30 11:01 - 00456704 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys 2014-10-11 10:37 - 2013-11-30 10:55 - 00226176 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys 2014-10-11 10:37 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys 2014-10-11 10:37 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys 2014-10-11 10:37 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys 2014-10-11 10:37 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys 2014-10-10 19:15 - 2014-10-10 19:15 - 00353680 _____ () C:\Windows\Minidump\101014-28470-01.dmp 2014-10-10 18:13 - 2014-10-10 18:13 - 00000000 ____D () C:\ProgramData\Internet Manager 2014-10-09 23:37 - 2014-10-09 23:37 - 00001120 _____ () C:\Users\Public\Desktop\Battle.net.lnk 2014-10-09 23:37 - 2014-10-09 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2014-10-09 23:37 - 2014-10-09 23:37 - 00000000 ____D () C:\Program Files (x86)\Battle.net 2014-10-09 22:38 - 2014-10-09 22:38 - 00004726 _____ () C:\Users\Kaiveman\Desktop\ESET.txt 2014-10-08 21:18 - 2014-10-08 21:19 - 00309680 _____ () C:\Windows\Minidump\100814-26504-01.dmp 2014-10-08 19:30 - 2014-10-08 19:30 - 00311816 _____ () C:\Windows\Minidump\100814-21871-01.dmp 2014-10-08 19:17 - 2014-10-08 19:17 - 03868160 _____ (Digia Plc and/or its subsidiary(-ies)) C:\Windows\SysWOW64\Qt5Core.dll 2014-10-08 19:16 - 2014-06-10 12:27 - 00019392 _____ (Dll-Files.com) C:\Windows\system32\roboot64.exe 2014-10-08 18:29 - 2014-10-08 18:30 - 00310520 _____ () C:\Windows\Minidump\100814-21590-01.dmp 2014-10-08 17:45 - 2014-10-08 17:45 - 00004261 _____ () C:\Users\Kaiveman\Desktop\mbam.txt 2014-10-08 17:31 - 2014-10-13 13:42 - 00000000 ____D () C:\Windows\ERUNT 2014-10-08 17:01 - 2014-10-19 10:43 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-08 17:00 - 2014-10-08 17:00 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-08 17:00 - 2014-10-08 17:00 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-08 17:00 - 2014-10-08 17:00 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-08 17:00 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-08 17:00 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-08 17:00 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-07 18:25 - 2014-10-07 18:25 - 00000000 ____D () C:\Windows\erdnt 2014-10-06 22:13 - 2014-10-06 22:13 - 00311848 _____ () C:\Windows\Minidump\100614-19952-01.dmp 2014-10-06 21:48 - 2014-10-06 21:48 - 00042152 _____ (Connectify) C:\Windows\system32\Drivers\cnnctfy3.sys 2014-10-06 21:39 - 2014-10-06 21:57 - 00000375 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-10-05 10:20 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-10-05 10:20 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-10-05 10:16 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-10-05 10:16 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-10-05 10:16 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-10-05 10:16 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-10-05 10:16 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-10-05 10:16 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-10-05 10:16 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-10-05 10:16 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-10-05 10:15 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-10-05 10:15 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-10-05 10:15 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-10-05 10:15 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-10-05 10:15 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-10-04 23:50 - 2014-10-04 23:50 - 00000000 ____D () C:\Users\Kaiveman\Desktop\Ofizierslaufbahn 2014-10-04 23:21 - 2014-10-04 23:21 - 00312064 _____ () C:\Windows\Minidump\100414-19812-01.dmp 2014-10-04 16:01 - 2014-10-04 16:01 - 00311432 _____ () C:\Windows\Minidump\100414-20124-01.dmp 2014-10-04 15:32 - 2014-10-04 15:32 - 00311528 _____ () C:\Windows\Minidump\100414-23088-01.dmp 2014-09-28 22:27 - 2014-09-28 22:27 - 00000000 ____D () C:\Users\Kaiveman\Desktop\âufstriche 2014-09-28 22:27 - 2014-09-28 22:27 - 00000000 ____D () C:\Users\Kaiveman\Desktop\alte dokumente 2014-09-28 22:26 - 2014-09-28 22:27 - 00000000 ____D () C:\Users\Kaiveman\Desktop\musik 2014-09-23 17:08 - 2014-09-23 17:08 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies 2014-09-23 16:33 - 2014-09-23 16:33 - 00000000 ____D () C:\NVIDIA 2014-09-20 19:01 - 2014-10-19 21:06 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-09-20 17:22 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll 2014-09-20 17:22 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe 2014-09-20 17:22 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll 2014-09-20 17:22 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll 2014-09-20 17:22 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll 2014-09-20 17:22 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys 2014-09-20 17:22 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys 2014-09-20 17:22 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-09-20 17:16 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-09-20 17:16 - 2013-12-04 04:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-09-20 17:16 - 2013-12-04 04:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-09-20 17:16 - 2013-12-04 04:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-09-20 17:16 - 2013-12-04 04:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-09-20 17:16 - 2013-12-04 04:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-09-20 17:16 - 2013-12-04 04:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-09-20 17:16 - 2013-12-04 04:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-09-20 17:16 - 2013-12-04 04:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-09-20 17:16 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-09-20 17:16 - 2013-12-04 04:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-09-20 17:16 - 2013-12-04 04:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-09-20 17:16 - 2013-12-04 03:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-09-20 17:16 - 2013-12-04 03:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-09-20 17:16 - 2013-12-04 03:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-09-20 17:16 - 2013-12-04 03:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-09-20 17:16 - 2013-11-23 20:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-09-20 17:16 - 2013-11-23 19:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-09-20 17:16 - 2013-10-30 04:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll 2014-09-20 17:16 - 2013-10-30 04:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll 2014-09-20 17:16 - 2013-10-04 04:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll 2014-09-20 17:16 - 2013-10-04 04:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll 2014-09-20 17:16 - 2013-10-04 03:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll 2014-09-20 17:16 - 2013-10-04 03:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll 2014-09-20 17:16 - 2013-08-05 04:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys 2014-09-20 17:16 - 2013-07-04 14:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll 2014-09-20 17:16 - 2013-07-04 14:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll 2014-09-20 17:16 - 2013-07-04 13:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll 2014-09-20 17:16 - 2013-07-04 13:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll 2014-09-20 17:16 - 2013-07-04 12:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys 2014-09-20 17:16 - 2013-03-19 07:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll 2014-09-20 17:16 - 2012-12-07 15:20 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll 2014-09-20 17:16 - 2012-12-07 15:15 - 02746368 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll 2014-09-20 17:16 - 2012-12-07 14:26 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll 2014-09-20 17:16 - 2012-12-07 14:20 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll 2014-09-20 17:16 - 2012-12-07 13:20 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs 2014-09-20 17:16 - 2012-12-07 13:20 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs 2014-09-20 17:16 - 2012-12-07 13:19 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs 2014-09-20 17:16 - 2012-12-07 12:46 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs 2014-09-20 17:16 - 2012-10-09 20:17 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll 2014-09-20 17:16 - 2012-10-09 20:17 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll 2014-09-20 17:16 - 2012-10-09 19:40 - 00193536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll 2014-09-20 17:16 - 2012-10-09 19:40 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00303104 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\ncsi.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\nlaapi.dll 2014-09-20 17:16 - 2012-10-03 19:44 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll 2014-09-20 17:16 - 2012-10-03 19:42 - 00569344 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll 2014-09-20 17:16 - 2012-10-03 18:42 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll 2014-09-20 17:16 - 2012-10-03 18:42 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll 2014-09-20 17:16 - 2012-10-03 18:42 - 00018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll 2014-09-20 17:16 - 2012-10-03 18:07 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys 2014-09-20 17:16 - 2012-08-21 23:01 - 00245760 _____ (Microsoft Corporation) C:\Windows\system32\OxpsConverter.exe 2014-09-20 17:16 - 2012-05-01 07:40 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll 2014-09-20 17:16 - 2012-01-13 09:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll 2014-09-20 17:15 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-09-20 17:15 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-09-20 17:15 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-09-20 17:15 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-09-20 17:15 - 2014-02-04 04:37 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-09-20 17:15 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-09-20 17:15 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-09-20 17:15 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-09-20 17:15 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-09-20 17:15 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-09-20 17:15 - 2013-05-10 07:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll 2014-09-20 17:15 - 2013-05-10 05:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll 2014-09-20 17:14 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-09-20 17:14 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-20 17:14 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll 2014-09-20 17:14 - 2013-01-24 08:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-19 21:18 - 2014-02-20 06:56 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-19 21:14 - 2012-12-11 17:40 - 01397530 _____ () C:\Windows\WindowsUpdate.log 2014-10-19 21:06 - 2010-11-21 08:50 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-10-19 21:06 - 2010-11-21 08:50 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-10-19 21:04 - 2012-12-12 00:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-19 21:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-10-19 19:57 - 2014-02-23 21:41 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\vlc 2014-10-19 12:05 - 2014-08-30 18:02 - 00000000 ____D () C:\Program Files (x86)\Overwolf 2014-10-19 11:50 - 2014-03-10 21:03 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\Battle.net 2014-10-19 11:25 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-19 11:25 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-19 11:18 - 2014-03-03 13:44 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Skype 2014-10-19 11:18 - 2012-12-12 01:09 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn 2014-10-19 11:17 - 2014-02-21 17:34 - 00093687 _____ () C:\Windows\setupact.log 2014-10-19 11:17 - 2014-02-20 06:56 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-19 11:17 - 2012-12-12 01:14 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks 2014-10-19 11:17 - 2012-12-12 01:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks 2014-10-19 11:17 - 2011-01-01 19:52 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-10-19 11:17 - 2011-01-01 01:34 - 00004124 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-10-19 11:17 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-18 15:57 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-10-18 15:14 - 2014-08-29 21:08 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line 2014-10-18 14:07 - 2014-02-21 17:33 - 00323326 _____ () C:\Windows\PFRO.log 2014-10-17 20:12 - 2014-08-29 21:08 - 00000000 ____D () C:\Program Files (x86)\Image-Line 2014-10-17 18:23 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-10-16 17:13 - 2009-07-14 06:45 - 00281840 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-10-16 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-10-16 17:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-10-16 16:50 - 2014-02-27 01:40 - 00000000 ____D () C:\Windows\system32\MRT 2014-10-16 16:46 - 2014-02-27 01:40 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-10-15 23:18 - 2014-03-06 14:49 - 00013312 _____ () C:\Users\Kaiveman\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-10-15 23:18 - 2014-03-03 19:50 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\DivX 2014-10-15 23:15 - 2014-02-19 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2014-10-15 23:15 - 2012-12-11 17:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation 2014-10-15 23:15 - 2012-12-11 17:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2014-10-15 23:15 - 2012-12-11 17:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation 2014-10-15 23:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help 2014-10-15 22:46 - 2014-08-30 18:01 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\TS3Client 2014-10-13 13:50 - 2014-02-20 17:35 - 00000000 ____D () C:\ProgramData\PCDr 2014-10-13 13:31 - 2012-12-12 01:10 - 00000000 ____D () C:\Temp 2014-10-13 12:51 - 2014-07-20 16:39 - 00000000 ____D () C:\Windows\Minidump 2014-10-13 12:51 - 2014-07-20 16:38 - 844334241 _____ () C:\Windows\MEMORY.DMP 2014-10-13 12:02 - 2014-02-20 17:36 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\PCDr 2014-10-12 11:41 - 2012-12-12 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Alienware 2014-10-11 21:25 - 2011-02-11 12:22 - 01594892 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-10-11 20:46 - 2012-12-11 17:37 - 00000000 ____D () C:\Program Files (x86)\Intel 2014-10-11 14:43 - 2014-02-24 21:19 - 00003800 _____ () C:\Windows\System32\Tasks\Adobe Reader and Acrobat Manager 2014-10-11 14:26 - 2012-12-12 01:15 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2014-10-11 14:24 - 2014-03-10 21:04 - 00000000 ____D () C:\download 2014-10-11 10:38 - 2014-07-02 22:03 - 00000000 ____D () C:\ProgramData\DatacardService 2014-10-10 18:20 - 2014-02-19 21:32 - 00000000 ____D () C:\Users\Kaiveman\AppData\Local\VirtualStore 2014-10-09 17:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-10-08 17:21 - 2014-02-19 21:32 - 00001186 _____ () C:\Users\Kaiveman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-07 18:26 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-10-07 18:25 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-10-02 17:21 - 2014-02-20 06:56 - 00004120 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-10-02 17:21 - 2014-02-20 06:56 - 00003868 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-09-27 19:22 - 2014-09-14 19:56 - 00000000 ____D () C:\Users\Kaiveman\AppData\Roaming\dvdcss Some content of TEMP: ==================== C:\Users\Kaiveman\AppData\Local\Temp\nvStInst.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-18 15:50 ==================== End Of Log ============================ |
20.10.2014, 17:38 | #19 |
/// the machine /// TB-Ausbilder | Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-3627684862-3205843232-128843101-1001\...\Run: [DellSystemDetect] => C:\Users\Kaiveman\AppData\Local\Apps\2.0\PK1DRX65.AWA\YGYA1RJH.1WJ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-10-19] (Dell) AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll File Not Found AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll File Not Found AppInit_DLLs-x32: c:\WINDOWS\SysWOW64\nvinit.dll => "c:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => "C:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => "C:\Windows\SysWOW64\nvinit.dll" File Not Found Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Viel zu viel unnötige Software drauf. TuneUp, ZoneAlarm.....
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.10.2014, 22:32 | #20 |
| Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchenCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-10-2014 Ran by Kaiveman at 2014-10-20 19:24:26 Run:1 Running from E:\download Loaded Profile: Kaiveman (Available profiles: Kaiveman) Boot Mode: Normal ============================================== Content of fixlist: ***************** HKU\S-1-5-21-3627684862-3205843232-128843101-1001\...\Run: [DellSystemDetect] => C:\Users\Kaiveman\AppData\Local\Apps\2.0\PK1DRX65.AWA\YGYA1RJH.1WJ\dell..tion_e30b47f5d4a30e9e_0005.000c_1df9a4898fae00de\DellSystemDetect.exe [264488 2014-10-19] (Dell) AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll File Not Found AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll File Not Found AppInit_DLLs-x32: c:\WINDOWS\SysWOW64\nvinit.dll => "c:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => "C:\WINDOWS\SysWOW64\nvinit.dll" File Not Found AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => "C:\Windows\SysWOW64\nvinit.dll" File Not Found ***************** HKU\S-1-5-21-3627684862-3205843232-128843101-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DellSystemDetect => value deleted successfully. ==== End of Fixlog ==== welche Software empfiehlst du denn? |
21.10.2014, 18:37 | #21 |
/// the machine /// TB-Ausbilder | Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen Naja, oben genannten Kram auf jeden Fall runter. Dann musste mal sagen was Du für Software suchst.
__________________ --> Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen |
23.10.2014, 17:54 | #22 |
| Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen so hab die beiden Dinger raus gehauen. ich hätte gerne ein anständiges Antiviren prog aber malewarebytes scheint ganz vernünftig zu sein desweiteren hätte ich gerne eine gute Firewall die progs überwacht und mir meldet wenn was verdächtig ist. habe immer noch Probleme, hin und wieder hängt sich der Laptop auf und der explorer reagiert nicht mehr, der Taskmanager reagiert zwar aber ich kann keine tasks beenden und beim runterfahren wird der explorer deaktiviert aber das desktop bild sehe ich noch |
24.10.2014, 09:57 | #23 |
/// the machine /// TB-Ausbilder | Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen MBAM Free für ab und zu scannen reicht, Windows Firewall reicht. Als AV empfehle ich immer Emsisoft.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
26.10.2014, 12:01 | #24 |
| Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen Habe alles so gemacht wies da steht aber beim Hochfahren muss ich immer noch gefühlte 100 Jahre warten bis ich im Windows was machen kann. welches Log brauchst du? kann doch nicht angehen immer nur Probleme auf einmal ruckelt mein spiel so stark das es unspielbar wird. ich setzt die Maschiene gleich auf werkzustand zurück. um 14 uhr wollte ich ein tournier um 200 € spielen ja toll sscheiß viren und son schrott |
26.10.2014, 18:35 | #25 |
/// the machine /// TB-Ausbilder | Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen Nix Viren, Zurücksetzen oder sauber Neu installieren. Und mal das Surf und Downloadverhalten überdenken
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
13.11.2014, 22:02 | #26 |
| Laptop Monate lang dem Internet ausgesetzt ohne Schutzprogramme soweit läuft alles sauber vielen dank schrauber |
14.11.2014, 18:33 | #27 |
/// the machine /// TB-Ausbilder | Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Zone Alarm Antivirus wird ausgeschaltet und lässt sich nicht einschalten/ Online Games und Webseiten mit Passwort lassen sich nicht besuchen |
blockiert, bluescreen 0x0000003b, fehlercode 0x5, fehlercode 0xc0000005, fehlercode windows, infizierte, mail.de, online games, programme, pup.optional.awesomehp.a, pup.optional.feven.a, pup.optional.hqvideo.a, pup.optional.iepluginservice.a, pup.optional.qone8, pup.optional.remarkit.a, pup.optional.suptab.a, trojan.backdoor, win32/toolbar.montiera.b, zertifikate, zone alarm |